Retrieval Pivot Attacks in Hybrid RAG: Measuring and Mitigating Amplified Leakage from Vector Seeds to Graph Expansion
Part of:Context Engineering
The scare statistic: roughly 95% of benign queries leaked cross-tenant data in a hybrid RAG corpus, not from attackers but from organic entity connections. A shared employee name or supplier is a bridge between two customers' documents, and graph expansion walks straight across it. Read before designing anything customer-facing; the fix (authorisation enforced at the graph-expansion boundary) is cheap, but only if you know you need it.