Summary
GeoSentinel's identity-search routes fabricate criminal-record and reverse-image similarity data when real evidence is missing, returning invented watchlist-style records and random similarity percentages as if they were substantive findings.
Evidence
Why this matters
This is higher-risk than a broken search. The application emits law-enforcement-like records and similarity scores that appear evidentiary but are not derived from a real matching model or source contract.
Attack or failure scenario
An operator searches a person or uploads a photo and receives multiple plausible-looking criminal or facial-match records with percentages, statuses, and institutional sources. Those synthetic values can then be copied into notes, screenshots, or investigative decisions as if they were factual.
Root cause
The product preserves the appearance of search success by generating synthetic records and confidence values instead of returning an empty or degraded state.
Recommended fix
- Remove simulated person-record generation from production search responses.
- Remove random similarity percentages unless a provider or model actually returns a calibrated score.
- Return explicit
no verified matches / source unavailable states when evidence is absent.
- Add tests guaranteeing that empty upstream results never become fabricated investigative records.
Acceptance criteria
- Identity-search routes no longer invent criminal/intelligence records.
- Similarity/confidence values are only shown when sourced from a real provider or model.
- Empty-result behavior is explicit and test-covered.
Suggested labels
- bug
- reliability
- production-readiness
- architecture
Priority
P1 (High)
Severity
High — the route manufactures investigative evidence and confidence signals instead of surfacing uncertainty.
Confidence
Confirmed — synthetic records and random percentages are explicit in source.
Summary
GeoSentinel's identity-search routes fabricate criminal-record and reverse-image similarity data when real evidence is missing, returning invented watchlist-style records and random similarity percentages as if they were substantive findings.
Evidence
Why this matters
This is higher-risk than a broken search. The application emits law-enforcement-like records and similarity scores that appear evidentiary but are not derived from a real matching model or source contract.
Attack or failure scenario
An operator searches a person or uploads a photo and receives multiple plausible-looking criminal or facial-match records with percentages, statuses, and institutional sources. Those synthetic values can then be copied into notes, screenshots, or investigative decisions as if they were factual.
Root cause
The product preserves the appearance of search success by generating synthetic records and confidence values instead of returning an empty or degraded state.
Recommended fix
no verified matches/source unavailablestates when evidence is absent.Acceptance criteria
Suggested labels
Priority
P1 (High)
Severity
High — the route manufactures investigative evidence and confidence signals instead of surfacing uncertainty.
Confidence
Confirmed — synthetic records and random percentages are explicit in source.