Add a security disclaimer for agentic memory #11407
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
b4sjoo
requested review from
AMoo-Miki,
dlvenable,
epugh,
kolchfa-aws,
natebower and
sumobrian
as code owners
|
Thank you for submitting your PR. The PR states are In progress (or Draft) -> Tech review -> Doc review -> Editorial review -> Merged. Before you submit your PR for doc review, make sure the content is technically accurate. If you need help finding a tech reviewer, tag a maintainer. When you're ready for doc review, tag the assignee of this PR. The doc reviewer may push edits to the PR directly or leave comments and editorial suggestions for you to address (let us know in a comment if you have a preference). The doc reviewer will arrange for an editorial review. |
kolchfa-aws
requested changes
Oct 24, 2025
There was a problem hiding this comment.
Thanks, @b4sjoo. Please format this as a warning:
> ****DISCLAIMER****
>
> Lines before the list
> * list item 1
> * list item 2
{: .warning}
| Currently, agentic memory is designed for integration with external agent frameworks like LangChain and LangGraph. OpenSearch's internal [agents]({{site.url}}{{site.baseurl}}/ml-commons-plugin/agents-tools/agents/) cannot interact with agentic memory. | ||
| {: .note} | ||
|
|
||
| ## Disclaimer |
There was a problem hiding this comment.
Suggested change
| ## Disclaimer |
| {: .note} | ||
|
|
||
| ## Disclaimer | ||
| Please be advised that the Agentic Memory capability within OpenSearch is provided as a **framework** designed to empower developers to build and manage memory for AI agents. As the administrator or owner of a memory container, you are solely responsible for the configuration, management, and security of your implementation. |
There was a problem hiding this comment.
Suggested change
| Please be advised that the Agentic Memory capability within OpenSearch is provided as a **framework** designed to empower developers to build and manage memory for AI agents. As the administrator or owner of a memory container, you are solely responsible for the configuration, management, and security of your implementation. | |
| The agentic memory capability in OpenSearch is provided as a framework that enables you to build and manage memory for AI agents. As the administrator or owner of a memory container, you are responsible for the configuration, management, and security of your implementation. |
|
|
||
| ## Disclaimer | ||
| Please be advised that the Agentic Memory capability within OpenSearch is provided as a **framework** designed to empower developers to build and manage memory for AI agents. As the administrator or owner of a memory container, you are solely responsible for the configuration, management, and security of your implementation. | ||
| Specifically, you are responsible for the following: |
There was a problem hiding this comment.
Suggested change
| Specifically, you are responsible for the following: | |
| You are responsible for the following: | |
| ## Disclaimer | ||
| Please be advised that the Agentic Memory capability within OpenSearch is provided as a **framework** designed to empower developers to build and manage memory for AI agents. As the administrator or owner of a memory container, you are solely responsible for the configuration, management, and security of your implementation. | ||
| Specifically, you are responsible for the following: | ||
| 1. **Data Access Control:** You are responsible for implementing and enforcing all necessary data access controls for the conversation data stored within the memory container. This includes, but is not limited to, configuring appropriate index-level permissions, document-level security (DLS), or other mechanisms to restrict access. This responsibility is especially critical when the use_system_index option is set to false, as data will be stored in a standard index that requires explicit permission management. |
There was a problem hiding this comment.
Suggested change
| 1. **Data Access Control:** You are responsible for implementing and enforcing all necessary data access controls for the conversation data stored within the memory container. This includes, but is not limited to, configuring appropriate index-level permissions, document-level security (DLS), or other mechanisms to restrict access. This responsibility is especially critical when the use_system_index option is set to false, as data will be stored in a standard index that requires explicit permission management. | |
| - Data access control: Implement and enforce all necessary data access controls for the conversation data stored within the memory container. This includes, but is not limited to, configuring appropriate index-level permissions, document-level security (DLS), or other mechanisms to restrict access. This responsibility is especially critical when the use_system_index option is set to false, because data will be stored in a standard index that requires explicit permission management. |
| Please be advised that the Agentic Memory capability within OpenSearch is provided as a **framework** designed to empower developers to build and manage memory for AI agents. As the administrator or owner of a memory container, you are solely responsible for the configuration, management, and security of your implementation. | ||
| Specifically, you are responsible for the following: | ||
| 1. **Data Access Control:** You are responsible for implementing and enforcing all necessary data access controls for the conversation data stored within the memory container. This includes, but is not limited to, configuring appropriate index-level permissions, document-level security (DLS), or other mechanisms to restrict access. This responsibility is especially critical when the use_system_index option is set to false, as data will be stored in a standard index that requires explicit permission management. | ||
| 2. **Custom System Prompt Management:** If you opt to use a customized system prompt instead of the default, you are solely responsible for the content, management, and behavior of that prompt. OpenSearch is not responsible for the outputs or interactions resulting from user-defined system prompts. |
There was a problem hiding this comment.
Suggested change
| 2. **Custom System Prompt Management:** If you opt to use a customized system prompt instead of the default, you are solely responsible for the content, management, and behavior of that prompt. OpenSearch is not responsible for the outputs or interactions resulting from user-defined system prompts. | |
| - Custom system prompt management: If you choose to use a customized system prompt instead of the default, you are responsible for the content, management, and behavior of that prompt. OpenSearch is not responsible for the outputs or interactions resulting from user-defined system prompts. | |
| Specifically, you are responsible for the following: | ||
| 1. **Data Access Control:** You are responsible for implementing and enforcing all necessary data access controls for the conversation data stored within the memory container. This includes, but is not limited to, configuring appropriate index-level permissions, document-level security (DLS), or other mechanisms to restrict access. This responsibility is especially critical when the use_system_index option is set to false, as data will be stored in a standard index that requires explicit permission management. | ||
| 2. **Custom System Prompt Management:** If you opt to use a customized system prompt instead of the default, you are solely responsible for the content, management, and behavior of that prompt. OpenSearch is not responsible for the outputs or interactions resulting from user-defined system prompts. | ||
| Failure to properly configure and secure your Agentic Memory implementation may result in unauthorized data access, data leakage, or unintended agent behavior. |
There was a problem hiding this comment.
Suggested change
| Failure to properly configure and secure your Agentic Memory implementation may result in unauthorized data access, data leakage, or unintended agent behavior. | |
| Failure to properly configure and secure your agentic memory implementation may result in unauthorized data access, data leakage, or unintended agent behavior. |
|
@b4sjoo Also, please fix DCO |
|
As a note prior to editorial, please don't label this a "disclaimer". A heading such as "Important", "Usage considerations", "Before you begin", or "User responsibilities" would be more appropriate. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Describe what this change achieves.
Add a security disclaimer for our agentic memory framework introduced in 3.3
Issues Resolved
Closes #11405
Version
3.3
Frontend features
If you're submitting documentation for an OpenSearch Dashboards feature, add a video that shows how a user will interact with the UI step by step. A voiceover is optional.
Checklist
For more information on following Developer Certificate of Origin and signing off your commits, please check here.