fix(ai): address PR #4 review findings for safety, security, and routing

- Separate ObjectBox lookup from query routing so storage errors no
  longer bypass emergency/off-topic detection (safety-critical)
- Guard Bearer token to trusted Hugging Face hosts only, preventing
  token leakage to arbitrary download URLs
- Tighten personal-lab regex patterns to require medical terms after
  possessive pronouns, fixing false positives like "is my code correct"
- Make QueryRouter resolve the intent classifier lazily via getter so
  Stage 2 embedding classification activates once loaded, not only if
  ready at screen init
- Wrap HNSW query in try/finally to prevent resource leak on error
- Fix emergency number to list both 911/112 for multi-region support
- Correct "HuggingFace" brand spelling to "Hugging Face"
- Remove unused routingFailedLog constant

Author: priyavratuniyal

lib/constants/llm_strings.dart

@@ -69,7 +69,7 @@ abstract final class LlmStrings {
   /// Info banner text explaining common issues.
   static const String hfTokenInfoMessage =
       'Having a token does not guarantee access. You must also:\n'
-      '  1. Accept the model\'s license on its HuggingFace page\n'
+      '  1. Accept the model\'s license on its Hugging Face page\n'
       '  2. Ensure your token has "Read" permission\n\n'
       'If downloads fail with 401/403 errors after adding a token, visit '
       'the model page and accept the license agreement, then retry.';
@@ -98,10 +98,6 @@ abstract final class LlmStrings {
   static const String persistenceWarning =
       'Could not save chat history for one or more messages.';
 
-  /// Debug log when query routing fails.
-  static const String routingFailedLog =
-      'Query routing failed, falling through to LLM: ';
-
   /// Debug log when retrying after empty/failed generation.
   static const String retryingGenerationLog =
       'Generation produced empty/failed output, retrying once';

lib/constants/response_templates.dart

@@ -6,7 +6,7 @@ abstract final class ResponseTemplates {
   /// Shown when the user describes potentially urgent symptoms.
   static const String emergencyEscalation =
       'Your message may describe a medical emergency. '
-      'Please contact emergency services (112) or visit your nearest '
+      'Please contact your local emergency services (e.g., 911/112) or visit your nearest '
       'emergency room immediately.\n\n'
       'Koshika is a lab-report assistant and cannot provide emergency '
       'medical guidance.';

lib/screens/chat_screen.dart

@@ -60,7 +60,7 @@ class _ChatScreenState extends State<ChatScreen> {
     super.initState();
     _contextBuilder = ChatContextBuilder(vectorStore: vectorStoreService);
     _initIntentClassifier();
-    _queryRouter = QueryRouter(classifier: _intentClassifier);
+    _queryRouter = QueryRouter(classifierGetter: () => _intentClassifier);
     _statusSubscription = llmService.modelStatusStream.listen((info) {
       if (mounted) {
         setState(() => _modelInfo = info);
@@ -330,23 +330,24 @@ class _ChatScreenState extends State<ChatScreen> {
     // history-aware routing and prompt injection.
     final history = _buildConversationHistory();
 
-    // Route the query — may short-circuit with a deterministic response
-    late final QueryRouteResult routeResult;
+    // Route the query — may short-circuit with a deterministic response.
+    // Lab-data lookup is separated from routing so that an ObjectBox error
+    // doesn't bypass safety-critical emergency/off-topic detection.
+    var hasLabData = false;
     try {
-      final hasLabData = objectbox.getLatestResults().isNotEmpty;
-      routeResult = await _queryRouter.route(
-        text,
-        hasLabData: hasLabData,
-        conversationHistory: history,
-      );
+      hasLabData = objectbox.getLatestResults().isNotEmpty;
     } catch (e) {
-      // If routing fails (e.g. ObjectBox error), fall through to LLM
-      debugPrint('${LlmStrings.routingFailedLog}$e');
-      routeResult = const QueryRouteResult(
-        decision: QueryDecision.answerGeneralHealth,
+      debugPrint(
+        'Lab data lookup failed; assuming no lab data for routing: $e',
       );
     }
 
+    final routeResult = await _queryRouter.route(
+      text,
+      hasLabData: hasLabData,
+      conversationHistory: history,
+    );
+
     if (!routeResult.requiresLlm) {
       if (mounted) {
         _addDeterministicResponse(

lib/services/intent_prefilter.dart

@@ -67,11 +67,12 @@ abstract final class IntentPrefilter {
 
   /// Phrases that explicitly reference the user's own reports or results.
   static final _personalLabPatterns = [
-    // Explicit report/result references (English)
-    RegExp(r'lab\s*report', caseSensitive: false),
-    RegExp(r'test\s*result', caseSensitive: false),
-    RegExp(r'blood\s*test', caseSensitive: false),
-    RegExp(r'blood\s*work', caseSensitive: false),
+    // Possessive + report/result references (English + Hinglish)
+    // "my lab report", "mera test result", "my blood test"
+    RegExp(
+      '$_possessive\\s+(lab\\s*report|test\\s*results?|blood\\s*test|blood\\s*work)\\b',
+      caseSensitive: false,
+    ),
 
     // Possessive + generic result words (English + Hinglish)
     RegExp(
@@ -83,15 +84,24 @@ abstract final class IntentPrefilter {
     // "my cholesterol", "mera sugar", "meri thyroid"
     RegExp('$_possessive\\s+$_biomarkerAlt\\b', caseSensitive: false),
 
-    // "is my ... high/low/normal" (English)
-    RegExp(r'is\s+my\b', caseSensitive: false),
-    // "why is my ... high/low"
-    RegExp(r'why\s+(is|are)\s+my\b', caseSensitive: false),
-    // "show me my", "check my"
-    RegExp(r'(show|check|tell)\s*(me\s+)?my\b', caseSensitive: false),
+    // "is my <medical term> high/low/normal" (English)
+    RegExp(
+      'is\\s+$_possessive\\s+($_biomarkerAlt|report|results?|levels?|values?|numbers?|test)\\b',
+      caseSensitive: false,
+    ),
+    // "why is my <medical term> high/low"
+    RegExp(
+      'why\\s+(is|are)\\s+$_possessive\\s+($_biomarkerAlt|report|results?|levels?|values?|numbers?|test)\\b',
+      caseSensitive: false,
+    ),
+    // "show me my <medical term>", "check my <medical term>"
+    RegExp(
+      '(show|check|tell)\\s*(me\\s+)?$_possessive\\s+($_biomarkerAlt|report|results?|levels?|values?|numbers?|test)\\b',
+      caseSensitive: false,
+    ),
 
     // Hinglish report phrases
-    // "meri report dikhao", "report dikhao", "mera report"
+    // "meri report dikhao", "mera report"
     RegExp('$_possessive\\s*report', caseSensitive: false),
     // "kitna hai" / "kitni hai" (how much is) — common Hinglish question form
     RegExp('$_biomarkerAlt\\s*(kitna|kitni|kitne)\\b', caseSensitive: false),
@@ -102,7 +112,7 @@ abstract final class IntentPrefilter {
     // Only match medical compound units — excludes bare "g", "%", "ml" to
     // avoid false positives like "5g network", "100% sure", "500ml water".
     RegExp(
-      r'\d+\.?\d*\s*(mg/dl|mg/l|mmol/l|mmol|miu/l|miu/ml|iu/l|iu/ml|µg/dl|µg/l|ng/ml|ng/dl|pg/ml|g/dl|g/l|meq/l|u/l|cells/cumm|lakh|thousand)',
+      r'\d+\.?\d*\s*(mg/dl|mg/l|mmol/l|mmol|miu/l|miu/ml|iu/l|iu/ml|µg/dl|µg/l|ng/ml|ng/dl|pg/ml|g/dl|g/l|meq/l|u/l|cells/cumm)',
       caseSensitive: false,
     ),
   ];

lib/services/model_downloader.dart

@@ -88,8 +88,14 @@ class ModelDownloader {
         startByte = tempFile.lengthSync();
       }
 
-      final request = await _client!.getUrl(Uri.parse(url));
-      if (authToken != null && authToken.isNotEmpty) {
+      final uri = Uri.parse(url);
+      final request = await _client!.getUrl(uri);
+      final shouldAttachAuth =
+          authToken != null &&
+          authToken.isNotEmpty &&
+          uri.scheme == 'https' &&
+          _isTrustedHfHost(uri.host);
+      if (shouldAttachAuth) {
         request.headers.add(
           HttpHeaders.authorizationHeader,
           'Bearer $authToken',
@@ -184,4 +190,16 @@ class ModelDownloader {
     _cancelled = true;
     _client?.close(force: true);
   }
+
+  /// Whether [host] belongs to a known Hugging Face domain.
+  static bool _isTrustedHfHost(String host) {
+    final normalized = host.toLowerCase();
+    const trustedHosts = {
+      'huggingface.co',
+      'hf.co',
+      'cdn-lfs.huggingface.co',
+      'cdn-lfs-us-1.huggingface.co',
+    };
+    return trustedHosts.contains(normalized);
+  }
 }

lib/services/query_router.dart

@@ -13,13 +13,16 @@ import 'llm_service.dart';
 /// This is a class (not static) because the embedding classifier is injected
 /// as an optional constructor dependency.
 class QueryRouter {
-  final IntentClassifier? _classifier;
+  final IntentClassifier? Function() _classifierGetter;
 
-  /// Create a router with an optional Stage 2 embedding classifier.
+  /// Create a router with a lazy Stage 2 embedding classifier.
   ///
-  /// When [classifier] is null or not ready, falls back to Stage 1
-  /// (regex/keyword) only.
-  QueryRouter({IntentClassifier? classifier}) : _classifier = classifier;
+  /// [classifierGetter] is called at route time so the classifier can become
+  /// available after the router is constructed (e.g. once embeddings load).
+  /// When the getter returns null or the classifier isn't ready, falls back
+  /// to Stage 1 (regex/keyword) only.
+  QueryRouter({required IntentClassifier? Function() classifierGetter})
+    : _classifierGetter = classifierGetter;
 
   /// Classify the [message] and decide how to respond.
   ///
@@ -123,8 +126,8 @@ class QueryRouter {
       }
     }
 
-    // Fall through to Stage 2 classifier
-    final classifier = _classifier;
+    // Fall through to Stage 2 classifier (resolved lazily)
+    final classifier = _classifierGetter();
     if (classifier == null || !classifier.isReady) {
       // No Stage 2 — default to general health (safe fallback)
       return _applyStrictnessMode(

lib/services/vector_store_service.dart

@@ -75,24 +75,26 @@ class VectorStoreService {
           )
           .build();
 
-      final results = hnswQuery.find();
-      hnswQuery.close();
-
-      return results.map((r) {
-        final docId = '${r.biomarkerKey}_${r.report.targetId}';
-        return RetrievalResult(
-          id: docId,
-          content: _buildChunkText(r),
-          metadata: jsonEncode({
-            'biomarkerKey': r.biomarkerKey,
-            'reportId': r.report.targetId,
-            'flag': r.flag.name,
-            'category': r.category,
-            'testDate': r.testDate.toIso8601String(),
-            'labName': r.report.target?.labName,
-          }),
-        );
-      }).toList();
+      try {
+        final results = hnswQuery.find();
+        return results.map((r) {
+          final docId = '${r.biomarkerKey}_${r.report.targetId}';
+          return RetrievalResult(
+            id: docId,
+            content: _buildChunkText(r),
+            metadata: jsonEncode({
+              'biomarkerKey': r.biomarkerKey,
+              'reportId': r.report.targetId,
+              'flag': r.flag.name,
+              'category': r.category,
+              'testDate': r.testDate.toIso8601String(),
+              'labName': r.report.target?.labName,
+            }),
+          );
+        }).toList();
+      } finally {
+        hnswQuery.close();
+      }
     } catch (e) {
       debugPrint('VectorStoreService.search failed: $e');
       return [];

test/services/query_router_test.dart

@@ -9,7 +9,7 @@ void main() {
 
   setUp(() {
     // No classifier — tests Stage 1 (regex-only) routing
-    router = QueryRouter();
+    router = QueryRouter(classifierGetter: () => null);
   });
 
   group('QueryRouter.route', () {