From 4835766ae5e225653d6f90854b54201abe18b148 Mon Sep 17 00:00:00 2001
From: JEAN REGIS <240509606@firat.edu.tr>
Date: Thu, 2 Apr 2026 20:33:59 +0300
Subject: [PATCH] fix(chat): reject None vendor_id before task_data
 construction

Root cause:
vendor_id: int type hint is not enforced at runtime; LLM-supplied null
bypasses all checks and is written directly into task_data.

Solution:
Add an `is None` guard immediately after the background_tasks check,
returning {"error": "vendor_id is required"} before any dispatch occurs.

Impact:
No breaking changes. Callers with valid vendor_id are unaffected.
Deterministic early return. Zero orchestrator side effects on None input.


Signed-off-by: JEAN REGIS <240509606@firat.edu.tr>
---
 finbot/agents/chat.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/finbot/agents/chat.py b/finbot/agents/chat.py
index ba2a0bd7..3574288c 100644
--- a/finbot/agents/chat.py
+++ b/finbot/agents/chat.py
@@ -190,6 +190,9 @@ async def _call_start_workflow(
         if not self.background_tasks:
             return json.dumps({"error": "Workflow engine not available"})
 
+        if vendor_id is None:
+            return json.dumps({"error": "vendor_id is required"})
+
         from finbot.agents.runner import (
             run_orchestrator_agent,  # pylint: disable=import-outside-toplevel
         )