Egemma — Audit Report
Repository: Findit-AI/egemma
Date: 2026-05-09
Source files: 13 .rs files, 2,465 lines
Tests: 36 new audit tests pass
Summary
Egemma provides embedding operations, likely for the Gemma model family. The crate handles embedding construction, normalization, and similarity computation.
Overall Assessment: LOW RISK — clean implementation with good type safety.
| Severity |
Count |
| CRITICAL |
0 |
| HIGH |
0 |
| MEDIUM |
1 |
| LOW |
2 |
| SUGGESTION |
3 |
MEDIUM Issues
M-001: Embedding dimension validation only at construction
File: src/lib.rs
Description: Embedding dimensions are validated at try_new() but not enforced at the type level. Users could theoretically construct embeddings of different dimensions and attempt comparison, which would fail at runtime rather than compile time.
LOW Issues
L-001: cosine_similarity returns f32 but computation uses f32
File: src/lib.rs
Description: For very high-dimensional embeddings, the dot product accumulation could lose precision. Consider using f64 for intermediate computation.
L-002: No Display implementation for Embedding
File: src/lib.rs
Description: Cannot easily print embeddings for debugging.
SUGGESTION
- Consider generic const embedding dimensions for compile-time safety
- Add
Display implementation for debugging
- Consider
f64 intermediate accumulation for high-dimensional embeddings
Test Results
audit_tests: 36 passed, 0 failed
Files Created
tests/audit_tests.rs — 36 edge-case and validation tests
Egemma — Audit Report
Repository: Findit-AI/egemma
Date: 2026-05-09
Source files: 13 .rs files, 2,465 lines
Tests: 36 new audit tests pass
Summary
Egemma provides embedding operations, likely for the Gemma model family. The crate handles embedding construction, normalization, and similarity computation.
Overall Assessment: LOW RISK — clean implementation with good type safety.
MEDIUM Issues
M-001: Embedding dimension validation only at construction
File:
src/lib.rsDescription: Embedding dimensions are validated at
try_new()but not enforced at the type level. Users could theoretically construct embeddings of different dimensions and attempt comparison, which would fail at runtime rather than compile time.LOW Issues
L-001:
cosine_similarityreturnsf32but computation usesf32File:
src/lib.rsDescription: For very high-dimensional embeddings, the dot product accumulation could lose precision. Consider using
f64for intermediate computation.L-002: No
Displayimplementation forEmbeddingFile:
src/lib.rsDescription: Cannot easily print embeddings for debugging.
SUGGESTION
Displayimplementation for debuggingf64intermediate accumulation for high-dimensional embeddingsTest Results
Files Created
tests/audit_tests.rs— 36 edge-case and validation tests