Bug
evaluateAccountPolicy clamps the supplied riskScore with Math.min/Math.max, but NaN remains NaN. riskBandForScore(NaN) then falls through to low, so a matching grant can allow the action instead of failing closed. Negative infinity similarly clamps to zero.
Reproduction
Call evaluateAccountPolicy with a matching grant and riskScore: Number.NaN (or Number.NEGATIVE_INFINITY). The result can be allow with a non-finite/low score.
Expected
Non-finite externally supplied risk scores should fail closed by normalizing them to the maximum risk score before policy evaluation.
Proposed fix
Normalize non-finite risk values to 1, retain the existing [0, 1] clamp for finite values, and add regression coverage for NaN and infinities.
Bug
evaluateAccountPolicyclamps the suppliedriskScorewithMath.min/Math.max, butNaNremainsNaN.riskBandForScore(NaN)then falls through tolow, so a matching grant can allow the action instead of failing closed. Negative infinity similarly clamps to zero.Reproduction
Call
evaluateAccountPolicywith a matching grant andriskScore: Number.NaN(orNumber.NEGATIVE_INFINITY). The result can beallowwith a non-finite/low score.Expected
Non-finite externally supplied risk scores should fail closed by normalizing them to the maximum risk score before policy evaluation.
Proposed fix
Normalize non-finite risk values to
1, retain the existing[0, 1]clamp for finite values, and add regression coverage forNaNand infinities.