Missing input validation in embedding providers #34
Description
The Ollama, OpenAI, and local embedding providers accept arbitrary text input without validation:
- No check for empty strings
- No length limits before sending to external APIs
- No validation that API responses match expected schema (e.g.,
response.embeddingscould be missing)
Suggested fix: Add input validation (non-empty, length limits) and runtime validation of API response shapes using zod or manual checks.