LlamaIndex fallback risks local RAG leaks

This is the kind of framework default that feels ergonomic in demos and dangerous in production. The bigger story is not OpenAI specifically — it is that local-first AI stacks still need fail-closed behavior, not silent provider substitution.

• –The reports center on QueryFusionRetriever, retrievers, and indexes that can resolve to default OpenAI behavior when configuration is incomplete
• –The real risk is privacy, compliance, and cost leakage: a stale OPENAI_API_KEY can hide the problem until sensitive prompts or embeddings leave the machine
• –The related GitHub issues were quickly duplicated/closed rather than treated as a straightforward security bug, so developers should assume explicit provider wiring is mandatory
• –It is also a reminder that “local” RAG claims depend on the full retrieval pipeline, not just swapping in Ollama or local embeddings at the top level