Spaces:
Running
Running
File size: 349 Bytes
81aa0b5 | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 | ---
name: warn-eval-exec
enabled: true
event: bash
pattern: (^|\s)(eval|exec)\s*\(
action: warn
---
⚠️ **eval()/exec() detected**
Using eval() or exec() on untrusted input is a code injection risk.
Consider safer alternatives:
- ast.literal_eval() for Python literals
- json.loads() for JSON
- Function constructors with explicit scope for JS
|