Spaces:
Running
Running
feat(agent): add Claude Code-style agent, skills, slash-commands, hooks, todos, sandboxed workspace, and full-stack scaffolding
81aa0b5 verified A newer version of the Gradio SDK is available: 6.19.0
metadata
name: warn-eval-exec
enabled: true
event: bash
pattern: (^|\s)(eval|exec)\s*\(
action: warn
⚠️ eval()/exec() detected
Using eval() or exec() on untrusted input is a code injection risk. Consider safer alternatives:
- ast.literal_eval() for Python literals
- json.loads() for JSON
- Function constructors with explicit scope for JS