pickle.load / pickle.loads (Python)
Part of Security, which counts for 30% of the overall score. When this check fires it deducts 15 points from that category, once per scan, no matter how many places it turns up.
What it detects
Unpickling data executes constructors from the byte stream, so pickle on any untrusted input is remote code execution. Use json for data interchange. Flagged regardless of source since the sink alone is dangerous.
Why it matters
Unpickling data runs constructors and reduce methods embedded in the byte stream, so pickle.load/loads on any untrusted input is remote code execution. This is flagged regardless of where the data comes from because the sink itself is dangerous and easy to misuse.
How to fix it
Use a data format that carries no code: json for simple data, or a schema library such as pydantic or marshmallow for structured objects. If you only pickle data you produced and never expose the channel, keep the source strictly local and document that. Never unpickle anything received over a network or from a user.
The paid report includes a ready-to-paste prompt for your AI coding agent for every check it finds, pointed at the exact findings from your scan. See pricing
Does your repo trip this check?
Paste a GitHub URL or drop a project folder. Scans run in your browser and take seconds.
Scan your repo