Will It Vibe?
SEC-025Critical severity-25 points

Insecure deserialization

Part of Security, which counts for 30% of the overall score. When this check fires it deducts 25 points from that category, once per scan, no matter how many places it turns up.

What it detects

pickle.loads on untrusted input, and yaml.load without SafeLoader, can lead to arbitrary code execution.

Why it matters

pickle.loads runs code embedded in the data it parses, so unpickling anything an outside party can influence is arbitrary code execution. yaml.load without SafeLoader can construct arbitrary Python objects from a YAML document with the same result. Both look like plain parsing calls, which is why they slip through review.

How to fix it

Replace yaml.load(...) with yaml.safe_load(...), which handles standard YAML documents identically. For pickle, switch the format to JSON (json.loads) wherever the data crosses a trust boundary; keep pickle only for data your own process wrote to storage that untrusted parties cannot reach. There is no safe way to unpickle hostile bytes.

The paid report includes a ready-to-paste prompt for your AI coding agent for every check it finds, pointed at the exact findings from your scan. See pricing

Does your repo trip this check?

Paste a GitHub URL or drop a project folder. Scans run in your browser and take seconds.

Scan your repo

Related Security checks