┌───────────────────┐│ 202 Code Findings │└───────────────────┘ docs\docs\_static\js\algolia.js ❯❯❱ generic.secrets.security.detected-generic-api-key.detected-generic-api-key Generic API Key detected Details: https://sg.run/qxj8 15┆ apiKey: 'c4b0e099fa9004f69855e474b3e7d3bb', docs\docs\javascript\algolia.js ❯❯❱ generic.secrets.security.detected-generic-api-key.detected-generic-api-key Generic API Key detected Details: https://sg.run/qxj8 15┆ apiKey: 'c4b0e099fa9004f69855e474b3e7d3bb', docs\docs\javascript\llms_example.js ❯❯❱ javascript.browser.security.insecure-document-method.insecure-document-method User controlled data in methods like `innerHTML`, `outerHTML` or `document.write` is an anti-pattern that can lead to XSS vulnerabilities Details: https://sg.run/LwA9 44┆ exampleElement.children[1].children[0].innerHTML = 45┆ marked.parse(exampleMarkdown); llama-index-core\llama_index\core\evaluation\benchmarks\hotpotqa.py ❱ python.lang.security.audit.insecure-transport.requests.request-with-http.request-with-http Detected a request using 'http://'. This request will be unencrypted, and attackers could listen into traffic on the network and be able to obtain sensitive information. Use 'https://' instead. Details: https://sg.run/W8J4 41┆ response = requests.get(url, stream=True) Taint comes from: 19┆ DEV_DISTRACTOR_URL = """https://web.archive.org/web/20250512032701id_/http://curtis.ml.cmu.edu/datasets/\ Taint flows through these intermediate variables: 19┆ DEV_DISTRACTOR_URL = """https://web.archive.org/web/20250512032701id_/http://curtis.ml.cmu.edu/datasets/\ 19┆ DEV_DISTRACTOR_URL = """https://web.archive.org/web/20250512032701id_/http://curtis.ml.cmu.edu/datasets/\ 35┆ url = DEV_DISTRACTOR_URL This is how taint reaches the sink: 41┆ response = requests.get(url, stream=True) llama-index-core\llama_index\core\ingestion\data_sources.py ❯❱ python.lang.security.insecure-uuid-version.insecure-uuid-version Using UUID version 1 for UUID generation can lead to predictable UUIDs based on system information (e.g., MAC address, timestamp). This may lead to security risks such as the sandwich attack. Consider using `uuid.uuid4()` instead for better randomness and security. Details: https://sg.run/BYBgW ▶▶┆ Autofix ▶ uuid.uuid4() 82┆ suffix = uuid.uuid1() llama-index-core\llama_index\core\objects\base_node_mapping.py ❯❱ python.lang.security.deserialization.pickle.avoid-pickle Avoid using `pickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data as JSON or a similar text-based serialization format. Details: https://sg.run/OPwB 165┆ pickle.dump(self, f) ⋮┆---------------------------------------- 178┆ simple_object_node_mapping = pickle.load(f) llama-index-core\llama_index\core\schema.py ❯❱ python.lang.security.deserialization.pickle.avoid-pickle Avoid using `pickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data as JSON or a similar text-based serialization format. Details: https://sg.run/OPwB 130┆ pickle.dumps(val) ⋮┆---------------------------------------- 144┆ pickle.dumps(val) llama-index-core\llama_index\core\utilities\sql_wrapper.py ❯❯❱ python.sqlalchemy.security.audit.avoid-sqlalchemy-text.avoid-sqlalchemy-text sqlalchemy.text passes the constructed SQL statement to the database mostly unchanged. This means that the usual SQL injection protections are not applied and this function is vulnerable to SQL injection if user input can reach here. Use normal SQLAlchemy operators (such as `or_()`, `and_()`, etc.) to construct SQL. Details: https://sg.run/yP1O 227┆ cursor = connection.execute(text(command)) Taint comes from: 225┆ command = command.replace("FROM ", f"FROM {self._schema}.") Taint flows through these intermediate variables: 225┆ command = command.replace("FROM ", f"FROM {self._schema}.") This is how taint reaches the sink: 227┆ cursor = connection.execute(text(command)) llama-index-experimental\llama_index\experimental\exec_utils.py ❯❱ python.lang.security.audit.eval-detected.eval-detected Detected the use of eval(). eval() can be dangerous if used to evaluate dynamic content. If this content can be input from outside the program, this may be a code injection vulnerability. Ensure evaluated content is not definable by external sources. Details: https://sg.run/ZvrD 159┆ return eval(__source, _get_restricted_globals(__globals), __locals) ❯❱ python.lang.security.audit.exec-detected.exec-detected Detected the use of exec(). exec() can be dangerous if used to evaluate dynamic content. If this content can be input from outside the program, this may be a code injection vulnerability. Ensure evaluated content is not definable by external sources. Details: https://sg.run/ndRX 171┆ return exec(__source, _get_restricted_globals(__globals), __locals) llama-index-finetuning\llama_index\finetuning\cross_encoders\cross_encoder.py ❯❱ trailofbits.python.automatic-memory-pinning.automatic-memory-pinning If possible, it is better to rely on automatic pinning in PyTorch to avoid undefined behavior and for efficiency Details: https://sg.run/jz5N 53┆ self.loader: DataLoader = DataLoader(examples, batch_size=batch_size) llama-index-finetuning\llama_index\finetuning\embeddings\adapter.py ❯❱ trailofbits.python.automatic-memory-pinning.automatic-memory-pinning If possible, it is better to rely on automatic pinning in PyTorch to avoid undefined behavior and for efficiency Details: https://sg.run/jz5N 151┆ data_loader = DataLoader(examples, batch_size=self.batch_size) llama-index-finetuning\llama_index\finetuning\embeddings\sentence_transformer.py ❯❱ trailofbits.python.automatic-memory-pinning.automatic-memory-pinning If possible, it is better to rely on automatic pinning in PyTorch to avoid undefined behavior and for efficiency Details: https://sg.run/jz5N 63┆ self.loader: DataLoader = DataLoader(examples, batch_size=batch_size) llama-index-integrations\callbacks\llama-index-callbacks-openinference\llama_index\callbacks\openinference\base.py ❯❱ python.lang.security.audit.non-literal-import.non-literal-import Untrusted user input in `importlib.import_module()` function allows an attacker to load arbitrary code. Avoid dynamic values in `importlib.import_module()` or use a whitelist to prevent running untrusted code. Details: https://sg.run/y6Jk 159┆ package = importlib.import_module(package_name) llama-index-integrations\embeddings\llama-index-embeddings-elasticsearch\docker-compose.yml ❯❱ yaml.docker-compose.security.no-new-privileges.no-new-privileges Service 'elasticsearch' allows for privilege escalation via setuid or setgid binaries. Add 'no-new- privileges:true' in 'security_opt' to prevent this. Details: https://sg.run/0n8q 4┆ elasticsearch: ❯❱ yaml.docker-compose.security.writable-filesystem-service.writable-filesystem-service Service 'elasticsearch' is running with a writable root filesystem. This may allow malicious applications to download and run additional payloads, or modify container files. If an application inside a container has to save something temporarily consider using a tmpfs. Add 'read_only: true' to this service to prevent this. Details: https://sg.run/e4JE 4┆ elasticsearch: llama-index-integrations\embeddings\llama-index-embeddings-oracleai\llama_index\embeddings\oracleai\base.py ❯❯❱ python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection. In order to execute raw query safely, prepared statement should be used. SQLAlchemy provides TextualSQL to easily used prepared statement with named parameters. For complex SQL composition, use SQL Expression Language or Schema Definition Language. In most cases, SQLAlchemy ORM will be a better option. Details: https://sg.run/2b1L 168┆ cursor.execute( 169┆ "select t.* " 170┆ + "from dbms_vector_chain.utl_to_embeddings(:content, " 171┆ + "json(:params)) t", 172┆ content=inputs, 173┆ params=json.dumps(self._params), 174┆ ) llama-index-integrations\graph_stores\llama-index-graph-stores-kuzu\llama_index\graph_stores\kuzu\base.py ❯❱ python.lang.security.audit.formatted-sql-query.formatted-sql-query Detected possible formatted SQL query. Use parameterized queries instead. Details: https://sg.run/EkWw 28┆ self.connection.execute( 29┆ "CREATE NODE TABLE %s (ID STRING, PRIMARY KEY(ID))" 30┆ % self.node_table_name 31┆ ) ❯❯❱ python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection. In order to execute raw query safely, prepared statement should be used. SQLAlchemy provides TextualSQL to easily used prepared statement with named parameters. For complex SQL composition, use SQL Expression Language or Schema Definition Language. In most cases, SQLAlchemy ORM will be a better option. Details: https://sg.run/2b1L 28┆ self.connection.execute( 29┆ "CREATE NODE TABLE %s (ID STRING, PRIMARY KEY(ID))" 30┆ % self.node_table_name 31┆ ) ❯❱ python.lang.security.audit.formatted-sql-query.formatted-sql-query Detected possible formatted SQL query. Use parameterized queries instead. Details: https://sg.run/EkWw 35┆ self.connection.execute( 36┆ "CREATE REL TABLE {} (FROM {} TO {}, predicate STRING)".format( 37┆ self.rel_table_name, self.node_table_name, self.node_table_name 38┆ ) 39┆ ) ❯❯❱ python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection. In order to execute raw query safely, prepared statement should be used. SQLAlchemy provides TextualSQL to easily used prepared statement with named parameters. For complex SQL composition, use SQL Expression Language or Schema Definition Language. In most cases, SQLAlchemy ORM will be a better option. Details: https://sg.run/2b1L 35┆ self.connection.execute( 36┆ "CREATE REL TABLE {} (FROM {} TO {}, predicate STRING)".format( 37┆ self.rel_table_name, self.node_table_name, self.node_table_name 38┆ ) 39┆ ) ⋮┆---------------------------------------- 117┆ is_exists_result = connection.execute( 118┆ "MATCH (n:%s) WHERE n.ID = $entity RETURN n.ID" % self.node_table_name, 119┆ {"entity": entity}, 120┆ ) ⋮┆---------------------------------------- 124┆ connection.execute( 125┆ "CREATE (n:%s {ID: $entity})" % self.node_table_name, 126┆ {"entity": entity}, 127┆ ) ⋮┆---------------------------------------- 130┆ is_exists_result = connection.execute( 131┆ ( 132┆ "MATCH (n1:{})-[r:{}]->(n2:{}) WHERE n1.ID = $subj AND n2.ID = " 133┆ "$obj AND r.predicate = $pred RETURN r.predicate" 134┆ ).format( 135┆ self.node_table_name, self.rel_table_name, self.node_table_name 136┆ ), 137┆ {"subj": subj, "obj": obj, "pred": rel}, 138┆ ) ⋮┆---------------------------------------- 142┆ connection.execute( 143┆ ( 144┆ "MATCH (n1:{}), (n2:{}) WHERE n1.ID = $subj AND n2.ID = $obj " 145┆ "CREATE (n1)-[r:{} {{predicate: $pred}}]->(n2)" 146┆ ).format( 147┆ self.node_table_name, self.node_table_name, self.rel_table_name 148┆ ), 149┆ {"subj": subj, "obj": obj, "pred": rel}, 150┆ ) ⋮┆---------------------------------------- 171┆ connection.execute( 172┆ ( 173┆ "MATCH (n1:{})-[r:{}]->(n2:{}) WHERE n1.ID = $subj AND n2.ID" 174┆ " = $obj AND r.predicate = $pred DELETE r" 175┆ ).format( 176┆ self.node_table_name, self.rel_table_name, self.node_table_name 177┆ ), 178┆ {"subj": subj, "obj": obj, "pred": rel}, 179┆ ) ⋮┆---------------------------------------- 182┆ connection.execute( 183┆ "MATCH (n:%s) WHERE n.ID = $entity DELETE n" % self.node_table_name, 184┆ {"entity": entity}, 185┆ ) ⋮┆---------------------------------------- 188┆ is_exists_result = connection.execute( 189┆ "MATCH (n1:{})-[r:{}]-(n2:{}) WHERE n2.ID = $entity RETURN r.predicate".format( 190┆ self.node_table_name, self.rel_table_name, self.node_table_name 191┆ ), 192┆ {"entity": entity}, 193┆ ) llama-index-integrations\graph_stores\llama-index-graph-stores-kuzu\llama_index\graph_stores\kuzu\kuzu_property_graph. py ❯❯❱ python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection. In order to execute raw query safely, prepared statement should be used. SQLAlchemy provides TextualSQL to easily used prepared statement with named parameters. For complex SQL composition, use SQL Expression Language or Schema Definition Language. In most cases, SQLAlchemy ORM will be a better option. Details: https://sg.run/2b1L 153┆ self.connection.execute( 154┆ upsert_entity_node_query, 155┆ parameters={ 156┆ "id": entity.name, 157┆ "label": entity.label, 158┆ "name": entity.name, 159┆ "embedding": entity.embedding, 160┆ "creation_date": entity.properties.get("creation_date"), 161┆ "last_modified_date": entity.properties.get("last_modified_date"), 162┆ "file_name": entity.properties.get("file_name"), [hid 6 additional lines, adjust with --max-lines-per-finding] 180┆ self.connection.execute( 181┆ f""" 182┆ MATCH (a:{src} {{id: $source_id}}), 183┆ (b:{dst} {{id: $target_id}}) 184┆ MERGE (a)-[r:{rel_tbl_name} {{label: $label}}]->(b) 185┆ SET r.triplet_source_id = $triplet_source_id 186┆ """, 187┆ parameters={ 188┆ "source_id": rel.source_id, 189┆ "target_id": rel.target_id, [hid 4 additional lines, adjust with --max-lines-per-finding] 195┆ self.connection.execute( 196┆ f""" 197┆ MATCH (a:{src} {{id: $source_id}}), 198┆ (b:{dst} {{id: $target_id}}), 199┆ (c:Chunk {{id: $triplet_source_id}}) 200┆ MERGE (c)-[:MENTIONS]->(a) 201┆ MERGE (c)-[:MENTIONS]->(b) 202┆ """, 203┆ parameters={ 204┆ "source_id": rel.source_id, [hid 4 additional lines, adjust with --max-lines-per-finding] ❯❱ python.lang.security.audit.formatted-sql-query.formatted-sql-query Detected possible formatted SQL query. Use parameterized queries instead. Details: https://sg.run/EkWw 494┆ prop_values = self.connection.execute( 495┆ f"MATCH ()-[r:{table_name}]->() RETURN distinct r.label AS label;" 496┆ ) ❯❯❱ python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection. In order to execute raw query safely, prepared statement should be used. SQLAlchemy provides TextualSQL to easily used prepared statement with named parameters. For complex SQL composition, use SQL Expression Language or Schema Definition Language. In most cases, SQLAlchemy ORM will be a better option. Details: https://sg.run/2b1L 494┆ prop_values = self.connection.execute( 495┆ f"MATCH ()-[r:{table_name}]->() RETURN distinct r.label AS label;" 496┆ ) ❯❱ python.lang.security.audit.formatted-sql-query.formatted-sql-query Detected possible formatted SQL query. Use parameterized queries instead. Details: https://sg.run/EkWw 504┆ table_details = self.connection.execute( 505┆ f"CALL TABLE_INFO('{table_name}') RETURN *;" 506┆ ) ❯❯❱ python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection. In order to execute raw query safely, prepared statement should be used. SQLAlchemy provides TextualSQL to easily used prepared statement with named parameters. For complex SQL composition, use SQL Expression Language or Schema Definition Language. In most cases, SQLAlchemy ORM will be a better option. Details: https://sg.run/2b1L 504┆ table_details = self.connection.execute( 505┆ f"CALL TABLE_INFO('{table_name}') RETURN *;" 506┆ ) llama-index-integrations\graph_stores\llama-index-graph-stores-kuzu\llama_index\graph_stores\kuzu\utils.py ❯❱ python.lang.security.audit.formatted-sql-query.formatted-sql-query Detected possible formatted SQL query. Use parameterized queries instead. Details: https://sg.run/EkWw 71┆ connection.execute( 72┆ f""" 73┆ CREATE NODE TABLE IF NOT EXISTS Chunk ( 74┆ id STRING, 75┆ text STRING, 76┆ label STRING, 77┆ embedding DOUBLE[], 78┆ creation_date DATE, 79┆ last_modified_date DATE, 80┆ file_name STRING, [hid 8 additional lines, adjust with --max-lines-per-finding] 95┆ connection.execute( 96┆ f""" 97┆ CREATE NODE TABLE IF NOT EXISTS {tbl_name} ( 98┆ id STRING, 99┆ name STRING, 100┆ label STRING, 101┆ embedding DOUBLE[], 102┆ creation_date DATE, 103┆ last_modified_date DATE, 104┆ file_name STRING, [hid 8 additional lines, adjust with --max-lines-per-finding] ❯❯❱ python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection. In order to execute raw query safely, prepared statement should be used. SQLAlchemy provides TextualSQL to easily used prepared statement with named parameters. For complex SQL composition, use SQL Expression Language or Schema Definition Language. In most cases, SQLAlchemy ORM will be a better option. Details: https://sg.run/2b1L 95┆ connection.execute( 96┆ f""" 97┆ CREATE NODE TABLE IF NOT EXISTS {tbl_name} ( 98┆ id STRING, 99┆ name STRING, 100┆ label STRING, 101┆ embedding DOUBLE[], 102┆ creation_date DATE, 103┆ last_modified_date DATE, 104┆ file_name STRING, [hid 8 additional lines, adjust with --max-lines-per-finding] ❯❱ python.lang.security.audit.formatted-sql-query.formatted-sql-query Detected possible formatted SQL query. Use parameterized queries instead. Details: https://sg.run/EkWw 118┆ connection.execute( 119┆ f""" 120┆ CREATE REL TABLE IF NOT EXISTS {label} ( 121┆ FROM {src_id} TO {dst_id}, 122┆ label STRING, 123┆ triplet_source_id STRING 124┆ ); 125┆ """ 126┆ ) ❯❯❱ python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection. In order to execute raw query safely, prepared statement should be used. SQLAlchemy provides TextualSQL to easily used prepared statement with named parameters. For complex SQL composition, use SQL Expression Language or Schema Definition Language. In most cases, SQLAlchemy ORM will be a better option. Details: https://sg.run/2b1L 118┆ connection.execute( 119┆ f""" 120┆ CREATE REL TABLE IF NOT EXISTS {label} ( 121┆ FROM {src_id} TO {dst_id}, 122┆ label STRING, 123┆ triplet_source_id STRING 124┆ ); 125┆ """ 126┆ ) llama-index-integrations\graph_stores\llama-index-graph-stores-nebula\llama_index\graph_stores\nebula\nebula_graph_sto re.py ❯❱ python.lang.security.audit.formatted-sql-query.formatted-sql-query Detected possible formatted SQL query. Use parameterized queries instead. Details: https://sg.run/EkWw 237┆ self.execute(f"DESCRIBE SPACE {self._space_name}") ❯❯❱ python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection. In order to execute raw query safely, prepared statement should be used. SQLAlchemy provides TextualSQL to easily used prepared statement with named parameters. For complex SQL composition, use SQL Expression Language or Schema Definition Language. In most cases, SQLAlchemy ORM will be a better option. Details: https://sg.run/2b1L 237┆ self.execute(f"DESCRIBE SPACE {self._space_name}") ❯❱ python.lang.security.audit.formatted-sql-query.formatted-sql-query Detected possible formatted SQL query. Use parameterized queries instead. Details: https://sg.run/EkWw 563┆ result = self.execute(dml_query) ❯❯❱ python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection. In order to execute raw query safely, prepared statement should be used. SQLAlchemy provides TextualSQL to easily used prepared statement with named parameters. For complex SQL composition, use SQL Expression Language or Schema Definition Language. In most cases, SQLAlchemy ORM will be a better option. Details: https://sg.run/2b1L 563┆ result = self.execute(dml_query) ❯❱ python.lang.security.audit.formatted-sql-query.formatted-sql-query Detected possible formatted SQL query. Use parameterized queries instead. Details: https://sg.run/EkWw 587┆ result = self.execute(dml_query) ❯❯❱ python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection. In order to execute raw query safely, prepared statement should be used. SQLAlchemy provides TextualSQL to easily used prepared statement with named parameters. For complex SQL composition, use SQL Expression Language or Schema Definition Language. In most cases, SQLAlchemy ORM will be a better option. Details: https://sg.run/2b1L 587┆ result = self.execute(dml_query) ❯❱ python.lang.security.audit.formatted-sql-query.formatted-sql-query Detected possible formatted SQL query. Use parameterized queries instead. Details: https://sg.run/EkWw 600┆ r = self.execute(f"DESCRIBE TAG `{tag_name}`") ❯❯❱ python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection. In order to execute raw query safely, prepared statement should be used. SQLAlchemy provides TextualSQL to easily used prepared statement with named parameters. For complex SQL composition, use SQL Expression Language or Schema Definition Language. In most cases, SQLAlchemy ORM will be a better option. Details: https://sg.run/2b1L 600┆ r = self.execute(f"DESCRIBE TAG `{tag_name}`") ❯❱ python.lang.security.audit.formatted-sql-query.formatted-sql-query Detected possible formatted SQL query. Use parameterized queries instead. Details: https://sg.run/EkWw 618┆ r = self.execute(f"DESCRIBE EDGE `{edge_type_name}`") ❯❯❱ python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection. In order to execute raw query safely, prepared statement should be used. SQLAlchemy provides TextualSQL to easily used prepared statement with named parameters. For complex SQL composition, use SQL Expression Language or Schema Definition Language. In most cases, SQLAlchemy ORM will be a better option. Details: https://sg.run/2b1L 618┆ r = self.execute(f"DESCRIBE EDGE `{edge_type_name}`") llama-index-integrations\graph_stores\llama-index-graph-stores-nebula\llama_index\graph_stores\nebula\nebula_property_ graph.py ❯❱ python.lang.security.audit.hardcoded-password-default-argument.hardcoded-password-default-argument Hardcoded password is used as a default argument to '__init__'. This could be dangerous if a real password is not supplied. Details: https://sg.run/Lw9r 109┆ def __init__( 110┆ self, 111┆ space: str, 112┆ client: Optional[BaseExecutor] = None, 113┆ username: str = "root", 114┆ password: str = "nebula", 115┆ url: str = "nebula://localhost:9669", 116┆ overwrite: bool = False, 117┆ props_schema: str = DEFAULT_PROPS_SCHEMA, 118┆ refresh_schema: bool = True, [hid 32 additional lines, adjust with --max-lines-per-finding] ❯❱ python.flask.security.xss.audit.direct-use-of-jinja2.direct-use-of-jinja2 Detected direct use of jinja2. If not done properly, this may bypass HTML escaping which opens up the application to cross-site scripting (XSS) vulnerabilities. Prefer using the Flask method 'render_template()' and templates with a '.html' extension in order to prevent XSS. Details: https://sg.run/RoKe 137┆ self._client.execute(DDL.render(props_schema=props_schema)) ❯❱ python.lang.security.audit.formatted-sql-query.formatted-sql-query Detected possible formatted SQL query. Use parameterized queries instead. Details: https://sg.run/EkWw 140┆ self._client.execute(f"CLEAR SPACE {self._space};") ❯❯❱ python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection. In order to execute raw query safely, prepared statement should be used. SQLAlchemy provides TextualSQL to easily used prepared statement with named parameters. For complex SQL composition, use SQL Expression Language or Schema Definition Language. In most cases, SQLAlchemy ORM will be a better option. Details: https://sg.run/2b1L 140┆ self._client.execute(f"CLEAR SPACE {self._space};") llama-index-integrations\graph_stores\llama-index-graph-stores-nebula\llama_index\graph_stores\nebula\utils.py ❯❱ python.lang.security.audit.formatted-sql-query.formatted-sql-query Detected possible formatted SQL query. Use parameterized queries instead. Details: https://sg.run/EkWw 312┆ result = client.execute( 313┆ f'FETCH PROP ON `Node__` "{src_id}", "{dst_id}" YIELD id(vertex) AS id, Node__.`label` AS `label`' 314┆ ) ❯❯❱ python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection. In order to execute raw query safely, prepared statement should be used. SQLAlchemy provides TextualSQL to easily used prepared statement with named parameters. For complex SQL composition, use SQL Expression Language or Schema Definition Language. In most cases, SQLAlchemy ORM will be a better option. Details: https://sg.run/2b1L 312┆ result = client.execute( 313┆ f'FETCH PROP ON `Node__` "{src_id}", "{dst_id}" YIELD id(vertex) AS id, Node__.`label` AS `label`' 314┆ ) llama-index-integrations\indices\llama-index-indices-managed-bge-m3\llama_index\indices\managed\bge_m3\base.py ❯❱ python.lang.security.deserialization.pickle.avoid-pickle Avoid using `pickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data as JSON or a similar text-based serialization format. Details: https://sg.run/OPwB 134┆ pickler = pickle.Pickler(f, protocol=pickle.HIGHEST_PROTOCOL) ⋮┆---------------------------------------- 157┆ index._multi_embed_store = pickle.load( 158┆ open(Path(persist_dir) / "multi_embed_store.pkl", "rb") 159┆ ) llama-index-integrations\program\llama-index-program-evaporate\llama_index\program\evaporate\extractor.py ❯❱ python.lang.security.audit.exec-detected.exec-detected Detected the use of exec(). exec() can be dangerous if used to evaluate dynamic content. If this content can be input from outside the program, this may be a code injection vulnerability. Ensure evaluated content is not definable by external sources. Details: https://sg.run/ndRX 233┆ exec(fn_str, globals()) ⋮┆---------------------------------------- 234┆ exec(f"result = get_{function_field}_field(node_text)", globals()) llama-index-integrations\readers\llama-index-readers-earnings-call-transcript\llama_index\readers\earnings_call_transc ript\utils.py ❯❱ python.requests.python-requests-hardcoded-auth.python-requests-hardcoded-auth A secret is hard-coded in the application. Secrets stored in source code, such as credentials, identifiers, and other types of sensitive data, can be leaked and used by internal or external malicious actors. Use environment variables to securely provide credentials and other secrets or retrieve them from a secure vault or Hardware Security Module (HSM). Details: https://sg.run/4gW9 58┆ auth=("user", "pass"), Taint comes from: 58┆ auth=("user", "pass"), This is how taint reaches the sink: 58┆ auth=("user", "pass"), llama-index-integrations\readers\llama-index-readers-joplin\llama_index\readers\joplin\base.py ❯❱ python.lang.security.audit.dynamic-urllib-use-detected.dynamic-urllib-use-detected Detected a dynamic value being used with urllib. urllib supports 'file://' schemes, so a dynamic value controlled by a malicious actor may allow them to read arbitrary files. Audit uses of urllib calls to ensure user data cannot control the URLs, or consider using the 'requests' library instead. Details: https://sg.run/dKZZ 87┆ with urllib.request.urlopen(req_note) as response: ⋮┆---------------------------------------- 110┆ with urllib.request.urlopen(req_folder) as response: ⋮┆---------------------------------------- 116┆ with urllib.request.urlopen(req_tag) as response: llama-index-integrations\readers\llama-index-readers-microsoft-sharepoint\llama_index\readers\microsoft_sharepoint\bas e.py ❯❱ python.lang.security.audit.logging.logger-credential-leak.python-logger-credential-disclosure Detected a python logger call with a potential hardcoded secret "Error retrieving access token: %s" being logged. This may lead to secret credentials being exposed. Make sure that the logger is not logging sensitive information. Details: https://sg.run/ydNx 134┆ logger.error("Error retrieving access token: %s", json_response["error"]) llama-index-integrations\readers\llama-index-readers-oracleai\llama_index\readers\oracleai\base.py ❯❯❱ python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection. In order to execute raw query safely, prepared statement should be used. SQLAlchemy provides TextualSQL to easily used prepared statement with named parameters. For complex SQL composition, use SQL Expression Language or Schema Definition Language. In most cases, SQLAlchemy ORM will be a better option. Details: https://sg.run/2b1L 275┆ cursor.execute(sql) ⋮┆---------------------------------------- 314┆ cursor.execute(sql) llama-index-integrations\readers\llama-index-readers-remote\llama_index\readers\remote\base.py ❯❱ python.lang.security.audit.dynamic-urllib-use-detected.dynamic-urllib-use-detected Detected a dynamic value being used with urllib. urllib supports 'file://' schemes, so a dynamic value controlled by a malicious actor may allow them to read arbitrary files. Audit uses of urllib calls to ensure user data cannot control the URLs, or consider using the 'requests' library instead. Details: https://sg.run/dKZZ 74┆ result = urlopen(req) llama-index-integrations\readers\llama-index-readers-sec-filings\llama_index\readers\sec_filings\utils.py ❱ python.lang.security.audit.insecure-transport.requests.request-session-with-http.request-session-with-http Detected a request using 'http://'. This request will be unencrypted. Use 'https://' instead. Details: https://sg.run/DoBY 129┆ client.mount("http://", HTTPAdapter(max_retries=retries)) Taint comes from: 129┆ client.mount("http://", HTTPAdapter(max_retries=retries)) This is how taint reaches the sink: 129┆ client.mount("http://", HTTPAdapter(max_retries=retries)) llama-index-integrations\readers\llama-index-readers-stripe-docs\llama_index\readers\stripe_docs\base.py ❯❱ python.lang.security.audit.dynamic-urllib-use-detected.dynamic-urllib-use-detected Detected a dynamic value being used with urllib. urllib supports 'file://' schemes, so a dynamic value controlled by a malicious actor may allow them to read arbitrary files. Audit uses of urllib calls to ensure user data cannot control the URLs, or consider using the 'requests' library instead. Details: https://sg.run/dKZZ 33┆ return urllib.request.urlopen(url).read() llama-index-integrations\readers\llama-index-readers-web\llama_index\readers\web\readability_web\Readability.js ❯❯❱ javascript.browser.security.insecure-document-method.insecure-document-method User controlled data in methods like `innerHTML`, `outerHTML` or `document.write` is an anti-pattern that can lead to XSS vulnerabilities Details: https://sg.run/LwA9 1499┆ page.innerHTML = pageCacheHtml; ⋮┆---------------------------------------- 1854┆ tmp.innerHTML = noscript.innerHTML; llama-index-integrations\retrievers\llama-index-retrievers-duckdb-retriever\llama_index\retrievers\duckdb_retriever\ba se.py ❯❱ python.lang.security.audit.formatted-sql-query.formatted-sql-query Detected possible formatted SQL query. Use parameterized queries instead. Details: https://sg.run/EkWw 29┆ self._conn.execute(f"SET home_directory='{self._home_dir}';") ❯❯❱ python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection. In order to execute raw query safely, prepared statement should be used. SQLAlchemy provides TextualSQL to easily used prepared statement with named parameters. For complex SQL composition, use SQL Expression Language or Schema Definition Language. In most cases, SQLAlchemy ORM will be a better option. Details: https://sg.run/2b1L 29┆ self._conn.execute(f"SET home_directory='{self._home_dir}';") ❯❱ python.lang.security.audit.formatted-sql-query.formatted-sql-query Detected possible formatted SQL query. Use parameterized queries instead. Details: https://sg.run/EkWw 89┆ conn.execute(sql) ❯❯❱ python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection. In order to execute raw query safely, prepared statement should be used. SQLAlchemy provides TextualSQL to easily used prepared statement with named parameters. For complex SQL composition, use SQL Expression Language or Schema Definition Language. In most cases, SQLAlchemy ORM will be a better option. Details: https://sg.run/2b1L 89┆ conn.execute(sql) ⋮┆---------------------------------------- 105┆ query_result = conn.execute(sql, [query]).fetchall() llama-index-integrations\retrievers\llama-index-retrievers-galaxia\llama_index\retrievers\galaxia\base.py ❯❱ python.lang.security.audit.httpsconnection-detected.httpsconnection-detected The HTTPSConnection API has changed frequently with minor releases of Python. Ensure you are using the API for your version of Python securely. For example, Python 3 versions prior to 3.4.3 will not verify SSL certificates by default. See https://docs.python.org/3/library/http.client.html#http.client.HTTPSConnection for more information. Details: https://sg.run/8yby 66┆ conn = http.client.HTTPSConnection(self.api_url) llama-index-integrations\storage\chat_store\llama-index-storage-chat-store-postgres\llama_index\storage\chat_store\pos tgres\base.py ❯❯❱ python.sqlalchemy.security.audit.avoid-sqlalchemy-text.avoid-sqlalchemy-text sqlalchemy.text passes the constructed SQL statement to the database mostly unchanged. This means that the usual SQL injection protections are not applied and this function is vulnerable to SQL injection if user input can reach here. Use normal SQLAlchemy operators (such as `or_()`, `and_()`, etc.) to construct SQL. Details: https://sg.run/yP1O 158┆ check_schema_statement = text( 159┆ f"SELECT schema_name FROM information_schema.schemata WHERE schema_name = '{self.schema_name}'" 160┆ ) Taint comes from: 159┆ f"SELECT schema_name FROM information_schema.schemata WHERE schema_name = '{self.schema_name}'" This is how taint reaches the sink: 158┆ check_schema_statement = text( 159┆ f"SELECT schema_name FROM information_schema.schemata WHERE schema_name = '{self.schema_name}'" 160┆ ) ⋮┆---------------------------------------- 165┆ create_schema_statement = text( 166┆ f"CREATE SCHEMA IF NOT EXISTS {self.schema_name}" 167┆ ) Taint comes from: 166┆ f"CREATE SCHEMA IF NOT EXISTS {self.schema_name}" This is how taint reaches the sink: 165┆ create_schema_statement = text( 166┆ f"CREATE SCHEMA IF NOT EXISTS {self.schema_name}" 167┆ ) ⋮┆---------------------------------------- 183┆ stmt = text( 184┆ f""" 185┆ INSERT INTO {self.schema_name}.{self._table_class.__tablename__} (key, value) 186┆ VALUES (:key, :value) 187┆ ON CONFLICT (key) 188┆ DO UPDATE SET 189┆ value = EXCLUDED.value; 190┆ """ 191┆ ) Taint comes from: 184┆ f""" 185┆ INSERT INTO {self.schema_name}.{self._table_class.__tablename__} (key, value) 186┆ VALUES (:key, :value) 187┆ ON CONFLICT (key) 188┆ DO UPDATE SET 189┆ value = EXCLUDED.value; 190┆ """ This is how taint reaches the sink: 183┆ stmt = text( 184┆ f""" 185┆ INSERT INTO {self.schema_name}.{self._table_class.__tablename__} (key, value) 186┆ VALUES (:key, :value) 187┆ ON CONFLICT (key) 188┆ DO UPDATE SET 189┆ value = EXCLUDED.value; 190┆ """ 191┆ ) ⋮┆---------------------------------------- 205┆ stmt = text( 206┆ f""" 207┆ INSERT INTO {self.schema_name}.{self._table_class.__tablename__} (key, value) 208┆ VALUES (:key, :value) 209┆ ON CONFLICT (key) 210┆ DO UPDATE SET 211┆ value = EXCLUDED.value; 212┆ """ 213┆ ) Taint comes from: 206┆ f""" 207┆ INSERT INTO {self.schema_name}.{self._table_class.__tablename__} (key, value) 208┆ VALUES (:key, :value) 209┆ ON CONFLICT (key) 210┆ DO UPDATE SET 211┆ value = EXCLUDED.value; 212┆ """ This is how taint reaches the sink: 205┆ stmt = text( 206┆ f""" 207┆ INSERT INTO {self.schema_name}.{self._table_class.__tablename__} (key, value) 208┆ VALUES (:key, :value) 209┆ ON CONFLICT (key) 210┆ DO UPDATE SET 211┆ value = EXCLUDED.value; 212┆ """ 213┆ ) ⋮┆---------------------------------------- 251┆ stmt = text( 252┆ f""" 253┆ INSERT INTO {self.schema_name}.{self._table_class.__tablename__} (key, value) 254┆ VALUES (:key, :value) 255┆ ON CONFLICT (key) 256┆ DO UPDATE SET 257┆ value = array_cat({self._table_class.__tablename__}.value, :value); 258┆ """ 259┆ ) Taint comes from: 252┆ f""" 253┆ INSERT INTO {self.schema_name}.{self._table_class.__tablename__} (key, value) 254┆ VALUES (:key, :value) 255┆ ON CONFLICT (key) 256┆ DO UPDATE SET 257┆ value = array_cat({self._table_class.__tablename__}.value, :value); 258┆ """ This is how taint reaches the sink: 251┆ stmt = text( 252┆ f""" 253┆ INSERT INTO {self.schema_name}.{self._table_class.__tablename__} (key, value) 254┆ VALUES (:key, :value) 255┆ ON CONFLICT (key) 256┆ DO UPDATE SET 257┆ value = array_cat({self._table_class.__tablename__}.value, :value); 258┆ """ 259┆ ) ⋮┆---------------------------------------- 267┆ stmt = text( 268┆ f""" 269┆ INSERT INTO {self.schema_name}.{self._table_class.__tablename__} (key, value) 270┆ VALUES (:key, :value) 271┆ ON CONFLICT (key) 272┆ DO UPDATE SET 273┆ value = array_cat({self._table_class.__tablename__}.value, :value); 274┆ """ 275┆ ) Taint comes from: 268┆ f""" 269┆ INSERT INTO {self.schema_name}.{self._table_class.__tablename__} (key, value) 270┆ VALUES (:key, :value) 271┆ ON CONFLICT (key) 272┆ DO UPDATE SET 273┆ value = array_cat({self._table_class.__tablename__}.value, :value); 274┆ """ This is how taint reaches the sink: 267┆ stmt = text( 268┆ f""" 269┆ INSERT INTO {self.schema_name}.{self._table_class.__tablename__} (key, value) 270┆ VALUES (:key, :value) 271┆ ON CONFLICT (key) 272┆ DO UPDATE SET 273┆ value = array_cat({self._table_class.__tablename__}.value, :value); 274┆ """ 275┆ ) ⋮┆---------------------------------------- 308┆ stmt = text( 309┆ f""" 310┆ UPDATE {self._table_class.__tablename__} 311┆ SET value = array_cat( 312┆ {self._table_class.__tablename__}.value[: :idx], 313┆ {self._table_class.__tablename__}.value[:idx+2:] 314┆ ) 315┆ WHERE key = :key; 316┆ """ 317┆ ) Taint comes from: 309┆ f""" 310┆ UPDATE {self._table_class.__tablename__} 311┆ SET value = array_cat( 312┆ {self._table_class.__tablename__}.value[: :idx], 313┆ {self._table_class.__tablename__}.value[:idx+2:] 314┆ ) 315┆ WHERE key = :key; 316┆ """ This is how taint reaches the sink: 308┆ stmt = text( 309┆ f""" 310┆ UPDATE {self._table_class.__tablename__} 311┆ SET value = array_cat( 312┆ {self._table_class.__tablename__}.value[: :idx], 313┆ {self._table_class.__tablename__}.value[:idx+2:] 314┆ ) 315┆ WHERE key = :key; 316┆ """ 317┆ ) ⋮┆---------------------------------------- 339┆ stmt = text( 340┆ f""" 341┆ UPDATE {self._table_class.__tablename__} 342┆ SET value = array_cat( 343┆ {self._table_class.__tablename__}.value[: :idx], 344┆ {self._table_class.__tablename__}.value[:idx+2:] 345┆ ) 346┆ WHERE key = :key; 347┆ """ 348┆ ) Taint comes from: 340┆ f""" 341┆ UPDATE {self._table_class.__tablename__} 342┆ SET value = array_cat( 343┆ {self._table_class.__tablename__}.value[: :idx], 344┆ {self._table_class.__tablename__}.value[:idx+2:] 345┆ ) 346┆ WHERE key = :key; 347┆ """ This is how taint reaches the sink: 339┆ stmt = text( 340┆ f""" 341┆ UPDATE {self._table_class.__tablename__} 342┆ SET value = array_cat( 343┆ {self._table_class.__tablename__}.value[: :idx], 344┆ {self._table_class.__tablename__}.value[:idx+2:] 345┆ ) 346┆ WHERE key = :key; 347┆ """ 348┆ ) ⋮┆---------------------------------------- 370┆ stmt = text( 371┆ f""" 372┆ UPDATE {self._table_class.__tablename__} 373┆ SET value = value[1:array_length(value, 1) - 1] 374┆ WHERE key = :key; 375┆ """ 376┆ ) Taint comes from: 371┆ f""" 372┆ UPDATE {self._table_class.__tablename__} 373┆ SET value = value[1:array_length(value, 1) - 1] 374┆ WHERE key = :key; 375┆ """ This is how taint reaches the sink: 370┆ stmt = text( 371┆ f""" 372┆ UPDATE {self._table_class.__tablename__} 373┆ SET value = value[1:array_length(value, 1) - 1] 374┆ WHERE key = :key; 375┆ """ 376┆ ) ⋮┆---------------------------------------- 397┆ stmt = text( 398┆ f""" 399┆ UPDATE {self._table_class.__tablename__} 400┆ SET value = value[1:array_length(value, 1) - 1] 401┆ WHERE key = :key; 402┆ """ 403┆ ) Taint comes from: 398┆ f""" 399┆ UPDATE {self._table_class.__tablename__} 400┆ SET value = value[1:array_length(value, 1) - 1] 401┆ WHERE key = :key; 402┆ """ This is how taint reaches the sink: 397┆ stmt = text( 398┆ f""" 399┆ UPDATE {self._table_class.__tablename__} 400┆ SET value = value[1:array_length(value, 1) - 1] 401┆ WHERE key = :key; 402┆ """ 403┆ ) llama-index-integrations\storage\kvstore\llama-index-storage-kvstore-duckdb\llama_index\storage\kvstore\duckdb\base.py0m ❯❱ python.lang.security.audit.formatted-sql-query.formatted-sql-query Detected possible formatted SQL query. Use parameterized queries instead. Details: https://sg.run/EkWw 149┆ conn.execute(f"SET home_directory='{home_dir}';") ❯❯❱ python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection. In order to execute raw query safely, prepared statement should be used. SQLAlchemy provides TextualSQL to easily used prepared statement with named parameters. For complex SQL composition, use SQL Expression Language or Schema Definition Language. In most cases, SQLAlchemy ORM will be a better option. Details: https://sg.run/2b1L 149┆ conn.execute(f"SET home_directory='{home_dir}';") ❯❱ python.lang.security.audit.formatted-sql-query.formatted-sql-query Detected possible formatted SQL query. Use parameterized queries instead. Details: https://sg.run/EkWw 154┆ conn.begin() 155┆ .execute(f""" 156┆ CREATE TABLE IF NOT EXISTS {table_name} ( 157┆ key VARCHAR, 158┆ collection VARCHAR, 159┆ value JSON, 160┆ PRIMARY KEY (key, collection) 161┆ ); 162┆ 163┆ CREATE INDEX IF NOT EXISTS collection_idx ON {table_name} (collection); [hid 1 additional lines, adjust with --max-lines-per-finding] ❯❯❱ python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection. In order to execute raw query safely, prepared statement should be used. SQLAlchemy provides TextualSQL to easily used prepared statement with named parameters. For complex SQL composition, use SQL Expression Language or Schema Definition Language. In most cases, SQLAlchemy ORM will be a better option. Details: https://sg.run/2b1L 154┆ conn.begin() 155┆ .execute(f""" 156┆ CREATE TABLE IF NOT EXISTS {table_name} ( 157┆ key VARCHAR, 158┆ collection VARCHAR, 159┆ value JSON, 160┆ PRIMARY KEY (key, collection) 161┆ ); 162┆ 163┆ CREATE INDEX IF NOT EXISTS collection_idx ON {table_name} (collection); [hid 1 additional lines, adjust with --max-lines-per-finding] ❯❱ python.lang.security.audit.formatted-sql-query.formatted-sql-query Detected possible formatted SQL query. Use parameterized queries instead. Details: https://sg.run/EkWw 330┆ _ = self.client.execute(command) ❯❯❱ python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection. In order to execute raw query safely, prepared statement should be used. SQLAlchemy provides TextualSQL to easily used prepared statement with named parameters. For complex SQL composition, use SQL Expression Language or Schema Definition Language. In most cases, SQLAlchemy ORM will be a better option. Details: https://sg.run/2b1L 330┆ _ = self.client.execute(command) llama-index-integrations\storage\kvstore\llama-index-storage-kvstore-postgres\llama_index\storage\kvstore\postgres\bas e.py ❯❯❱ python.sqlalchemy.security.audit.avoid-sqlalchemy-text.avoid-sqlalchemy-text sqlalchemy.text passes the constructed SQL statement to the database mostly unchanged. This means that the usual SQL injection protections are not applied and this function is vulnerable to SQL injection if user input can reach here. Use normal SQLAlchemy operators (such as `or_()`, `and_()`, etc.) to construct SQL. Details: https://sg.run/yP1O 222┆ check_schema_statement = text( 223┆ f"SELECT schema_name FROM information_schema.schemata WHERE schema_name = '{self.schema_name}'" 224┆ ) Taint comes from: 223┆ f"SELECT schema_name FROM information_schema.schemata WHERE schema_name = '{self.schema_name}'" This is how taint reaches the sink: 222┆ check_schema_statement = text( 223┆ f"SELECT schema_name FROM information_schema.schemata WHERE schema_name = '{self.schema_name}'" 224┆ ) ⋮┆---------------------------------------- 229┆ create_schema_statement = text( 230┆ f"CREATE SCHEMA IF NOT EXISTS {self.schema_name}" 231┆ ) Taint comes from: 230┆ f"CREATE SCHEMA IF NOT EXISTS {self.schema_name}" This is how taint reaches the sink: 229┆ create_schema_statement = text( 230┆ f"CREATE SCHEMA IF NOT EXISTS {self.schema_name}" 231┆ ) ⋮┆---------------------------------------- 303┆ stmt = text( 304┆ f""" 305┆ INSERT INTO {self.schema_name}.{self._table_class.__tablename__} (key, namespace, value) 306┆ VALUES {values_clause} 307┆ ON CONFLICT (key, namespace) 308┆ DO UPDATE SET 309┆ value = EXCLUDED.value; 310┆ """ 311┆ ) Taint comes from: 297┆ f"(:key_{i}, :namespace_{i}, :value_{i})" Taint flows through these intermediate variables: 296┆ values_clause = ", ".join( This is how taint reaches the sink: 303┆ stmt = text( 304┆ f""" 305┆ INSERT INTO {self.schema_name}.{self._table_class.__tablename__} (key, namespace, value) 306┆ VALUES {values_clause} 307┆ ON CONFLICT (key, namespace) 308┆ DO UPDATE SET 309┆ value = EXCLUDED.value; 310┆ """ 311┆ ) ⋮┆---------------------------------------- 345┆ stmt = text( 346┆ f""" 347┆ INSERT INTO {self.schema_name}.{self._table_class.__tablename__} (key, namespace, value) 348┆ VALUES {values_clause} 349┆ ON CONFLICT (key, namespace) 350┆ DO UPDATE SET 351┆ value = EXCLUDED.value; 352┆ """ 353┆ ) Taint comes from: 339┆ f"(:key_{i}, :namespace_{i}, :value_{i})" Taint flows through these intermediate variables: 338┆ values_clause = ", ".join( This is how taint reaches the sink: 345┆ stmt = text( 346┆ f""" 347┆ INSERT INTO {self.schema_name}.{self._table_class.__tablename__} (key, namespace, value) 348┆ VALUES {values_clause} 349┆ ON CONFLICT (key, namespace) 350┆ DO UPDATE SET 351┆ value = EXCLUDED.value; 352┆ """ 353┆ ) llama-index-integrations\tools\llama-index-tools-finance\llama_index\tools\finance\earnings.py ❯❯❱ trailofbits.python.lxml-in-pandas.lxml-in-pandas Found usage of the `$FLAVOR` library, which is vulnerable to attacks such as XML external entity (XXE) attacks Details: https://sg.run/1z1G 76┆ sp500 = pd.read_html( 77┆ "https://en.wikipedia.org/wiki/List_of_S%26P_500_companies" 78┆ )[0] llama-index-integrations\tools\llama-index-tools-wolfram-alpha\llama_index\tools\wolfram_alpha\base.py ❱ python.lang.security.audit.insecure-transport.requests.request-with-http.request-with-http Detected a request using 'http://'. This request will be unencrypted, and attackers could listen into traffic on the network and be able to obtain sensitive information. Use 'https://' instead. Details: https://sg.run/W8J4 34┆ QUERY_URL_TMPL.format( 35┆ app_id=self.token, query=urllib.parse.quote_plus(query) 36┆ ) Taint comes from: 9┆ QUERY_URL_TMPL = "http://api.wolframalpha.com/v1/result?appid={app_id}&i={query}" Taint flows through these intermediate variables: 9┆ QUERY_URL_TMPL = "http://api.wolframalpha.com/v1/result?appid={app_id}&i={query}" 9┆ QUERY_URL_TMPL = "http://api.wolframalpha.com/v1/result?appid={app_id}&i={query}" This is how taint reaches the sink: 34┆ QUERY_URL_TMPL.format( 35┆ app_id=self.token, query=urllib.parse.quote_plus(query) 36┆ ) llama-index-integrations\vector_stores\llama-index-vector-stores-clickhouse\docker-compose.yml ❯❱ yaml.docker-compose.security.no-new-privileges.no-new-privileges Service 'clickhouse' allows for privilege escalation via setuid or setgid binaries. Add 'no-new- privileges:true' in 'security_opt' to prevent this. Details: https://sg.run/0n8q 4┆ clickhouse: ❯❱ yaml.docker-compose.security.writable-filesystem-service.writable-filesystem-service Service 'clickhouse' is running with a writable root filesystem. This may allow malicious applications to download and run additional payloads, or modify container files. If an application inside a container has to save something temporarily consider using a tmpfs. Add 'read_only: true' to this service to prevent this. Details: https://sg.run/e4JE 4┆ clickhouse: llama-index-integrations\vector_stores\llama-index-vector-stores-db2\llama_index\vector_stores\db2\base.py ❯❱ python.lang.security.audit.formatted-sql-query.formatted-sql-query Detected possible formatted SQL query. Use parameterized queries instead. Details: https://sg.run/EkWw 124┆ cursor.execute(f"SELECT COUNT(*) FROM {table_name}") ❯❯❱ python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection. In order to execute raw query safely, prepared statement should be used. SQLAlchemy provides TextualSQL to easily used prepared statement with named parameters. For complex SQL composition, use SQL Expression Language or Schema Definition Language. In most cases, SQLAlchemy ORM will be a better option. Details: https://sg.run/2b1L 124┆ cursor.execute(f"SELECT COUNT(*) FROM {table_name}") ❯❱ python.lang.security.audit.formatted-sql-query.formatted-sql-query Detected possible formatted SQL query. Use parameterized queries instead. Details: https://sg.run/EkWw 171┆ cursor.execute(ddl) ❯❯❱ python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection. In order to execute raw query safely, prepared statement should be used. SQLAlchemy provides TextualSQL to easily used prepared statement with named parameters. For complex SQL composition, use SQL Expression Language or Schema Definition Language. In most cases, SQLAlchemy ORM will be a better option. Details: https://sg.run/2b1L 171┆ cursor.execute(ddl) ❯❱ python.lang.security.audit.formatted-sql-query.formatted-sql-query Detected possible formatted SQL query. Use parameterized queries instead. Details: https://sg.run/EkWw 186┆ cursor.execute(ddl) ❯❯❱ python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection. In order to execute raw query safely, prepared statement should be used. SQLAlchemy provides TextualSQL to easily used prepared statement with named parameters. For complex SQL composition, use SQL Expression Language or Schema Definition Language. In most cases, SQLAlchemy ORM will be a better option. Details: https://sg.run/2b1L 186┆ cursor.execute(ddl) ❯❱ python.lang.security.audit.formatted-sql-query.formatted-sql-query Detected possible formatted SQL query. Use parameterized queries instead. Details: https://sg.run/EkWw 336┆ cursor.execute(ddl) ❯❯❱ python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection. In order to execute raw query safely, prepared statement should be used. SQLAlchemy provides TextualSQL to easily used prepared statement with named parameters. For complex SQL composition, use SQL Expression Language or Schema Definition Language. In most cases, SQLAlchemy ORM will be a better option. Details: https://sg.run/2b1L 336┆ cursor.execute(ddl) llama-index-integrations\vector_stores\llama-index-vector-stores-deeplake\llama_index\vector_stores\deeplake\base.py ❯❱ python.lang.security.insecure-uuid-version.insecure-uuid-version Using UUID version 1 for UUID generation can lead to predictable UUIDs based on system information (e.g., MAC address, timestamp). This may lead to security risks such as the sandwich attack. Consider using `uuid.uuid4()` instead for better randomness and security. Details: https://sg.run/BYBgW ▶▶┆ Autofix ▶ uuid.uuid4() 97┆ else [str(uuid.uuid1()) for _ in range(len(text))] llama-index-integrations\vector_stores\llama-index-vector-stores-duckdb\llama_index\vector_stores\duckdb\base.py ❯❱ python.lang.security.audit.formatted-sql-query.formatted-sql-query Detected possible formatted SQL query. Use parameterized queries instead. Details: https://sg.run/EkWw 252┆ conn.execute(f"SET home_directory='{home_dir}';") ❯❯❱ python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection. In order to execute raw query safely, prepared statement should be used. SQLAlchemy provides TextualSQL to easily used prepared statement with named parameters. For complex SQL composition, use SQL Expression Language or Schema Definition Language. In most cases, SQLAlchemy ORM will be a better option. Details: https://sg.run/2b1L 252┆ conn.execute(f"SET home_directory='{home_dir}';") ❯❱ python.lang.security.audit.formatted-sql-query.formatted-sql-query Detected possible formatted SQL query. Use parameterized queries instead. Details: https://sg.run/EkWw 260┆ conn.begin().execute(f""" 261┆ CREATE TABLE IF NOT EXISTS {table_name} ( 262┆ node_id VARCHAR PRIMARY KEY, 263┆ text TEXT, 264┆ embedding {embedding_type}, 265┆ metadata_ JSON 266┆ ); 267┆ """).commit() ❯❯❱ python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection. In order to execute raw query safely, prepared statement should be used. SQLAlchemy provides TextualSQL to easily used prepared statement with named parameters. For complex SQL composition, use SQL Expression Language or Schema Definition Language. In most cases, SQLAlchemy ORM will be a better option. Details: https://sg.run/2b1L 260┆ conn.begin().execute(f""" 261┆ CREATE TABLE IF NOT EXISTS {table_name} ( 262┆ node_id VARCHAR PRIMARY KEY, 263┆ text TEXT, 264┆ embedding {embedding_type}, 265┆ metadata_ JSON 266┆ ); 267┆ """).commit() ❯❱ python.lang.security.audit.formatted-sql-query.formatted-sql-query Detected possible formatted SQL query. Use parameterized queries instead. Details: https://sg.run/EkWw 423┆ self.client.execute(command) ❯❯❱ python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection. In order to execute raw query safely, prepared statement should be used. SQLAlchemy provides TextualSQL to easily used prepared statement with named parameters. For complex SQL composition, use SQL Expression Language or Schema Definition Language. In most cases, SQLAlchemy ORM will be a better option. Details: https://sg.run/2b1L 423┆ self.client.execute(command) ❯❱ python.lang.security.audit.formatted-sql-query.formatted-sql-query Detected possible formatted SQL query. Use parameterized queries instead. Details: https://sg.run/EkWw 442┆ self.client.execute(command) ❯❯❱ python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection. In order to execute raw query safely, prepared statement should be used. SQLAlchemy provides TextualSQL to easily used prepared statement with named parameters. For complex SQL composition, use SQL Expression Language or Schema Definition Language. In most cases, SQLAlchemy ORM will be a better option. Details: https://sg.run/2b1L 442┆ self.client.execute(command) ❯❱ python.lang.security.audit.formatted-sql-query.formatted-sql-query Detected possible formatted SQL query. Use parameterized queries instead. Details: https://sg.run/EkWw 464┆ self.client.execute(command) ❯❯❱ python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection. In order to execute raw query safely, prepared statement should be used. SQLAlchemy provides TextualSQL to easily used prepared statement with named parameters. For complex SQL composition, use SQL Expression Language or Schema Definition Language. In most cases, SQLAlchemy ORM will be a better option. Details: https://sg.run/2b1L 464┆ self.client.execute(command) llama-index-integrations\vector_stores\llama-index-vector-stores-faiss\llama_index\vector_stores\faiss\map_store.py ❯❱ python.lang.security.audit.eval-detected.eval-detected Detected the use of eval(). eval() can be dangerous if used to evaluate dynamic content. If this content can be input from outside the program, this may be a code injection vulnerability. Ensure evaluated content is not definable by external sources. Details: https://sg.run/ZvrD 281┆ id_map = eval(f.read()) llama-index-integrations\vector_stores\llama-index-vector-stores-lantern\llama_index\vector_stores\lantern\base.py ❯❯❱ python.sqlalchemy.security.audit.avoid-sqlalchemy-text.avoid-sqlalchemy-text sqlalchemy.text passes the constructed SQL statement to the database mostly unchanged. This means that the usual SQL injection protections are not applied and this function is vulnerable to SQL injection if user input can reach here. Use normal SQLAlchemy operators (such as `or_()`, `and_()`, etc.) to construct SQL. Details: https://sg.run/yP1O 319┆ statement = text(f"CREATE SCHEMA IF NOT EXISTS {self.schema_name}") Taint comes from: 319┆ statement = text(f"CREATE SCHEMA IF NOT EXISTS {self.schema_name}") This is how taint reaches the sink: 319┆ statement = text(f"CREATE SCHEMA IF NOT EXISTS {self.schema_name}") ⋮┆---------------------------------------- 390┆ sqlalchemy.text(f"metadata_->>'{filter_.key}' = :{bind_parameter}") Taint comes from: 388┆ bind_parameter = f"value_{filter_.key}" Taint flows through these intermediate variables: 388┆ bind_parameter = f"value_{filter_.key}" This is how taint reaches the sink: 390┆ sqlalchemy.text(f"metadata_->>'{filter_.key}' = :{bind_parameter}") ⋮┆---------------------------------------- 416┆ session.execute(text(f"SET hnsw.init_k={limit}")) # always use index Taint comes from: 416┆ session.execute(text(f"SET hnsw.init_k={limit}")) # always use index This is how taint reaches the sink: 416┆ session.execute(text(f"SET hnsw.init_k={limit}")) # always use index ⋮┆---------------------------------------- 422┆ await session.execute(text(f"SET hnsw.init_k={limit}")) # always use index Taint comes from: 422┆ await session.execute(text(f"SET hnsw.init_k={limit}")) # always use index This is how taint reaches the sink: 422┆ await session.execute(text(f"SET hnsw.init_k={limit}")) # always use index ⋮┆---------------------------------------- 658┆ stmt = text( 659┆ f"DELETE FROM {self.schema_name}.data_{self.table_name} " 660┆ "WHERE (metadata_->>'doc_id')::text = :ref_doc_id" 661┆ ).bindparams(ref_doc_id=ref_doc_id) Taint comes from: 659┆ f"DELETE FROM {self.schema_name}.data_{self.table_name} " This is how taint reaches the sink: 658┆ stmt = text( 659┆ f"DELETE FROM {self.schema_name}.data_{self.table_name} " 660┆ "WHERE (metadata_->>'doc_id')::text = :ref_doc_id" 661┆ ).bindparams(ref_doc_id=ref_doc_id) llama-index-integrations\vector_stores\llama-index-vector-stores-mariadb\llama_index\vector_stores\mariadb\base.py ❯❯❱ python.sqlalchemy.security.audit.avoid-sqlalchemy-text.avoid-sqlalchemy-text sqlalchemy.text passes the constructed SQL statement to the database mostly unchanged. This means that the usual SQL injection protections are not applied and this function is vulnerable to SQL injection if user input can reach here. Use normal SQLAlchemy operators (such as `or_()`, `and_()`, etc.) to construct SQL. Details: https://sg.run/yP1O 231┆ connection.execute(sqlalchemy.text(stmt)) Taint comes from: 220┆ stmt = f""" 221┆ CREATE TABLE IF NOT EXISTS `{self.table_name}` ( 222┆ id SERIAL PRIMARY KEY, 223┆ node_id VARCHAR(255) NOT NULL, 224┆ text TEXT, 225┆ metadata JSON, 226┆ embedding VECTOR({self.embed_dim}) NOT NULL, 227┆ INDEX (`node_id`), 228┆ VECTOR INDEX (embedding) M={self.default_m} DISTANCE=cosine 229┆ ) [hid 1 additional lines, adjust with --max-lines-per-finding] Taint flows through these intermediate variables: 220┆ stmt = f""" This is how taint reaches the sink: 231┆ connection.execute(sqlalchemy.text(stmt)) ⋮┆---------------------------------------- 254┆ result = connection.execute(sqlalchemy.text(stmt), {"node_ids": node_ids}) Taint comes from: 251┆ stmt = f"""SELECT text, metadata FROM `{self.table_name}` WHERE node_id IN :node_ids""" Taint flows through these intermediate variables: 251┆ stmt = f"""SELECT text, metadata FROM `{self.table_name}` WHERE node_id IN :node_ids""" This is how taint reaches the sink: 254┆ result = connection.execute(sqlalchemy.text(stmt), {"node_ids": node_ids}) ⋮┆---------------------------------------- 288┆ stmt = sqlalchemy.text( 289┆ f""" 290┆ INSERT INTO `{self.table_name}` (node_id, text, embedding, metadata) 291┆ VALUES ( 292┆ :node_id, 293┆ :text, 294┆ VEC_FromText(:embedding), 295┆ :metadata 296┆ ) 297┆ """ [hid 1 additional lines, adjust with --max-lines-per-finding] Taint comes from: 289┆ f""" 290┆ INSERT INTO `{self.table_name}` (node_id, text, embedding, metadata) 291┆ VALUES ( 292┆ :node_id, 293┆ :text, 294┆ VEC_FromText(:embedding), 295┆ :metadata 296┆ ) 297┆ """ This is how taint reaches the sink: 288┆ stmt = sqlalchemy.text( 289┆ f""" 290┆ INSERT INTO `{self.table_name}` (node_id, text, embedding, metadata) 291┆ VALUES ( 292┆ :node_id, 293┆ :text, 294┆ VEC_FromText(:embedding), 295┆ :metadata 296┆ ) 297┆ """ [hid 1 additional lines, adjust with --max-lines-per-finding] ⋮┆---------------------------------------- 424┆ result = connection.execute(sqlalchemy.text(stmt)) Taint comes from: 404┆ stmt = f""" 405┆ SET STATEMENT mhnsw_ef_search={self.ef_search} FOR 406┆ SELECT 407┆ node_id, 408┆ text, 409┆ embedding, 410┆ metadata, 411┆ VEC_DISTANCE_COSINE(embedding, VEC_FromText('{query.query_embedding}')) AS distance 412┆ FROM `{self.table_name}`""" Taint flows through these intermediate variables: 404┆ stmt = f""" This is how taint reaches the sink: 424┆ result = connection.execute(sqlalchemy.text(stmt)) ⋮┆---------------------------------------- 445┆ connection.execute(sqlalchemy.text(stmt), {"doc_id": ref_doc_id}) Taint comes from: 444┆ stmt = f"""DELETE FROM `{self.table_name}` WHERE JSON_EXTRACT(metadata, '$.ref_doc_id') = :doc_id""" Taint flows through these intermediate variables: 444┆ stmt = f"""DELETE FROM `{self.table_name}` WHERE JSON_EXTRACT(metadata, '$.ref_doc_id') = :doc_id""" This is how taint reaches the sink: 445┆ connection.execute(sqlalchemy.text(stmt), {"doc_id": ref_doc_id}) ⋮┆---------------------------------------- 459┆ connection.execute(sqlalchemy.text(stmt), {"node_ids": node_ids}) Taint comes from: 458┆ stmt = f"""DELETE FROM `{self.table_name}` WHERE node_id IN :node_ids""" Taint flows through these intermediate variables: 458┆ stmt = f"""DELETE FROM `{self.table_name}` WHERE node_id IN :node_ids""" This is how taint reaches the sink: 459┆ connection.execute(sqlalchemy.text(stmt), {"node_ids": node_ids}) ⋮┆---------------------------------------- 468┆ result = connection.execute(sqlalchemy.text(stmt)) Taint comes from: 467┆ stmt = f"""SELECT COUNT(*) FROM `{self.table_name}`""" Taint flows through these intermediate variables: 467┆ stmt = f"""SELECT COUNT(*) FROM `{self.table_name}`""" This is how taint reaches the sink: 468┆ result = connection.execute(sqlalchemy.text(stmt)) ⋮┆---------------------------------------- 477┆ connection.execute(sqlalchemy.text(stmt)) Taint comes from: 476┆ stmt = f"""DROP TABLE IF EXISTS `{self.table_name}`""" Taint flows through these intermediate variables: 476┆ stmt = f"""DROP TABLE IF EXISTS `{self.table_name}`""" This is how taint reaches the sink: 477┆ connection.execute(sqlalchemy.text(stmt)) ⋮┆---------------------------------------- 488┆ connection.execute(sqlalchemy.text(stmt)) Taint comes from: 487┆ stmt = f"""DELETE FROM `{self.table_name}`""" Taint flows through these intermediate variables: 487┆ stmt = f"""DELETE FROM `{self.table_name}`""" This is how taint reaches the sink: 488┆ connection.execute(sqlalchemy.text(stmt)) llama-index-integrations\vector_stores\llama-index-vector-stores-nile\llama_index\vector_stores\nile\base.py ❯❯❱ python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection. In order to execute raw query safely, prepared statement should be used. SQLAlchemy provides TextualSQL to easily used prepared statement with named parameters. For complex SQL composition, use SQL Expression Language or Schema Definition Language. In most cases, SQLAlchemy ORM will be a better option. Details: https://sg.run/2b1L 91┆ cursor.execute(query) ⋮┆---------------------------------------- 102┆ cursor.execute(query) ⋮┆---------------------------------------- 175┆ cursor.execute( 176┆ query, 177┆ { 178┆ "tenant_id": row[0], 179┆ "metadata": json.dumps(row[1]), 180┆ "content": row[2], 181┆ "embedding": row[3], 182┆ }, 183┆ ) ⋮┆---------------------------------------- 190┆ cursor.execute( 191┆ query, 192┆ { 193┆ "metadata": json.dumps(row[0]), 194┆ "content": row[1], 195┆ "embedding": row[2], 196┆ }, 197┆ ) ⋮┆---------------------------------------- 224┆ cursor.execute( 225┆ sql.SQL(""" set local nile.tenant_id = {} """).format( 226┆ sql.Literal(tenant_id) 227┆ ) 228┆ ) ⋮┆---------------------------------------- 350┆ cursor.execute( 351┆ sql.SQL("""SET ivfflat.probes = {}""").format( 352┆ sql.Literal(ivfflat_probes) 353┆ ) 354┆ ) ⋮┆---------------------------------------- 356┆ cursor.execute( 357┆ sql.SQL("""SET hnsw.ef_search = {}""").format( 358┆ sql.Literal(hnsw_ef_search) 359┆ ) 360┆ ) ⋮┆---------------------------------------- 382┆ cursor.execute(query, query_params) ⋮┆---------------------------------------- 493┆ cursor.execute(query) ⋮┆---------------------------------------- 517┆ cursor.execute(query) ⋮┆---------------------------------------- 535┆ cursor.execute(query) ⋮┆---------------------------------------- 547┆ cursor.execute( 548┆ sql.SQL( 549┆ "DELETE FROM {} WHERE metadata->>'doc_id' = %(ref_doc_id)s" 550┆ ).format(sql.Identifier(self.table_name)), 551┆ {"ref_doc_id": ref_doc_id}, 552┆ ) ⋮┆---------------------------------------- 564┆ cursor.execute( 565┆ sql.SQL( 566┆ "DELETE FROM {} WHERE metadata->>'doc_id' = %(ref_doc_id)s" 567┆ ).format(sql.Identifier(self.table_name)), 568┆ {"ref_doc_id": ref_doc_id}, 569┆ ) llama-index-integrations\vector_stores\llama-index-vector-stores-oceanbase\llama_index\vector_stores\oceanbase\base.py0m ❯❯❱ python.sqlalchemy.security.audit.avoid-sqlalchemy-text.avoid-sqlalchemy-text sqlalchemy.text passes the constructed SQL statement to the database mostly unchanged. This means that the usual SQL injection protections are not applied and this function is vulnerable to SQL injection if user input can reach here. Use normal SQLAlchemy operators (such as `or_()`, `and_()`, etc.) to construct SQL. Details: https://sg.run/yP1O 440┆ where_clause=[text(f"{self._doc_id_field}='{ref_doc_id}'")], Taint comes from: 440┆ where_clause=[text(f"{self._doc_id_field}='{ref_doc_id}'")], This is how taint reaches the sink: 440┆ where_clause=[text(f"{self._doc_id_field}='{ref_doc_id}'")], llama-index-integrations\vector_stores\llama-index-vector-stores-openGauss\llama_index\vector_stores\openGauss\base.py0m ❯❯❱ python.sqlalchemy.security.audit.avoid-sqlalchemy-text.avoid-sqlalchemy-text sqlalchemy.text passes the constructed SQL statement to the database mostly unchanged. This means that the usual SQL injection protections are not applied and this function is vulnerable to SQL injection if user input can reach here. Use normal SQLAlchemy operators (such as `or_()`, `and_()`, etc.) to construct SQL. Details: https://sg.run/yP1O 398┆ text(f"SET ivfflat_probes = :ivfflat_probes"), Taint comes from: 398┆ text(f"SET ivfflat_probes = :ivfflat_probes"), This is how taint reaches the sink: 398┆ text(f"SET ivfflat_probes = :ivfflat_probes"), ⋮┆---------------------------------------- 406┆ text(f"SET hnsw_ef_search = :hnsw_ef_search"), Taint comes from: 406┆ text(f"SET hnsw_ef_search = :hnsw_ef_search"), This is how taint reaches the sink: 406┆ text(f"SET hnsw_ef_search = :hnsw_ef_search"), ⋮┆---------------------------------------- 439┆ text(f"SET hnsw_ef_search = {hnsw_ef_search}"), Taint comes from: 439┆ text(f"SET hnsw_ef_search = {hnsw_ef_search}"), This is how taint reaches the sink: 439┆ text(f"SET hnsw_ef_search = {hnsw_ef_search}"), ⋮┆---------------------------------------- 444┆ text(f"SET ivfflat_probes = :ivfflat_probes"), Taint comes from: 444┆ text(f"SET ivfflat_probes = :ivfflat_probes"), This is how taint reaches the sink: 444┆ text(f"SET ivfflat_probes = :ivfflat_probes"), llama-index-integrations\vector_stores\llama-index-vector-stores-oracledb\llama_index\vector_stores\oracledb\base.py ❯❱ python.lang.security.audit.formatted-sql-query.formatted-sql-query Detected possible formatted SQL query. Use parameterized queries instead. Details: https://sg.run/EkWw 130┆ cursor.execute(f"SELECT COUNT(*) FROM {table_name}") ❯❯❱ python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection. In order to execute raw query safely, prepared statement should be used. SQLAlchemy provides TextualSQL to easily used prepared statement with named parameters. For complex SQL composition, use SQL Expression Language or Schema Definition Language. In most cases, SQLAlchemy ORM will be a better option. Details: https://sg.run/2b1L 130┆ cursor.execute(f"SELECT COUNT(*) FROM {table_name}") ❯❱ python.lang.security.audit.formatted-sql-query.formatted-sql-query Detected possible formatted SQL query. Use parameterized queries instead. Details: https://sg.run/EkWw 190┆ cursor.execute(ddl) ❯❯❱ python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection. In order to execute raw query safely, prepared statement should be used. SQLAlchemy provides TextualSQL to easily used prepared statement with named parameters. For complex SQL composition, use SQL Expression Language or Schema Definition Language. In most cases, SQLAlchemy ORM will be a better option. Details: https://sg.run/2b1L 190┆ cursor.execute(ddl) ⋮┆---------------------------------------- 297┆ cursor.execute(ddl) ⋮┆---------------------------------------- 346┆ cursor.execute(ddl) ❯❱ python.lang.security.audit.formatted-sql-query.formatted-sql-query Detected possible formatted SQL query. Use parameterized queries instead. Details: https://sg.run/EkWw 358┆ cursor.execute(ddl) ❯❯❱ python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection. In order to execute raw query safely, prepared statement should be used. SQLAlchemy provides TextualSQL to easily used prepared statement with named parameters. For complex SQL composition, use SQL Expression Language or Schema Definition Language. In most cases, SQLAlchemy ORM will be a better option. Details: https://sg.run/2b1L 358┆ cursor.execute(ddl) ❯❱ python.lang.security.audit.formatted-sql-query.formatted-sql-query Detected possible formatted SQL query. Use parameterized queries instead. Details: https://sg.run/EkWw 369┆ cursor.execute(drop_query) ❯❯❱ python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection. In order to execute raw query safely, prepared statement should be used. SQLAlchemy provides TextualSQL to easily used prepared statement with named parameters. For complex SQL composition, use SQL Expression Language or Schema Definition Language. In most cases, SQLAlchemy ORM will be a better option. Details: https://sg.run/2b1L 369┆ cursor.execute(drop_query) ⋮┆---------------------------------------- 551┆ cursor.execute(ddl, [ref_doc_id]) llama-index-integrations\vector_stores\llama-index-vector-stores-postgres\llama_index\vector_stores\postgres\base.py ❯❯❱ python.sqlalchemy.security.audit.avoid-sqlalchemy-text.avoid-sqlalchemy-text sqlalchemy.text passes the constructed SQL statement to the database mostly unchanged. This means that the usual SQL injection protections are not applied and this function is vulnerable to SQL injection if user input can reach here. Use normal SQLAlchemy operators (such as `or_()`, `and_()`, etc.) to construct SQL. Details: https://sg.run/yP1O 490┆ check_schema_statement = sqlalchemy.text( 491┆ f"SELECT schema_name FROM information_schema.schemata WHERE schema_name = :schema_name" 492┆ ).bindparams(schema_name=self.schema_name) Taint comes from: 491┆ f"SELECT schema_name FROM information_schema.schemata WHERE schema_name = :schema_name" This is how taint reaches the sink: 490┆ check_schema_statement = sqlalchemy.text( 491┆ f"SELECT schema_name FROM information_schema.schemata WHERE schema_name = :schema_name" 492┆ ).bindparams(schema_name=self.schema_name) ⋮┆---------------------------------------- 498┆ create_schema_statement = sqlalchemy.text( 499┆ # DDL won't tolerate quoted string literal here for schema_name, 500┆ # so use a format string to embed the schema_name directly, instead of a param. 501┆ f"CREATE SCHEMA IF NOT EXISTS {self.schema_name}" 502┆ ) Taint comes from: 501┆ f"CREATE SCHEMA IF NOT EXISTS {self.schema_name}" This is how taint reaches the sink: 498┆ create_schema_statement = sqlalchemy.text( 499┆ # DDL won't tolerate quoted string literal here for schema_name, 500┆ # so use a format string to embed the schema_name directly, instead of a param. 501┆ f"CREATE SCHEMA IF NOT EXISTS {self.schema_name}" 502┆ ) ⋮┆---------------------------------------- 547┆ statement = sqlalchemy.text( 548┆ f"CREATE INDEX IF NOT EXISTS {index_name} " 549┆ f"ON {self.schema_name}.{self._table_class.__tablename__} " 550┆ f"USING hnsw (embedding {hnsw_dist_method}) " 551┆ f"WITH (m = {hnsw_m}, ef_construction = {hnsw_ef_construction})" 552┆ ) Taint comes from: 544┆ index_name = f"{self._table_class.__tablename__}_embedding_idx" Taint flows through these intermediate variables: 544┆ index_name = f"{self._table_class.__tablename__}_embedding_idx" This is how taint reaches the sink: 547┆ statement = sqlalchemy.text( 548┆ f"CREATE INDEX IF NOT EXISTS {index_name} " 549┆ f"ON {self.schema_name}.{self._table_class.__tablename__} " 550┆ f"USING hnsw (embedding {hnsw_dist_method}) " 551┆ f"WITH (m = {hnsw_m}, ef_construction = {hnsw_ef_construction})" 552┆ ) ⋮┆---------------------------------------- 665┆ return text( 666┆ f"metadata_->>'{filter_.key}' " 667┆ f"{self._to_postgres_operator(filter_.operator)} " 668┆ f"({filter_value})" 669┆ ) Taint comes from: 663┆ filter_value = ", ".join(f"'{e}'" for e in filter_.value) Taint flows through these intermediate variables: 663┆ filter_value = ", ".join(f"'{e}'" for e in filter_.value) This is how taint reaches the sink: 665┆ return text( 666┆ f"metadata_->>'{filter_.key}' " 667┆ f"{self._to_postgres_operator(filter_.operator)} " 668┆ f"({filter_value})" 669┆ ) ⋮┆---------------------------------------- 676┆ return text( 677┆ f"metadata_::jsonb->'{filter_.key}' " 678┆ f"{self._to_postgres_operator(filter_.operator)} " 679┆ f"array[{filter_value}]" 680┆ ) Taint comes from: 674┆ filter_value = ", ".join(f"'{e}'" for e in filter_.value) Taint flows through these intermediate variables: 674┆ filter_value = ", ".join(f"'{e}'" for e in filter_.value) This is how taint reaches the sink: 676┆ return text( 677┆ f"metadata_::jsonb->'{filter_.key}' " 678┆ f"{self._to_postgres_operator(filter_.operator)} " 679┆ f"array[{filter_value}]" 680┆ ) ⋮┆---------------------------------------- 683┆ return text( 684┆ f"metadata_::jsonb->'{filter_.key}' " 685┆ f"{self._to_postgres_operator(filter_.operator)} " 686┆ f"'[\"{filter_.value}\"]'" 687┆ ) Taint comes from: 684┆ f"metadata_::jsonb->'{filter_.key}' " This is how taint reaches the sink: 683┆ return text( 684┆ f"metadata_::jsonb->'{filter_.key}' " 685┆ f"{self._to_postgres_operator(filter_.operator)} " 686┆ f"'[\"{filter_.value}\"]'" 687┆ ) ⋮┆---------------------------------------- 693┆ return text( 694┆ f"metadata_->>'{filter_.key}' " 695┆ f"{self._to_postgres_operator(filter_.operator)} " 696┆ f"'%{filter_.value}%'" 697┆ ) Taint comes from: 694┆ f"metadata_->>'{filter_.key}' " This is how taint reaches the sink: 693┆ return text( 694┆ f"metadata_->>'{filter_.key}' " 695┆ f"{self._to_postgres_operator(filter_.operator)} " 696┆ f"'%{filter_.value}%'" 697┆ ) ⋮┆---------------------------------------- 700┆ return text( 701┆ f"metadata_->>'{filter_.key}' " 702┆ f"{self._to_postgres_operator(filter_.operator)}" 703┆ ) Taint comes from: 701┆ f"metadata_->>'{filter_.key}' " This is how taint reaches the sink: 700┆ return text( 701┆ f"metadata_->>'{filter_.key}' " 702┆ f"{self._to_postgres_operator(filter_.operator)}" 703┆ ) ⋮┆---------------------------------------- 708┆ return text( 709┆ f"(metadata_->>'{filter_.key}')::float " 710┆ f"{self._to_postgres_operator(filter_.operator)} " 711┆ f"{float(filter_.value)}" 712┆ ) Taint comes from: 709┆ f"(metadata_->>'{filter_.key}')::float " This is how taint reaches the sink: 708┆ return text( 709┆ f"(metadata_->>'{filter_.key}')::float " 710┆ f"{self._to_postgres_operator(filter_.operator)} " 711┆ f"{float(filter_.value)}" 712┆ ) ⋮┆---------------------------------------- 715┆ return text( 716┆ f"metadata_->>'{filter_.key}' " 717┆ f"{self._to_postgres_operator(filter_.operator)} " 718┆ f"'{filter_.value}'" 719┆ ) Taint comes from: 716┆ f"metadata_->>'{filter_.key}' " This is how taint reaches the sink: 715┆ return text( 716┆ f"metadata_->>'{filter_.key}' " 717┆ f"{self._to_postgres_operator(filter_.operator)} " 718┆ f"'{filter_.value}'" 719┆ ) ⋮┆---------------------------------------- 793┆ text(f"SET ivfflat.probes = :ivfflat_probes"), Taint comes from: 793┆ text(f"SET ivfflat.probes = :ivfflat_probes"), This is how taint reaches the sink: 793┆ text(f"SET ivfflat.probes = :ivfflat_probes"), ⋮┆---------------------------------------- 801┆ text(f"SET hnsw.ef_search = :hnsw_ef_search"), Taint comes from: 801┆ text(f"SET hnsw.ef_search = :hnsw_ef_search"), This is how taint reaches the sink: 801┆ text(f"SET hnsw.ef_search = :hnsw_ef_search"), ⋮┆---------------------------------------- 834┆ text(f"SET hnsw.ef_search = {hnsw_ef_search}"), Taint comes from: 834┆ text(f"SET hnsw.ef_search = {hnsw_ef_search}"), This is how taint reaches the sink: 834┆ text(f"SET hnsw.ef_search = {hnsw_ef_search}"), ⋮┆---------------------------------------- 839┆ text(f"SET ivfflat.probes = :ivfflat_probes"), Taint comes from: 839┆ text(f"SET ivfflat.probes = :ivfflat_probes"), This is how taint reaches the sink: 839┆ text(f"SET ivfflat.probes = :ivfflat_probes"), llama-index-integrations\vector_stores\llama-index-vector-stores-relyt\llama_index\vector_stores\relyt\base.py ❯❯❱ python.sqlalchemy.security.audit.avoid-sqlalchemy-text.avoid-sqlalchemy-text sqlalchemy.text passes the constructed SQL statement to the database mostly unchanged. This means that the usual SQL injection protections are not applied and this function is vulnerable to SQL injection if user input can reach here. Use normal SQLAlchemy operators (such as `or_()`, `and_()`, etc.) to construct SQL. Details: https://sg.run/yP1O 79┆ index_query = text( 80┆ f""" 81┆ SELECT 1 82┆ FROM pg_indexes 83┆ WHERE indexname = '{index_name}'; 84┆ """ 85┆ ) Taint comes from: 76┆ index_name = f"idx_{self._collection_name}_embedding" Taint flows through these intermediate variables: 76┆ index_name = f"idx_{self._collection_name}_embedding" This is how taint reaches the sink: 79┆ index_query = text( 80┆ f""" 81┆ SELECT 1 82┆ FROM pg_indexes 83┆ WHERE indexname = '{index_name}'; 84┆ """ 85┆ ) ⋮┆---------------------------------------- 88┆ index_statement = text( 89┆ f""" 90┆ CREATE INDEX {index_name} 91┆ ON collection_{self._collection_name} 92┆ USING vectors (embedding vector_l2_ops) 93┆ WITH (options = $$ 94┆ optimizing.optimizing_threads = 30 95┆ segment.max_growing_segment_size = 2000 96┆ segment.max_sealed_segment_size = 30000000 97┆ [indexing.hnsw] [hid 5 additional lines, adjust with --max-lines-per-finding] Taint comes from: 76┆ index_name = f"idx_{self._collection_name}_embedding" Taint flows through these intermediate variables: 76┆ index_name = f"idx_{self._collection_name}_embedding" This is how taint reaches the sink: 88┆ index_statement = text( 89┆ f""" 90┆ CREATE INDEX {index_name} 91┆ ON collection_{self._collection_name} 92┆ USING vectors (embedding vector_l2_ops) 93┆ WITH (options = $$ 94┆ optimizing.optimizing_threads = 30 95┆ segment.max_growing_segment_size = 2000 96┆ segment.max_sealed_segment_size = 30000000 97┆ [indexing.hnsw] [hid 5 additional lines, adjust with --max-lines-per-finding] llama-index-integrations\vector_stores\llama-index-vector-stores-singlestoredb\llama_index\vector_stores\singlestoredb \base.py ❯❱ python.lang.security.audit.formatted-sql-query.formatted-sql-query Detected possible formatted SQL query. Use parameterized queries instead. Details: https://sg.run/EkWw 164┆ cur.execute( 165┆ f"""CREATE TABLE IF NOT EXISTS {self.table_name} 166┆ ({self.content_field} TEXT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci, 167┆ {self.vector_field} BLOB, {self.metadata_field} JSON);""" 168┆ ) ❯❯❱ python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection. In order to execute raw query safely, prepared statement should be used. SQLAlchemy provides TextualSQL to easily used prepared statement with named parameters. For complex SQL composition, use SQL Expression Language or Schema Definition Language. In most cases, SQLAlchemy ORM will be a better option. Details: https://sg.run/2b1L 164┆ cur.execute( 165┆ f"""CREATE TABLE IF NOT EXISTS {self.table_name} 166┆ ({self.content_field} TEXT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci, 167┆ {self.vector_field} BLOB, {self.metadata_field} JSON);""" 168┆ ) ⋮┆---------------------------------------- 196┆ cursor.execute( 197┆ insert_query, 198┆ ( 199┆ node.get_content(metadata_mode=MetadataMode.NONE) or "", 200┆ "[{}]".format(",".join(map(str, embedding))), 201┆ json.dumps(metadata), 202┆ ), 203┆ ) ⋮┆---------------------------------------- 224┆ cursor.execute(delete_query, (json.dumps(ref_doc_id),)) llama-index-integrations\vector_stores\llama-index-vector-stores-timescalevector\llama_index\vector_stores\timescaleve ctor\base.py ❯❱ python.lang.security.insecure-uuid-version.insecure-uuid-version Using UUID version 1 for UUID generation can lead to predictable UUIDs based on system information (e.g., MAC address, timestamp). This may lead to security risks such as the sandwich attack. Consider using `uuid.uuid4()` instead for better randomness and security. Details: https://sg.run/BYBgW ▶▶┆ Autofix ▶ uuid.uuid4() 152┆ id = str(uuid.uuid1()) ⋮┆---------------------------------------- ▶▶┆ Autofix ▶ uuid.uuid4() 154┆ id = str(uuid.uuid1()) llama-index-integrations\vector_stores\llama-index-vector-stores-txtai\llama_index\vector_stores\txtai\base.py ❯❱ python.lang.security.deserialization.pickle.avoid-pickle Avoid using `pickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data as JSON or a similar text-based serialization format. Details: https://sg.run/OPwB 126┆ config = json.load(f) if jsonconfig else pickle.load(f) ⋮┆---------------------------------------- 201┆ pickle.dump(self._txtai_index.config, f, protocol=__pickle__) llama-index-packs\llama-index-packs-panel-chatbot\llama_index\packs\panel_chatbot\app.py ❯❱ python.lang.security.deserialization.pickle.avoid-pickle Avoid using `pickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data as JSON or a similar text-based serialization format. Details: https://sg.run/OPwB 195┆ return pickle.load(f) ⋮┆---------------------------------------- 201┆ pickle.dump(docs, f, pickle.HIGHEST_PROTOCOL) ⋮┆---------------------------------------- 217┆ return pickle.load(f) ⋮┆---------------------------------------- 223┆ pickle.dump(index, f, pickle.HIGHEST_PROTOCOL) llama-index-packs\llama-index-packs-recursive-retriever\llama_index\packs\recursive_retriever\embedded_tables_unstruct ured\base.py ❯❱ python.lang.security.deserialization.pickle.avoid-pickle Avoid using `pickle`, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data as JSON or a similar text-based serialization format. Details: https://sg.run/OPwB 41┆ pickle.dump(raw_nodes, open(nodes_save_path, "wb")) ⋮┆---------------------------------------- 43┆ raw_nodes = pickle.load(open(nodes_save_path, "rb"))