Skip to content
Open
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
32 changes: 32 additions & 0 deletions Calculator_GUI/sample.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
"""Intentionally insecure sample used to exercise Rudra's detectors.
Do NOT copy any of this into real code."""
import os
import pickle

import openai
from flask import request
from langchain.agents import load_tools
from langchain_experimental.tools import PythonREPLTool

openai.api_key = "sk-proj-AbC123DeF456ghi789JkL012mno345PqR" # LLM02: hardcoded key

Check failure

Code scanning / Rudra

Hardcoded OpenAI API key Error

[LLM02:2025] A live-looking provider credential is committed in source. Anyone with repo access (or a leak) can run up cost and access your data. Remediation: Remove the key, rotate it immediately, and load it from an environment variable or secrets manager. Add a pre-commit secret scanner.
(Rudra score 8.6/10, confidence 0.95)


def summarize():
user_text = request.args.get("q") # untrusted input
resp = openai.chat.completions.create( # LLM10: no max_tokens
model="gpt-4o",
messages=[{"role": "user", "content": f"Summarize: {user_text}"}], # LLM01
)
code = resp.choices[0].message.content
return eval(code) # LLM05: output -> eval


def load_model(path):
with open(path, "rb") as fh:
return pickle.load(fh) # LLM04: unsafe deserialize

Check failure

Code scanning / Rudra

Unsafe deserialization of a model/artifact Error

[LLM04:2025] pickle/dill executes arbitrary code on load. A poisoned model or cache file becomes code execution the moment it is loaded. Remediation: Load model weights with safetensors or torch.load(..., weights_only=True). Never unpickle data from an untrusted or network source.
(Rudra score 6.8/10, confidence 0.9)


def build_agent(llm):
tools = load_tools(["terminal", "llm-math"]) # LLM06: dangerous tool

Check failure

Code scanning / Rudra

Agent loads dangerous tools: terminal Error

[LLM06:2025] These tools give the agent shell/HTTP/code capabilities exploitable via injection. Remediation: Drop the dangerous tools or replace with narrowly-scoped, audited equivalents.
(Rudra score 6.1/10, confidence 0.8)
repl = PythonREPLTool() # LLM06: code execution

Check failure

Code scanning / Rudra

Agent granted a high-privilege tool (PythonREPLTool) Error

[LLM06:2025] The agent can execute shell/Python. Combined with prompt injection this is remote code execution with the app's privileges. Remediation: Remove code/shell execution tools, or sandbox them and require human approval for each invocation. Apply least privilege to the tool set.
(Rudra score 6.1/10, confidence 0.8)
return tools, repl
Loading