subprocess module call
Medium
- Category
- Dangerous Code Execution
- Content
"""执行 mcporter 命令""" args_json = json.dumps(args_dict, ensure_ascii=False) cmd = f'{MCPORTER_PATH} call wecom-doc.{command} --args \'{args_json}\' --output json' result = subprocess.run(cmd, shell=True, capture_output=True, text=True) if result.returncode != 0: print(f"Error running mcporter: {result.stderr}")- Confidence
- 98% confidence
- Finding
- result = subprocess.run(cmd, shell=True, capture_output=True, text=True)
