Tainted flow: 'code' from os.environ.get (line 336, credential/environment) → pathlib.Path.write_text (file write)
Medium
- Category
- Data Flow
- Content
def _write_state_file(self, code: str, token: str): """Write code to state file for shell script compatibility.""" state_path = Path(self.config.state_dir) / "pending" state_path.write_text(code) os.chmod(state_path, 0o600) def _cleanup_state_file(self, token: str):- Confidence
- 90% confidence
- Finding
- state_path.write_text(code)
