Tainted flow: 'headers' from os.environ.get (line 105, credential/environment) → requests.post (network output)
Critical
- Category
- Data Flow
- Content
headers = make_auth_headers(access_key_id, access_key_secret) try: payload = {"mp3": mp3, "mp4": mp4, "text": text} resp = requests.post( API_ENDPOINT.rstrip("/") + "/skill/api/submit", json=payload, headers=headers,- Confidence
- 94% confidence
- Finding
- resp = requests.post( API_ENDPOINT.rstrip("/") + "/skill/api/submit", json=payload, headers=headers, timeout=999999,
