Tainted flow: 'req' from os.getenv (line 551, credential/environment) → urllib.request.urlopen (network output)
Critical
- Category
- Data Flow
- Content
headers={"Content-Type": "application/json"}, method="POST", ) with urllib.request.urlopen(req, timeout=60) as r: return json.loads(r.read().decode())["message"]["content"].strip() except Exception as exc:- Confidence
- 98% confidence
- Finding
- with urllib.request.urlopen(req, timeout=60) as r:
