Tainted flow: 'req' from os.environ.get (line 180, credential/environment) → urllib.request.urlopen (network output)
Critical
- Category
- Data Flow
- Content
req.add_header("X-Skill-Id", SKILL_ID) try: with urllib.request.urlopen(req, timeout=timeout) as resp: raw = resp.read().decode("utf-8") except urllib.error.HTTPError as e: body_text = e.read().decode("utf-8", errors="replace")- Confidence
- 95% confidence
- Finding
- with urllib.request.urlopen(req, timeout=timeout) as resp:
