subprocess module call
Medium
- Category
- Dangerous Code Execution
- Content
result['status'] = 'already-in-inbox' else: cmd = ['clawhub', 'install', args.skill_name, '--workdir', str(INBOX), '--force'] proc = subprocess.run(cmd, text=True, capture_output=True) result['downloaded'] = proc.returncode == 0 result['status'] = 'downloaded-to-inbox' if proc.returncode == 0 else 'download-failed' result['note'] = (proc.stdout + '\n' + proc.stderr).strip()[:4000]- Confidence
- 95% confidence
- Finding
- proc = subprocess.run(cmd, text=True, capture_output=True)
