viking-knowledgebase

This script is a small CLI client that sends a user query and environment-provided credentials to a knowledge-base API and prints the results. I found no clear signs of malware (no exec/eval, no shells, no filesystem damage, no obfuscated payload). The principal security issue is transport-layer insecurity: the code transmits the Authorization bearer token and request body over plaintext HTTP, which can leak credentials and query data to network adversaries. Additional issues: mixing an SDK Request object with requests.request (potentially losing configured timeouts), lack of explicit request timeouts on requests.request, and minimal error handling. Recommended mitigations: switch to HTTPS, do not set or send sensitive tokens over unencrypted channels, pass proper timeout parameters to requests.request, and validate/limit printed remote content. Treat this module as functional but moderate security risk due to plaintext credential transmission.