The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The function get_dataset in references/func.py utilizes pd.read_pickle to load input data. As the file path is specified by user input, this allows for arbitrary code execution if a specially crafted pickle file is processed.
[REMOTE_CODE_EXECUTION]: The script scripts/example.py dynamically modifies sys.path to include several parent directories. This behavior can be exploited to achieve local code execution if an attacker can introduce malicious modules into the search paths.

datanalysis-credit-risk