networkx
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMREMOTE_CODE_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [REMOTE_CODE_EXECUTION] (MEDIUM): Unsafe deserialization using the Python
picklemodule. - Evidence: In
references/io.md, code snippets demonstrate loading graphs usingpickle.load(f)andnx.read_gpickle('graph.gpickle'). - Detail: The
picklemodule is inherently insecure. If an agent follows these examples to process a file provided by an untrusted user, it could lead to arbitrary code execution (RCE) on the host environment. Modern security practices discourage the use of pickle for data exchange. - [DATA_EXFILTRATION] (LOW): Broad data ingestion surface from external files and databases.
- Evidence:
references/io.mdprovides detailed instructions for reading data from CSV, SQL databases, GraphML, GML, and other formats. - Detail: While these are standard features of the library, they define a wide attack surface for Indirect Prompt Injection. If an agent processes maliciously crafted graph files (e.g., node attributes containing instructions), it could be manipulated into exfiltrating data or performing unintended actions.
Audit Metadata