ShishirPatil
commented
6 months ago Thanks for raising this @mbalunovic! If you want to go ahead and raise a PR we'd be happy to welcome you as a contributor :)
Open mbalunovic opened 6 months ago
ShishirPatil
commented
6 months ago Thanks for raising this @mbalunovic! If you want to go ahead and raise a PR we'd be happy to welcome you as a contributor :)
Note that pickle is not secure (see https://docs.python.org/3/library/pickle.html) and can lead to remote code execution:
https://github.com/ShishirPatil/gorilla/blob/a3e7b2c2a65a4d21c44a144b8cc7c0bc7ab8c7eb/goex/function/slack_read_messages.py#L13
Loading the tokens from an alternative file format such as JSON would be safer, given the intended use-case of an agent that can write to the file system. In theory someone using goex with their agent could be prompt injected and the agent could try to overwrite the token.pickle file with an arbitrary python code (unless properly sandboxed).