Close Open Privacy Scan

bolt Snapshot: commit 69c0308
science engine v1.21
schedule 2026-07-17T23:16:40.611512+00:00

verified_user Possible application data leak

Potential data exfiltration identified in application code.

smart_toy MCP server detected: anthropic, chromadb, crewai, instructor +5 more — detected in dependencies, not a safety judgment.

App Privacy Score

0 /100
High privacy risk — possible application leak

High risk · 6333 finding(s)

Dependency score: 0 (High risk)

bar_chart Score Breakdown

pii_flow −60
telemetry −25
egress −15
env_fs −3

list Scan Summary

1 high 859 medium 5473 low
First-party packages: 7
Dependency packages: 86
Ecosystem: python

swap_horiz Potential data exfiltration in application code

External domains: 169.254.169.254198.0.0.1::ffff:192.168.0.1a.coma2a-protocol.orga2ui.orgabcsales.cloud.databricks.comabout.readthedocs.orgaccount-iam.awsg.usge1.private.platform.ibmforusgov.comaccount-iam.awsg.usge1.private.platform.prep.ibmforusgov.comaccount-iam.platform.saas.ibm.comaccount-iam.platform.test.saas.ibm.comaccounts.google.comacme.comactions.zapier.comah-api.merge.devai-gateway.helicone.aiai-gateway.vercel.shai-guard.aws.us.pangea.cloudai-guard.onyx.securityai-sdk.devai.api.nvidia.comai.azure.comai.devai.google.devai.mongodb.comaiplatform.eu.rep.googleapis.comaiplatform.googleapis.comaiplatform.us.rep.googleapis.comaka.msalembic.sqlalchemy.orgap-south-1.aws.wxai.ibm.comapi-dashboard.search.brave.comapi-dev.javelin.liveapi-docs.databricks.comapi-docs.deepseek.comapi-inference.huggingface.coapi-inference.modelscope.cnapi-xecguard.cycraft.aiapi.agentops.aiapi.ai21.comapi.aim.securityapi.aimlapi.comapi.aisec.catonetworks.comapi.aleph-alpha.comapi.anthropic.comapi.ap-south-1.aws.data.ibm.comapi.apify.comapi.assemblyai.comapi.au-syd.dai.cloud.ibm.comapi.bfl.aiapi.bitbucket.orgapi.braintrustdata.comapi.brightdata.comapi.browserbase.comapi.bytez.comapi.ca-tor.dai.cloud.ibm.comapi.cerebras.aiapi.clarifai.comapi.cloudflare.comapi.cloudzero.comapi.cohere.aiapi.cohere.comapi.cometapi.comapi.compactif.aiapi.confident-ai.comapi.contextual.aiapi.cursor.comapi.dai.dev.cloud.ibm.comapi.dai.ibmforusgov.comapi.dai.prep.ibmforusgov.comapi.dai.test.cloud.ibm.comapi.dataforseo.comapi.dataplatform.cloud.ibm.comapi.dataplatform.dev.cloud.ibm.comapi.dataplatform.test.cloud.ibm.comapi.deepgram.comapi.deepinfra.comapi.deepseek.comapi.descope.comapi.dev.aws.data.ibm.comapi.dev.runwayml.comapi.duckduckgo.comapi.dynamo.aiapi.e2b.appapi.elevenlabs.ioapi.endpoints.anyscale.comapi.enkryptai.comapi.eu-de.dataplatform.cloud.ibm.comapi.eu-gb.dataplatform.cloud.ibm.comapi.eu.assemblyai.comapi.exa.aiapi.featherless.aiapi.firecrawl.devapi.fireworks.aiapi.flattr.comapi.friendli.aiapi.galadriel.comapi.galileo.aiapi.github.comapi.githubcopilot.comapi.grayswan.aiapi.groq.comapi.hconeai.comapi.hiddenlayer.aiapi.honeycomb.ioapi.humanloop.comapi.hyperbolic.xyzapi.hyperbrowser.aiapi.inceptionlabs.aiapi.inference.wandb.aiapi.jina.aiapi.jp-tok.dataplatform.cloud.ibm.comapi.lakera.aiapi.lambda.aiapi.libertai.ioapi.linkup.soapi.litellm.aiapi.llama.comapi.manus.imapi.mavvrik.devapi.mem0.aiapi.meta.aiapi.minimax.ioapi.minimaxi.comapi.mistral.aiapi.mock.comapi.moonshot.aiapi.morphllm.comapi.multion.aiapi.nlpcloud.ioapi.noma.securityapi.nova.amazon.comapi.novita.aiapi.openai.comapi.openai.com-12api.parallel.aiapi.patronus.aiapi.perplexity.aiapi.pillar.securityapi.poe.comapi.promptguard.coapi.promptlayer.comapi.publicai.coapi.qualifire.aiapi.replicate.comapi.sambanova.aiapi.sarvam.aiapi.scaleway.aiapi.scrapfly.ioapi.search.brave.comapi.search.tinyfish.aiapi.serply.ioapi.singlestore.comapi.smith.langchain.comapi.soniox.comapi.stability.aiapi.stagehand.browserbase.comapi.stima.techapi.studio.nebius.aiapi.synthetic.newapi.tavily.comapi.test.aws.data.ibm.comapi.together.xyzapi.topazlabs.comapi.unstructured.ioapi.us-east-1.aws.data.ibm.comapi.us1.zseclipse.netapi.v0.devapi.vantage.shapi.voyageai.comapi.weather.comapi.x.aiapi.you.comapi.z.aiapiserpent.comapp.composio.devapp.crewai.comapp.datarobot.comapp.daytona.ioapp.empower.devapp.hyperbrowser.aiapp.patronus.aiapp.phoenix.arize.comapp.posthog.comargusapi.repello.aiark.cn-beijing.volces.comarrow.apache.orgarxiv.orgasgi.readthedocs.ioattacker.comattribution.omnilib.devau-syd.ml.cloud.ibm.comauth.hiddenlayer.aiauth.openai.comauth.x.aiavro.apache.orgaws.amazon.comazure-us-east-1.openai.azure.comb.combackend.composio.devbackend.singlestore.combitbucket.orgblogs.msdn.combrotlipy.readthedocs.iobrowser.scrapfly.iobugs.launchpad.netbugs.python.orgbuild.nvidia.comca-tor.ml.cloud.ibm.comcalendly.comcdn.cr-relay.comcdnjs.cloudflare.comcerebras.aichat.maritaca.aichatgpt.comchimera.labs.oreilly.comchroma-onnx-models.s3.amazonaws.comchromedevtools.github.iochromium.googlesource.comcircleci.comclarifai.comclaude.googleapis.comcli.github.comclick.palletsprojects.comclient-telemetry.snowflakecomputing.comcloud.getliteral.aicloud.google.comcloud.ibm.comcloud.langfuse.comcloudfront.netcode.activestate.comcode.google.comcodespeak.netcodestral.mistral.aicognitiveservices.azure.comcolab.research.google.comcolin-b.github.iocollaboration.cmc.ec.gc.cacommunity.openai.comcomposio.devconsent.youtube.comconsole.cloud.google.comconsole.groq.comcontextual.aicookbook.openai.comcran.r-project.orgcrbug.comcrewai.comcrsrc.orgcryptography.iocx-oracle.readthedocs.iod-uuwbxj1u4cnu.studio.us-west-2.sagemaker.awsdash.voyageai.comdashboard.oxylabs.iodashboard.scrapegraphai.comdashboard.webshare.iodashscope-intl.aliyuncs.comdashscope.aliyun.comdashscope.aliyuncs.comdata-apis.orgdata.humdata.orgdata.oxylabs.iodatabase.windows.netdataplatform.cloud.ibm.comdatatracker.ietf.orgdbc-abc123.cloud.databricks.comdeepeval.confident-ai.comdeepinfra.comdeepseek.comdev-123456.okta.comdev.aws.wxai.ibm.comdev.mysql.comdev.w3.orgdevcenter.heroku.comdeveloper.github.comdeveloper.mozilla.orgdeveloper.okta.comdevelopers.cloudflare.comdevelopers.generativeai.googledevelopers.google.comdevelopers.openai.comdevelopers.oxylabs.iodevelopers.sber.rudiscord.comdiscord.ggdiscoveryengine.googleapis.comdiscuss.python.orgdnznrvs05pmza.cloudfront.netdochub.mongodb.orgdocling-project.github.iodocs.ai21.comdocs.aleph-alpha.comdocs.anthropic.comdocs.api.nvidia.comdocs.apify.comdocs.astral.shdocs.atlas.mongodb.comdocs.aws.amazon.comdocs.baseplate.aidocs.bfl.aidocs.bodo.aidocs.claude.comdocs.cloud.google.comdocs.codestral.comdocs.cohere.comdocs.composio.devdocs.crewai.comdocs.databricks.comdocs.datadoghq.comdocs.dataforseo.comdocs.docker.comdocs.exa.aidocs.firecrawl.devdocs.fireworks.aidocs.gcp.databricks.comdocs.github.comdocs.google.comdocs.grayswan.aidocs.hyperbolic.xyzdocs.hyperbrowser.aidocs.labelbox.comdocs.linkup.sodocs.litellm.aidocs.mem0.aidocs.microsoft.comdocs.mistral.aidocs.morphllm.comdocs.nlpcloud.comdocs.nomic.aidocs.nvidia.comdocs.oracle.comdocs.parallel.aidocs.perplexity.aidocs.predibase.comdocs.pydantic.devdocs.pytest.orgdocs.python-requests.orgdocs.python.orgdocs.rsdocs.sambanova.aidocs.scipy.orgdocs.searxng.orgdocs.singlestore.comdocs.snowflake.comdocs.snowflake.netdocs.sqlalchemy.orgdocs.tavily.comdocs.tinyfish.aidocs.together.aidocs.trychroma.comdocs.twelvelabs.iodocs.vllm.aidocs.voyageai.comdocs.wandb.aidocs.weaviate.iodocs.x.aidownload.gnome.orgdownload.oracle.comdrafts.csswg.orgdrive.google.comdspace.cc.tut.fidub.composio.devduckduckgo.come2b.develevenlabs.ioeli.thegreenplace.netembed.trychroma.comen.wikipedia.orgen.wikiversity.orgendpoints.ai.cloud.ovh.netenterprise.litellm.aiepydoc.sourceforge.neterrors.pydantic.deveu-de.ml.cloud.ibm.comeu-gb.ml.cloud.ibm.comeu.api.confident-ai.comeu.assemblyai.comeu.deepeval.confident-ai.comewbi.blogs.comexa.aiexam_ple.comexample-resource.azure.openai.comexample-resource.services.ai.azure.comexample.url.comexampleopenaiendpoint-production.up.railway.appexport.arxiv.orgexslt.orgexternal.api.recraft.aifacelessuser.github.iofal.aifal.runfastcrw.comfaucet.circle.comfeatherless.aifedidcg.github.ioffmpeg.orgflattr.comfonts.googleapis.comfoo.comformulae.brew.shfoss.heptapod.netftp.gnu.orggateway.ai.cloudflare.comgenerativelanguage.googleapis.comgigachat.devices.sberbank.rugist.github.comgit-scm.comgit.libreoffice.orggithub.bloggithub.comgitlab.comgitlab.gnome.orggolang.orggoo.glgoo.glegoogle-auth.readthedocs.iogoogle.aip.devgoogle.comgoogle.github.iogoogle.serper.devgr-prd-trial.aporia.comgraph.microsoft.comgrpc.github.iohelp.aliyun.comhelp.openai.comhermes-frontend-git-master-composio.vercel.apphost.docker.internalhtml.spec.whatwg.orghttp-intake.logshttpbin.orghttpwg.orghuggingface.cohuggingface.github.iohumanloop.comhuntr.comhypothesis.readthedocs.ioiam.bluemix.netiam.cloud.ibm.comiam.stage1.bluemix.netiam.test.cloud.ibm.comiamcredentials.googleapis.comibm-watson-ml.eu-gb.bluemix.netibm-watson-ml.mybluemix.netidp.comidp.mycompany.comimg.youtube.cominfer.roboflow.cominference-docs.cerebras.aiinference.api.nscale.cominference.baseten.coinference.do-ai.runinference.generativeaiinference.readthedocs.ioinfinity.modal.michaelfeil.euintegrate.api.nvidia.cominternal.api.dai.ibmforusgov.cominternal.api.dai.prep.ibmforusgov.comipython.readthedocs.iojina.aijoda-time.sourceforge.netjp-tok.ml.cloud.ibm.comjson-schema.orgjsonlines.orgjupysql.ploomber.iokafka.apache.orgkb.databricks.comkrris-mh44uf7y-eastus2.cognitiveservices.azure.comlabelstud.iolangtrace.ailaunchpad.netlearn.microsoft.comlegacy.python.orglicense.litellm.ailists.sourceforge.netlitellm-ci-cd-prod.services.ai.azure.comlitellm-listing.s3.amazonaws.comlitellm-production-7002.up.railway.applitellm.ailitellm.vercel.applitellm8397336933.openai.azure.comlitellm8397336933.services.ai.azure.comllama.developer.meta.comllm.chutes.ailmstudio.ailocation-aiplatform.googleapis.comlog.athina.ailogfire-api.pydantic.devlogin.chinacloudapi.cnlogin.microsoft.comlogin.microsoftonline.comlogin.microsoftonline.uslxml.demagicstack.github.iomanagement.azure.commanagement.chinacloudapi.cnmanagement.core.chinacloudapi.cnmanagement.core.usgovcloudapi.netmanagement.core.windows.netmanagement.usgovcloudapi.netmaven.apache.orgmcp.apify.commdb.aimedium.commetadata.google.internalmicrosoft.github.iomilvus.iomindsdb.comml.azure.commodel-runner.docker.internalmodel-spec.openai.commodelcontextprotocol.iomodels.inference.ai.azure.commodels.litellm.aimodelscope.cnmongodb.commonitor.azure.commsdn.microsoft.commy-app-1234.aws.databricksapps.commy-endpoint.openai.azure.commy-idp.commy-resource.services.ai.azure.commy-workspace.cloud.databricks.commy.nsmyaccount.google.commypy.readthedocs.iomyrepo.commyresource.openai.azure.commüller.denano-gpt.comnats.ionews.ycombinator.comngw.devices.sberbank.runickeljoke.vercel.appnodatime.orgnothooks.slack.comnovita.ainumba.readthedocs.ionumexpr.readthedocs.ionumpy.orgnumpydoc.readthedocs.iooai.endpoints.kepler.ai.cloud.ovh.netoauth2.googleapis.comocsp.snowflakecomputingocspssd.snowflakecomputingocspssd.snowflakecomputing.comoffice.microsoft.comofficeopenxml.comollama.aiollama.comonnxruntime.aiopen.manus.imopenai.comopenaipublic.blob.core.windows.netopencode.aiopenid.netopenmeter.cloudopenpyxl.readthedocs.ioopenrouter.aiopentelemetry.iooracle.github.ioossrdbms-aad.database.windows.netotel.patronus.aiother.comotlp.agentops.aiotlp.agentops.cloudotlp.arize.comoxylabs.iopackages.unstructured.iopackaging.python.orgpandas.pydata.orgpandoc.orgparquet.apache.orgpcsclite.apdu.frpendulum.eustace.iopeps.python.orgpiblpmmdsiknacjnm1ltla.c1.europe-west3.gcp.weaviate.cloudpinstripes.iopip.pypa.iopkg.go.devplatform.claude.complatform.minimax.ioplatform.moonshot.aiplatform.openai.complatform.reducto.aiplatform.stability.aiplugged.inportal.azure.comportal.singlestore.composthog.compresbrey.mit.eduprivate.ap-south-1.aws.wxai.ibm.comprivate.api.au-syd.dai.cloud.ibm.comprivate.api.ca-tor.dai.cloud.ibm.comprivate.api.dai.dev.cloud.ibm.comprivate.api.dai.test.cloud.ibm.comprivate.api.dataplatform.cloud.ibm.comprivate.api.dataplatform.dev.cloud.ibm.comprivate.api.dataplatform.test.cloud.ibm.comprivate.api.eu-de.dataplatform.cloud.ibm.comprivate.api.eu-gb.dataplatform.cloud.ibm.comprivate.api.jp-tok.dataplatform.cloud.ibm.comprivate.au-syd.ml.cloud.ibm.comprivate.ca-tor.ml.cloud.ibm.comprivate.dev.aws.wxai.ibm.comprivate.eu-de.ml.cloud.ibm.comprivate.eu-gb.ml.cloud.ibm.comprivate.internal.wxai.ibmforusgov.comprivate.internal.wxai.prep.ibmforusgov.comprivate.jp-tok.ml.cloud.ibm.comprivate.test.aws.wxai.ibm.comprivate.us-east-1.aws.wxai.ibm.comprivate.us-south.ml.cloud.ibm.comprivate.us-south.ml.test.cloud.ibm.comprivate.wml-fvt.ml.test.cloud.ibm.comprivate.wml-mcsp-dev.ml.test.cloud.ibm.comprivate.wxai-qa.ml.cloud.ibm.comprivate.wxai.ibmforusgov.comprivate.wxai.prep.ibmforusgov.comprivate.yp-cr.ml.cloud.ibm.comprivate.yp-qa.ml.cloud.ibm.comprodi.gyprometheus.ioprotobuf.devproxy.qualifire.aipsycopg.orgpubsub.googleapis.compurl.oclc.orgpurl.orgpydantic-docs.helpmanual.iopygithub.readthedocs.iopyjwt.readthedocs.iopymysql.readthedocs.iopyperclip.readthedocs.iopypi.orgpypi.python.orgpypika.readthedocs.iopython-devtools.helpmanual.iopython-oracledb.readthedocs.iopython.langchain.compython.readthedocs.iopytube.iopyyaml.orgr.jina.airaw.githubusercontent.comrealtime.oxylabs.ioredis.azure.comredis.ioregistry.terraform.iorelaxng.orgreplicate.comrequests.readthedocs.iorich.readthedocs.iorouter.huggingface.coruntime.sagemakers2-host.coms3-api.us-geo.objectstorage.service.networklayer.coms3-api.us-geo.objectstorage.softlayer.nets3-us-west-2.amazonaws.coms3.amazonaws.coms3.us-west-2.amazonaws.comschemas.microsoft.comschemas.openxmlformats.orgscrape.serper.devscrapethis.comscrapfly.iosentry.ioserpapi.comserper.devserver.comserver.lasso.securityserverless.tensormesh.aiservice.api.aisecurity.paloaltonetworks.comserving.app.predibase.comsfcdev.client-telemetry.snowflakecomputing.comsfctest.client-telemetry.snowflakecomputing.comshell.singlestore.comsome-cohere-baseurl.aisome-url.comsoniox.comsource.chromium.orgsourceforge.netspark.apache.orgspeakeasy.comspec.openapis.orgspecs.frictionlessdata.iosqlalche.mesqlite.orgsrc.dev.databricks.comstackoverflow.comstaging-backend.composio.devstartbigthinksmall.wordpress.comstatic.reo.devstatus.databricks.comstatus.github.comstorage-proxy.databricks.comstorage.azure.comstorage.googleapis.comstream-b.svc.rno2.c.replicate.netsupport.google.comsupport.sas.comswagger.iotechnet.microsoft.comtechspot.zzzeek.orgtelemetry.crewai.comtest.aws.wxai.ibm.comtest.cloud.ibm.comtest.comtext.octoai.runtexttospeech.googleapis.comtimeapi.iotoken.actions.githubusercontent.comtokenhub-intl.tencentcloudmaas.comtools.ietf.orgtowardsdatascience.comtrace.wandb.aitwitter.comtyping-extensions.readthedocs.iounpkg.comurllib3.readthedocs.ious-central1-aiplatform.googleapis.comus-east-1.aws.wxai.ibm.comus-east-1.console.aws.amazon.comus-south.ml.cloud.ibm.comus-south.ml.test.cloud.ibm.comus-west-2.console.aws.amazon.comus.api.inspect.aidefense.security.cisco.comus.cloud.langfuse.comus.i.posthog.comv0.devv2-api.scrapegraphai.comvercel.comw3c-fedid.github.iow3c.github.iowakatime.comweaviate.ioweb.devwebhook-test.comwebsockets.readthedocs.iowicg.github.iowiki.centos.orgwiki.debian.orgwml-fvt.ml.test.cloud.ibm.comwml-mcsp-dev.ml.test.cloud.ibm.comwww.3playmedia.comwww.aws-services.infowww.awsarchitectureblog.comwww.bing.comwww.blevesearch.comwww.browserbase.comwww.chromium.orgwww.comet.comwww.crummy.comwww.databricks.comwww.doclang.aiwww.elastic.cowww.example.珠宝www.freetds.orgwww.gevent.orgwww.ghostscript.comwww.github.comwww.google.co.inwww.google.comwww.googleapis.comwww.graphviz.orgwww.iana.orgwww.ibm.comwww.ietf.orgwww.inceptionlabs.aiwww.joda.orgwww.libreoffice.orgwww.litellm.aiwww.microsoft.comwww.miniclip.comwww.mlflow.orgwww.mongodb.comwww.mozilla.orgwww.nature.comwww.openpolicyagent.orgwww.opm.govwww.oracle.comwww.pcre.orgwww.postgresql.orgwww.prisma.iowww.psycopg.orgwww.pyopenssl.orgwww.python-httpx.orgwww.python.orgwww.quartz-scheduler.orgwww.recraft.aiwww.rfc-editor.orgwww.scaleway.comwww.searchapi.iowww.selenium.devwww.softwareishard.comwww.sqlite.orgwww.stagehand.devwww.stata.comwww.statsmodels.orgwww.uvicorn.orgwww.volcengine.comwww.w3.orgwww.w3schools.comwww.weaviate.iowww.webshare.iowww.xmlsoft.orgwww.xudongz.comwww.youtube.comwww.zapier.comwww.zetetic.netwww.zlib.orgwxai-qa.ml.cloud.ibm.comwxai.ibmforusgov.comwxai.prep.ibmforusgov.comxarray.pydata.orgxlrd.readthedocs.ioxn--fiqs8s.icom.museumyahoo.comyandex.comydc-index.ioyou.comyour-api.comyour-proxy.comyour-resource.cognitiveservices.azure.comyour-searxng-instance.comyour-unique-host.openai.azure.comyoutu.beyoutube.comyoutube.googleapis.comyp-cr.ml.cloud.ibm.comyp-qa.ml.cloud.ibm.comzlib.net

medium mcpadapt PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/google_genai.py:27 pkgs/python/[email protected]/examples/google_genai.py:67
medium mcpadapt PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/google_genai.py:27 pkgs/python/[email protected]/examples/google_genai.py:68
medium mcpadapt PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/google_genai.py:27 pkgs/python/[email protected]/examples/google_genai.py:70
medium mcpadapt PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/google_genai.py:27 pkgs/python/[email protected]/examples/google_genai.py:71
medium mcpadapt PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/google_genai.py:27 pkgs/python/[email protected]/examples/google_genai.py:77
medium mcpadapt PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/google_genai.py:27 pkgs/python/[email protected]/examples/google_genai.py:81
medium mcpadapt PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/smolagents_structured_output.py:63 pkgs/python/[email protected]/examples/smolagents_structured_output.py:71
medium mcpadapt PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/smolagents_structured_output.py:85 pkgs/python/[email protected]/examples/smolagents_structured_output.py:93
medium anthropic PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/agents.py:9 pkgs/python/[email protected]/examples/agents.py:15
medium anthropic PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/agents.py:9 pkgs/python/[email protected]/examples/agents.py:22
medium anthropic PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/agents.py:9 pkgs/python/[email protected]/examples/agents.py:29
medium anthropic PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/agents.py:9 pkgs/python/[email protected]/examples/agents.py:45
medium anthropic PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/agents_comprehensive.py:18 pkgs/python/[email protected]/examples/agents_comprehensive.py:28
medium anthropic PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/agents_comprehensive.py:18 pkgs/python/[email protected]/examples/agents_comprehensive.py:32
medium anthropic PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/agents_comprehensive.py:18 pkgs/python/[email protected]/examples/agents_comprehensive.py:43
medium anthropic PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/agents_comprehensive.py:18 pkgs/python/[email protected]/examples/agents_comprehensive.py:52
medium anthropic PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/agents_comprehensive.py:18 pkgs/python/[email protected]/examples/agents_comprehensive.py:75
medium anthropic PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/agents_comprehensive.py:18 pkgs/python/[email protected]/examples/agents_comprehensive.py:86
medium anthropic PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/agents_comprehensive.py:18 pkgs/python/[email protected]/examples/agents_comprehensive.py:89
medium anthropic PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/agents_comprehensive.py:18 pkgs/python/[email protected]/examples/agents_comprehensive.py:97
medium anthropic PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/agents_comprehensive.py:18 pkgs/python/[email protected]/examples/agents_comprehensive.py:108
medium anthropic PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/agents_with_files.py:10 pkgs/python/[email protected]/examples/agents_with_files.py:16
medium anthropic PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/agents_with_files.py:10 pkgs/python/[email protected]/examples/agents_with_files.py:32
medium anthropic PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/agents_with_files.py:10 pkgs/python/[email protected]/examples/agents_with_files.py:38
medium anthropic PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/agents_with_files.py:10 pkgs/python/[email protected]/examples/agents_with_files.py:52
medium anthropic PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/agents_with_files.py:10 pkgs/python/[email protected]/examples/agents_with_files.py:55
medium anthropic PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/agents_with_files.py:10 pkgs/python/[email protected]/examples/agents_with_files.py:76
medium stagehand PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/act_example.py:49 pkgs/python/[email protected]/examples/act_example.py:57
medium stagehand PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/act_example.py:49 pkgs/python/[email protected]/examples/act_example.py:87
medium stagehand PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/act_example.py:49 pkgs/python/[email protected]/examples/act_example.py:88
medium stagehand PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/byob_example.py:53 pkgs/python/[email protected]/examples/byob_example.py:89
medium stagehand PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/full_example.py:51 pkgs/python/[email protected]/examples/full_example.py:59
medium stagehand PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/full_example.py:51 pkgs/python/[email protected]/examples/full_example.py:77
medium stagehand PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/full_example.py:51 pkgs/python/[email protected]/examples/full_example.py:87
medium stagehand PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/full_example.py:51 pkgs/python/[email protected]/examples/full_example.py:101
medium stagehand PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/full_example.py:51 pkgs/python/[email protected]/examples/full_example.py:120
medium stagehand PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/full_example.py:51 pkgs/python/[email protected]/examples/full_example.py:126
medium stagehand PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/full_example.py:51 pkgs/python/[email protected]/examples/full_example.py:168
medium stagehand PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/full_example.py:51 pkgs/python/[email protected]/examples/full_example.py:169
medium stagehand PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/full_example.py:51 pkgs/python/[email protected]/examples/full_example.py:170
medium stagehand PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/local_browser_playwright_example.py:79 pkgs/python/[email protected]/examples/local_browser_playwright_example.py:128
medium stagehand PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/local_browser_playwright_example.py:79 pkgs/python/[email protected]/examples/local_browser_playwright_example.py:174
medium stagehand PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/local_browser_playwright_example.py:79 pkgs/python/[email protected]/examples/local_browser_playwright_example.py:190
medium stagehand PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/local_example.py:48 pkgs/python/[email protected]/examples/local_example.py:72
medium stagehand PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/local_example.py:48 pkgs/python/[email protected]/examples/local_example.py:89
medium stagehand PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/local_server_multiregion_browser_example.py:50 pkgs/python/[email protected]/examples/local_server_multiregion_browser_example.py:90
medium stagehand PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/local_server_multiregion_browser_example.py:50 pkgs/python/[email protected]/examples/local_server_multiregion_browser_example.py:142
medium stagehand PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/local_server_multiregion_browser_example.py:50 pkgs/python/[email protected]/examples/local_server_multiregion_browser_example.py:158
medium stagehand PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/logging_example.py:24 pkgs/python/[email protected]/examples/logging_example.py:33
medium stagehand PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/logging_example.py:24 pkgs/python/[email protected]/examples/logging_example.py:64
medium stagehand PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/logging_example.py:24 pkgs/python/[email protected]/examples/logging_example.py:68
medium stagehand PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/logging_example.py:24 pkgs/python/[email protected]/examples/logging_example.py:76
medium stagehand PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/playwright_page_example.py:49 pkgs/python/[email protected]/examples/playwright_page_example.py:86
medium stagehand PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/playwright_page_example.py:49 pkgs/python/[email protected]/examples/playwright_page_example.py:108
medium stagehand PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/playwright_page_example.py:49 pkgs/python/[email protected]/examples/playwright_page_example.py:127
medium stagehand PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/pydoll_tab_example.py:118 pkgs/python/[email protected]/examples/pydoll_tab_example.py:151
medium stagehand PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/pydoll_tab_example.py:118 pkgs/python/[email protected]/examples/pydoll_tab_example.py:158
medium stagehand PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/pydoll_tab_example.py:118 pkgs/python/[email protected]/examples/pydoll_tab_example.py:193
medium stagehand PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/pydoll_tab_example.py:118 pkgs/python/[email protected]/examples/pydoll_tab_example.py:204
medium stagehand PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/pydoll_tab_example.py:118 pkgs/python/[email protected]/examples/pydoll_tab_example.py:223
medium stagehand PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/remote_browser_playwright_example.py:51 pkgs/python/[email protected]/examples/remote_browser_playwright_example.py:89
medium stagehand PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/remote_browser_playwright_example.py:51 pkgs/python/[email protected]/examples/remote_browser_playwright_example.py:143
medium stagehand PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/remote_browser_playwright_example.py:51 pkgs/python/[email protected]/examples/remote_browser_playwright_example.py:159
medium stagehand PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/vertex_auth_example.py:104 pkgs/python/[email protected]/examples/vertex_auth_example.py:140
medium stagehand PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/vertex_auth_example.py:104 pkgs/python/[email protected]/examples/vertex_auth_example.py:155
medium stagehand PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/vertex_auth_example.py:104 pkgs/python/[email protected]/examples/vertex_auth_example.py:167
medium crewai-tools A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/src/crewai_tools/tools/brave_search_tool/brave_search_tool.py:129 pkgs/python/[email protected]/src/crewai_tools/tools/brave_search_tool/brave_search_tool.py:133
medium crewai-tools A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/src/crewai_tools/tools/brightdata_tool/brightdata_serp.py:219 pkgs/python/[email protected]/src/crewai_tools/tools/brightdata_tool/brightdata_serp.py:224
medium crewai-tools A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/src/crewai_tools/tools/brightdata_tool/brightdata_unlocker.py:135 pkgs/python/[email protected]/src/crewai_tools/tools/brightdata_tool/brightdata_unlocker.py:141
medium crewai-tools A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/src/crewai_tools/tools/contextualai_parse_tool/contextual_parse_tool.py:64 pkgs/python/[email protected]/src/crewai_tools/tools/contextualai_parse_tool/contextual_parse_tool.py:80
medium crewai-tools A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/src/crewai_tools/tools/contextualai_parse_tool/contextual_parse_tool.py:64 pkgs/python/[email protected]/src/crewai_tools/tools/contextualai_parse_tool/contextual_parse_tool.py:89
medium crewai-tools A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/src/crewai_tools/tools/contextualai_parse_tool/contextual_parse_tool.py:64 pkgs/python/[email protected]/src/crewai_tools/tools/contextualai_parse_tool/contextual_parse_tool.py:100
medium crewai-tools A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/src/crewai_tools/tools/contextualai_query_tool/contextual_query_tool.py:48 pkgs/python/[email protected]/src/crewai_tools/tools/contextualai_query_tool/contextual_query_tool.py:49
medium crewai-tools A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/src/crewai_tools/tools/contextualai_rerank_tool/contextual_rerank_tool.py:53 pkgs/python/[email protected]/src/crewai_tools/tools/contextualai_rerank_tool/contextual_rerank_tool.py:69
medium crewai-tools A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/src/crewai_tools/tools/parallel_tools/parallel_search_tool.py:78 pkgs/python/[email protected]/src/crewai_tools/tools/parallel_tools/parallel_search_tool.py:104
medium crewai-tools A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/src/crewai_tools/tools/patronus_eval_tool/patronus_eval_tool.py:43 pkgs/python/[email protected]/src/crewai_tools/tools/patronus_eval_tool/patronus_eval_tool.py:39
medium crewai-tools A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/src/crewai_tools/tools/patronus_eval_tool/patronus_eval_tool.py:66 pkgs/python/[email protected]/src/crewai_tools/tools/patronus_eval_tool/patronus_eval_tool.py:62
medium crewai-tools A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/src/crewai_tools/tools/serper_dev_tool/serper_dev_tool.py:251 pkgs/python/[email protected]/src/crewai_tools/tools/serper_dev_tool/serper_dev_tool.py:257
medium crewai-tools A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/src/crewai_tools/tools/serper_scrape_website_tool/serper_scrape_website_tool.py:52 pkgs/python/[email protected]/src/crewai_tools/tools/serper_scrape_website_tool/serper_scrape_website_tool.py:59
medium composio-core A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/composio/tools/local/greptile/actions/codequery.py:71 pkgs/python/[email protected]/composio/tools/local/greptile/actions/codequery.py:107
medium bedrock-agentcore PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/tests_integ/tools/test_code.py:236 pkgs/python/[email protected]/tests_integ/tools/test_code.py:257
medium bedrock-agentcore PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/tests_integ/tools/test_code.py:236 pkgs/python/[email protected]/tests_integ/tools/test_code.py:269
medium bedrock-agentcore PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/tests_integ/tools/test_code.py:236 pkgs/python/[email protected]/tests_integ/tools/test_code.py:310
medium first-party (python): lib/crewai-tools A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
repo/lib/crewai-tools/src/crewai_tools/adapters/zapier_adapter.py:27 repo/lib/crewai-tools/src/crewai_tools/adapters/zapier_adapter.py:45
medium first-party (python): lib/crewai-tools A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
repo/lib/crewai-tools/src/crewai_tools/adapters/zapier_adapter.py:69 repo/lib/crewai-tools/src/crewai_tools/adapters/zapier_adapter.py:71
medium first-party (python): lib/crewai-tools A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
repo/lib/crewai-tools/src/crewai_tools/tools/brave_search_tool/brave_search_tool.py:129 repo/lib/crewai-tools/src/crewai_tools/tools/brave_search_tool/brave_search_tool.py:133
medium first-party (python): lib/crewai-tools A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
repo/lib/crewai-tools/src/crewai_tools/tools/brightdata_tool/brightdata_serp.py:219 repo/lib/crewai-tools/src/crewai_tools/tools/brightdata_tool/brightdata_serp.py:224
medium first-party (python): lib/crewai-tools A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
repo/lib/crewai-tools/src/crewai_tools/tools/brightdata_tool/brightdata_unlocker.py:135 repo/lib/crewai-tools/src/crewai_tools/tools/brightdata_tool/brightdata_unlocker.py:141
medium first-party (python): lib/crewai-tools A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
repo/lib/crewai-tools/src/crewai_tools/tools/contextualai_parse_tool/contextual_parse_tool.py:64 repo/lib/crewai-tools/src/crewai_tools/tools/contextualai_parse_tool/contextual_parse_tool.py:80
medium first-party (python): lib/crewai-tools A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
repo/lib/crewai-tools/src/crewai_tools/tools/contextualai_parse_tool/contextual_parse_tool.py:64 repo/lib/crewai-tools/src/crewai_tools/tools/contextualai_parse_tool/contextual_parse_tool.py:89
medium first-party (python): lib/crewai-tools A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
repo/lib/crewai-tools/src/crewai_tools/tools/contextualai_parse_tool/contextual_parse_tool.py:64 repo/lib/crewai-tools/src/crewai_tools/tools/contextualai_parse_tool/contextual_parse_tool.py:100
medium first-party (python): lib/crewai-tools A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
repo/lib/crewai-tools/src/crewai_tools/tools/contextualai_query_tool/contextual_query_tool.py:48 repo/lib/crewai-tools/src/crewai_tools/tools/contextualai_query_tool/contextual_query_tool.py:49
medium first-party (python): lib/crewai-tools A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
repo/lib/crewai-tools/src/crewai_tools/tools/contextualai_rerank_tool/contextual_rerank_tool.py:53 repo/lib/crewai-tools/src/crewai_tools/tools/contextualai_rerank_tool/contextual_rerank_tool.py:69
medium first-party (python): lib/crewai-tools A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
repo/lib/crewai-tools/src/crewai_tools/tools/parallel_tools/parallel_search_tool.py:78 repo/lib/crewai-tools/src/crewai_tools/tools/parallel_tools/parallel_search_tool.py:104
medium first-party (python): lib/crewai-tools A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
repo/lib/crewai-tools/src/crewai_tools/tools/patronus_eval_tool/patronus_eval_tool.py:43 repo/lib/crewai-tools/src/crewai_tools/tools/patronus_eval_tool/patronus_eval_tool.py:39
medium first-party (python): lib/crewai-tools A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
repo/lib/crewai-tools/src/crewai_tools/tools/patronus_eval_tool/patronus_eval_tool.py:66 repo/lib/crewai-tools/src/crewai_tools/tools/patronus_eval_tool/patronus_eval_tool.py:62
medium first-party (python): lib/crewai-tools A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
repo/lib/crewai-tools/src/crewai_tools/tools/serper_dev_tool/serper_dev_tool.py:251 repo/lib/crewai-tools/src/crewai_tools/tools/serper_dev_tool/serper_dev_tool.py:257
medium first-party (python): lib/crewai-tools A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
repo/lib/crewai-tools/src/crewai_tools/tools/serper_scrape_website_tool/serper_scrape_website_tool.py:52 repo/lib/crewai-tools/src/crewai_tools/tools/serper_scrape_website_tool/serper_scrape_website_tool.py:59
hub Dependency data flows (33)
high litellm dependency A credential read from the environment/filesystem flows to an external network call in a non-auth-header position (request body). Review what is sent.
pkgs/python/[email protected]/litellm/proxy_auth/credentials.py:161 pkgs/python/[email protected]/litellm/proxy_auth/credentials.py:160
medium e2b dependency A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/e2b/api/client/client.py:230 pkgs/python/[email protected]/e2b/api/client/client.py:232
medium e2b dependency A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/e2b/api/client/client.py:266 pkgs/python/[email protected]/e2b/api/client/client.py:268
medium e2b dependency A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/e2b/volume/client/client.py:230 pkgs/python/[email protected]/e2b/volume/client/client.py:232
medium e2b dependency A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/e2b/volume/client/client.py:266 pkgs/python/[email protected]/e2b/volume/client/client.py:268
medium mcp dependency A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/src/mcp/client/auth/oauth2.py:433 pkgs/python/[email protected]/src/mcp/client/auth/oauth2.py:452
medium mem0ai dependency A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/mem0/client/main.py:110 pkgs/python/[email protected]/mem0/client/main.py:133
medium mem0ai dependency A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/mem0/client/main.py:1002 pkgs/python/[email protected]/mem0/client/main.py:1025
medium mem0ai dependency A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/mem0/client/main.py:1054 pkgs/python/[email protected]/mem0/client/main.py:1051
medium mem0ai dependency A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/mem0/llms/sarvam.py:47 pkgs/python/[email protected]/mem0/llms/sarvam.py:81
medium litellm dependency PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/litellm/integrations/gcs_bucket/gcs_bucket_base.py:92 pkgs/python/[email protected]/litellm/integrations/gcs_bucket/gcs_bucket_base.py:111
medium litellm dependency PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/litellm/integrations/lago.py:169 pkgs/python/[email protected]/litellm/integrations/lago.py:189
medium litellm dependency PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/litellm/integrations/lago.py:169 pkgs/python/[email protected]/litellm/integrations/lago.py:192
medium litellm dependency PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/litellm/llms/bedrock/base_aws_llm.py:1067 pkgs/python/[email protected]/litellm/llms/bedrock/base_aws_llm.py:1075
medium litellm dependency A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/litellm/llms/bedrock/files/handler.py:122 pkgs/python/[email protected]/litellm/llms/bedrock/files/handler.py:136
medium litellm dependency PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/litellm/llms/databricks/common_utils.py:336 pkgs/python/[email protected]/litellm/llms/databricks/common_utils.py:389
medium litellm dependency A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/litellm/llms/huggingface/common_utils.py:77 pkgs/python/[email protected]/litellm/llms/huggingface/common_utils.py:83
medium litellm dependency A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/litellm/llms/sagemaker/completion/handler.py:560 pkgs/python/[email protected]/litellm/llms/sagemaker/completion/handler.py:625
medium litellm dependency PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/litellm/main.py:2590 pkgs/python/[email protected]/litellm/main.py:2631
medium litellm dependency PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/litellm/proxy/auth/oauth2_check.py:139 pkgs/python/[email protected]/litellm/proxy/auth/oauth2_check.py:184
medium litellm dependency PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/litellm/secret_managers/get_azure_ad_token_provider.py:69 pkgs/python/[email protected]/litellm/secret_managers/get_azure_ad_token_provider.py:71
medium crewai-tools dependency A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/src/crewai_tools/adapters/zapier_adapter.py:27 pkgs/python/[email protected]/src/crewai_tools/adapters/zapier_adapter.py:45
medium crewai-tools dependency A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/src/crewai_tools/adapters/zapier_adapter.py:69 pkgs/python/[email protected]/src/crewai_tools/adapters/zapier_adapter.py:71
medium firecrawl-py dependency A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/firecrawl/firecrawl.backup.py:689 pkgs/python/[email protected]/firecrawl/firecrawl.backup.py:687
medium firecrawl-py dependency A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/firecrawl/firecrawl.backup.py:1255 pkgs/python/[email protected]/firecrawl/firecrawl.backup.py:1253
medium firecrawl-py dependency A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/firecrawl/v1/client.py:767 pkgs/python/[email protected]/firecrawl/v1/client.py:765
medium firecrawl-py dependency A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/firecrawl/v1/client.py:1420 pkgs/python/[email protected]/firecrawl/v1/client.py:1418
medium singlestoredb dependency A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/singlestoredb/fusion/graphql.py:172 pkgs/python/[email protected]/singlestoredb/fusion/graphql.py:173
medium tavily-python dependency A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/tavily/async_tavily.py:59 pkgs/python/[email protected]/tavily/async_tavily.py:118
medium azure-identity dependency PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/azure/identity/_credentials/environment.py:66 pkgs/python/[email protected]/azure/identity/_credentials/environment.py:99
medium azure-identity dependency PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/azure/identity/aio/_credentials/environment.py:60 pkgs/python/[email protected]/azure/identity/aio/_credentials/environment.py:77
medium databricks-sdk dependency A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/databricks/sdk/credentials_provider.py:340 pkgs/python/[email protected]/databricks/sdk/credentials_provider.py:341
medium databricks-sdk dependency A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/databricks/sdk/oidc_token_supplier.py:21 pkgs/python/[email protected]/databricks/sdk/oidc_token_supplier.py:23

</> First-Party Code

first-party (python): lib/crewai-tools

python first-party
medium pii_flow production #7b19f37076372975 A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
repo/lib/crewai-tools/src/crewai_tools/adapters/zapier_adapter.py:45 · flow /tmp/closeopen-shk8_bje/repo/lib/crewai-tools/src/crewai_tools/adapters/zapier_adapter.py:27 → /tmp/closeopen-shk8_bje/repo/lib/crewai-tools/src/crewai_tools/adapters/zapier_adapter.py:45
        response = requests.request(
            "POST",
            execute_url,
            headers=headers,
            json=action_params,
            timeout=30,
        )

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

medium pii_flow production #c50773ece40072d9 A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
repo/lib/crewai-tools/src/crewai_tools/adapters/zapier_adapter.py:71 · flow /tmp/closeopen-shk8_bje/repo/lib/crewai-tools/src/crewai_tools/adapters/zapier_adapter.py:69 → /tmp/closeopen-shk8_bje/repo/lib/crewai-tools/src/crewai_tools/adapters/zapier_adapter.py:71
        response = requests.request(
            "GET",
            ACTIONS_URL,
            headers=headers,
            timeout=30,
        )

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

medium pii_flow production #738bbd1596bfbb20 A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
repo/lib/crewai-tools/src/crewai_tools/tools/brave_search_tool/brave_search_tool.py:133 · flow /tmp/closeopen-shk8_bje/repo/lib/crewai-tools/src/crewai_tools/tools/brave_search_tool/brave_search_tool.py:129 → /tmp/closeopen-shk8_bje/repo/lib/crewai-tools/src/crewai_tools/tools/brave_search_tool/brave_search_tool.py:133
            response = requests.get(
                self.search_url, headers=headers, params=payload, timeout=30
            )

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

medium pii_flow production #d6de6d90c857687a A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
repo/lib/crewai-tools/src/crewai_tools/tools/brightdata_tool/brightdata_serp.py:224 · flow /tmp/closeopen-shk8_bje/repo/lib/crewai-tools/src/crewai_tools/tools/brightdata_tool/brightdata_serp.py:219 → /tmp/closeopen-shk8_bje/repo/lib/crewai-tools/src/crewai_tools/tools/brightdata_tool/brightdata_serp.py:224
            response = requests.post(
                self.base_url, json=request_params, headers=headers, timeout=30
            )

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

medium pii_flow production #873abf4b553b0c57 A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
repo/lib/crewai-tools/src/crewai_tools/tools/brightdata_tool/brightdata_unlocker.py:141 · flow /tmp/closeopen-shk8_bje/repo/lib/crewai-tools/src/crewai_tools/tools/brightdata_tool/brightdata_unlocker.py:135 → /tmp/closeopen-shk8_bje/repo/lib/crewai-tools/src/crewai_tools/tools/brightdata_tool/brightdata_unlocker.py:141
            response = requests.post(
                self.base_url, json=payload, headers=headers, timeout=30
            )

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

medium pii_flow production #5d69289083ea3803 A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
repo/lib/crewai-tools/src/crewai_tools/tools/contextualai_parse_tool/contextual_parse_tool.py:80 · flow /tmp/closeopen-shk8_bje/repo/lib/crewai-tools/src/crewai_tools/tools/contextualai_parse_tool/contextual_parse_tool.py:64 → /tmp/closeopen-shk8_bje/repo/lib/crewai-tools/src/crewai_tools/tools/contextualai_parse_tool/contextual_parse_tool.py:80
                result = requests.post(
                    url, headers=headers, data=config, files=file, timeout=30
                )

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

medium pii_flow production #ce19fe7ac018df2a A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
repo/lib/crewai-tools/src/crewai_tools/tools/contextualai_parse_tool/contextual_parse_tool.py:89 · flow /tmp/closeopen-shk8_bje/repo/lib/crewai-tools/src/crewai_tools/tools/contextualai_parse_tool/contextual_parse_tool.py:64 → /tmp/closeopen-shk8_bje/repo/lib/crewai-tools/src/crewai_tools/tools/contextualai_parse_tool/contextual_parse_tool.py:89
                result = requests.get(status_url, headers=headers, timeout=30)

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

medium pii_flow production #ea0393b2e1faee61 A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
repo/lib/crewai-tools/src/crewai_tools/tools/contextualai_parse_tool/contextual_parse_tool.py:100 · flow /tmp/closeopen-shk8_bje/repo/lib/crewai-tools/src/crewai_tools/tools/contextualai_parse_tool/contextual_parse_tool.py:64 → /tmp/closeopen-shk8_bje/repo/lib/crewai-tools/src/crewai_tools/tools/contextualai_parse_tool/contextual_parse_tool.py:100
            result = requests.get(
                results_url,
                headers=headers,
                params={"output_types": ",".join(output_types)},
                timeout=30,
            )

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

medium pii_flow production #489435446ff63b4b A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
repo/lib/crewai-tools/src/crewai_tools/tools/contextualai_query_tool/contextual_query_tool.py:49 · flow /tmp/closeopen-shk8_bje/repo/lib/crewai-tools/src/crewai_tools/tools/contextualai_query_tool/contextual_query_tool.py:48 → /tmp/closeopen-shk8_bje/repo/lib/crewai-tools/src/crewai_tools/tools/contextualai_query_tool/contextual_query_tool.py:49
        response = requests.get(url, headers=headers, timeout=30)

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

medium pii_flow production #0b4bd8c30b56580c A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
repo/lib/crewai-tools/src/crewai_tools/tools/contextualai_rerank_tool/contextual_rerank_tool.py:69 · flow /tmp/closeopen-shk8_bje/repo/lib/crewai-tools/src/crewai_tools/tools/contextualai_rerank_tool/contextual_rerank_tool.py:53 → /tmp/closeopen-shk8_bje/repo/lib/crewai-tools/src/crewai_tools/tools/contextualai_rerank_tool/contextual_rerank_tool.py:69
            result = requests.post(
                rerank_url, json=payload, headers=headers, timeout=30
            )

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

medium pii_flow production #2ae0edc6ef84ac73 A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
repo/lib/crewai-tools/src/crewai_tools/tools/parallel_tools/parallel_search_tool.py:104 · flow /tmp/closeopen-shk8_bje/repo/lib/crewai-tools/src/crewai_tools/tools/parallel_tools/parallel_search_tool.py:78 → /tmp/closeopen-shk8_bje/repo/lib/crewai-tools/src/crewai_tools/tools/parallel_tools/parallel_search_tool.py:104
            resp = requests.post(
                self.search_url, json=payload, headers=headers, timeout=request_timeout
            )

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

medium pii_flow production #5071197b97cdedcb A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
repo/lib/crewai-tools/src/crewai_tools/tools/patronus_eval_tool/patronus_eval_tool.py:39 · flow /tmp/closeopen-shk8_bje/repo/lib/crewai-tools/src/crewai_tools/tools/patronus_eval_tool/patronus_eval_tool.py:43 → /tmp/closeopen-shk8_bje/repo/lib/crewai-tools/src/crewai_tools/tools/patronus_eval_tool/patronus_eval_tool.py:39
            requests.get(
                "https://api.patronus.ai/v1/evaluators",
                headers={
                    "accept": "application/json",
                    "X-API-KEY": os.environ["PATRONUS_API_KEY"],
                },
                timeout=30,
            ).text

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

medium pii_flow production #33efad2102e12ea3 A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
repo/lib/crewai-tools/src/crewai_tools/tools/patronus_eval_tool/patronus_eval_tool.py:62 · flow /tmp/closeopen-shk8_bje/repo/lib/crewai-tools/src/crewai_tools/tools/patronus_eval_tool/patronus_eval_tool.py:66 → /tmp/closeopen-shk8_bje/repo/lib/crewai-tools/src/crewai_tools/tools/patronus_eval_tool/patronus_eval_tool.py:62
            requests.get(
                "https://api.patronus.ai/v1/evaluator-criteria",
                headers={
                    "accept": "application/json",
                    "X-API-KEY": os.environ["PATRONUS_API_KEY"],
                },
                timeout=30,
            ).text

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

medium pii_flow production #9513e3e317ccfb0e A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
repo/lib/crewai-tools/src/crewai_tools/tools/serper_dev_tool/serper_dev_tool.py:257 · flow /tmp/closeopen-shk8_bje/repo/lib/crewai-tools/src/crewai_tools/tools/serper_dev_tool/serper_dev_tool.py:251 → /tmp/closeopen-shk8_bje/repo/lib/crewai-tools/src/crewai_tools/tools/serper_dev_tool/serper_dev_tool.py:257
            response = requests.post(
                search_url, headers=headers, json=payload, timeout=10
            )

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

medium pii_flow production #9885b287688ce7df A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
repo/lib/crewai-tools/src/crewai_tools/tools/serper_scrape_website_tool/serper_scrape_website_tool.py:59 · flow /tmp/closeopen-shk8_bje/repo/lib/crewai-tools/src/crewai_tools/tools/serper_scrape_website_tool/serper_scrape_website_tool.py:52 → /tmp/closeopen-shk8_bje/repo/lib/crewai-tools/src/crewai_tools/tools/serper_scrape_website_tool/serper_scrape_website_tool.py:59
            response = requests.post(
                api_url,
                headers=headers,
                data=payload,
                timeout=30,
            )

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

expand_more 156 low-confidence finding(s)
low env_fs production #492da74be3cca64c Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/adapters/enterprise_adapter.py:14
    base_url = os.getenv("CREWAI_PLUS_URL", "https://app.crewai.com")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #5821971ad4431215 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/crewai-tools/src/crewai_tools/adapters/enterprise_adapter.py:299
            response = requests.get(actions_url, headers=headers, timeout=30)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #5caf5d93f007f32d Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/adapters/enterprise_adapter.py:419
        token = enterprise_action_token or os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #687f9f3b119766d0 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/adapters/enterprise_adapter.py:419
        token = enterprise_action_token or os.environ.get(
            "CREWAI_ENTERPRISE_TOOLS_TOKEN"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #d80415744ce73372 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/crewai-tools/src/crewai_tools/adapters/zapier_adapter.py:45
        response = requests.request(
            "POST",
            execute_url,
            headers=headers,
            json=action_params,
            timeout=30,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #87312abc0d809904 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/adapters/zapier_adapter.py:62
        self.api_key = api_key or os.getenv("ZAPIER_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #af1968204be2bd88 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/crewai-tools/src/crewai_tools/adapters/zapier_adapter.py:71
        response = requests.request(
            "GET",
            ACTIONS_URL,
            headers=headers,
            timeout=30,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #443bb6dcc0fa0504 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/aws/bedrock/agents/invoke_agent_tool.py:60
        self.agent_id = agent_id or os.getenv("BEDROCK_AGENT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1bedd0fc4a582b95 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/aws/bedrock/agents/invoke_agent_tool.py:61
        self.agent_alias_id = agent_alias_id or os.getenv("BEDROCK_AGENT_ALIAS_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b519815ebcbe6e3e Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/aws/bedrock/agents/invoke_agent_tool.py:105
                region_name=os.getenv(
                    "AWS_REGION", os.getenv("AWS_DEFAULT_REGION", "us-west-2")
                ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3103f86b828a1f46 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/aws/bedrock/agents/invoke_agent_tool.py:106
                    "AWS_REGION", os.getenv("AWS_DEFAULT_REGION", "us-west-2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #da5673e4bb3ba6ae Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/aws/bedrock/knowledge_base/retriever_tool.py:60
        self.knowledge_base_id = knowledge_base_id or os.getenv("BEDROCK_KB_ID")  # type: ignore[assignment]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #95ecb6ba9a1c745c Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/aws/bedrock/knowledge_base/retriever_tool.py:196
                region_name=os.getenv(
                    "AWS_REGION", os.getenv("AWS_DEFAULT_REGION", "us-east-1")
                ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c1dc510c4ee8b588 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/aws/bedrock/knowledge_base/retriever_tool.py:197
                    "AWS_REGION", os.getenv("AWS_DEFAULT_REGION", "us-east-1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d1355f4317b06ee7 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/aws/s3/reader_tool.py:35
                region_name=os.getenv("CREW_AWS_REGION", "us-east-1"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bbe5a29e5be6f523 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/aws/s3/reader_tool.py:36
                aws_access_key_id=os.getenv("CREW_AWS_ACCESS_KEY_ID"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c1777f650c2f52ca Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/aws/s3/reader_tool.py:37
                aws_secret_access_key=os.getenv("CREW_AWS_SEC_ACCESS_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1ada47fd7b765764 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/aws/s3/writer_tool.py:36
                region_name=os.getenv("CREW_AWS_REGION", "us-east-1"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a8b15d1cfd1fb591 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/aws/s3/writer_tool.py:37
                aws_access_key_id=os.getenv("CREW_AWS_ACCESS_KEY_ID"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a38b596e180bdc2c Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/aws/s3/writer_tool.py:38
                aws_secret_access_key=os.getenv("CREW_AWS_SEC_ACCESS_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #187a049a7049e3fe Filesystem access.
repo/lib/crewai-tools/src/crewai_tools/generate_tool_specs.py:190
        with open(output_path, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #83d32c8e60494b48 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/rag/embedding_service.py:108
            return os.getenv(env_key)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0402df805b11bdc6 Filesystem access.
repo/lib/crewai-tools/src/crewai_tools/rag/loaders/csv_loader.py:29
        with open(path, encoding="utf-8") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #af94a45cfd79dbf4 Filesystem access.
repo/lib/crewai-tools/src/crewai_tools/rag/loaders/json_loader.py:28
        with open(path, encoding="utf-8") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a99412fca7c06227 Filesystem access.
repo/lib/crewai-tools/src/crewai_tools/rag/loaders/mdx_loader.py:36
        with open(path, encoding="utf-8") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3153f261de135bf0 Filesystem access.
repo/lib/crewai-tools/src/crewai_tools/rag/loaders/text_loader.py:15
        with open(source_content.source, encoding="utf-8") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d145d68c50213b37 Filesystem access.
repo/lib/crewai-tools/src/crewai_tools/rag/loaders/xml_loader.py:37
        with open(path, encoding="utf-8") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fbcd1cb514ee8ff5 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/security/safe_path.py:52
    return os.environ.get(_UNSAFE_PATHS_ENV, "").lower() in ("true", "1", "yes")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #467b9b2f25785299 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/crewai-tools/src/crewai_tools/security/safe_requests.py:60
        response = requests.get(current_url, timeout=timeout, **request_kwargs)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #a2db20078df1b2ee Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/ai_mind_tool/ai_mind_tool.py:47
        self.api_key = api_key or os.getenv("MINDS_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #12c0014ab39f678f Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/apify_actors_tool/apify_actors_tool.py:58
        if not os.environ.get("APIFY_API_TOKEN"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #e89bf0f9629e45c8 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/crewai-tools/src/crewai_tools/tools/arxiv_paper_tool/arxiv_paper_tool.py:85
            with urllib.request.urlopen(  # noqa: S310
                api_url, timeout=self.REQUEST_TIMEOUT
            ) as response:

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #61c05a852086f6e0 Filesystem access.
repo/lib/crewai-tools/src/crewai_tools/tools/brave_search_tool/base.py:26
    with open(filename, "w") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1d2b7ffdba4a5bad Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/brave_search_tool/base.py:126
        self._api_key = api_key or os.environ.get("BRAVE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #0949600fe1d8ebd0 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/crewai-tools/src/crewai_tools/tools/brave_search_tool/base.py:190
                resp = requests.get(
                    self.search_url,
                    headers=self._headers,
                    params=params,
                    timeout=self._timeout,
                )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #e5f1b4199dd4263c Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/brave_search_tool/brave_search_tool.py:55
        if "BRAVE_API_KEY" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4e9e2928077015cc Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/brave_search_tool/brave_search_tool.py:129
                "X-Subscription-Token": os.environ["BRAVE_API_KEY"],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #ccb2dbf2948c0217 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/crewai-tools/src/crewai_tools/tools/brave_search_tool/brave_search_tool.py:133
            response = requests.get(
                self.search_url, headers=headers, params=payload, timeout=30
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #5b11869cbd7b2369 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/brightdata_tool/brightdata_dataset.py:20
            API_URL=os.environ.get("BRIGHTDATA_API_URL", "https://api.brightdata.com"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b3c8bfa88506ba51 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/brightdata_tool/brightdata_dataset.py:21
            DEFAULT_TIMEOUT=int(os.environ.get("BRIGHTDATA_DEFAULT_TIMEOUT", "600")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0224f270ce5c4471 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/brightdata_tool/brightdata_dataset.py:23
                os.environ.get("BRIGHTDATA_DEFAULT_POLLING_INTERVAL", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e525821a27b91a50 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/brightdata_tool/brightdata_dataset.py:481
        api_key = os.getenv("BRIGHT_DATA_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #f900c1e52fc5c4c5 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/crewai-tools/src/crewai_tools/tools/brightdata_tool/brightdata_dataset.py:499
            async with session.post(
                f"{BRIGHTDATA_API_URL}/datasets/v3/trigger",
                params={"dataset_id": dataset_id, "include_errors": "true"},
                json=[request_data],
                headers=headers,
            ) as trigger_response:

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress production #2ba832d771af6733 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/crewai-tools/src/crewai_tools/tools/brightdata_tool/brightdata_dataset.py:518
                async with session.get(
                    f"{BRIGHTDATA_API_URL}/datasets/v3/progress/{snapshot_id}",
                    headers=headers,
                ) as status_response:

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress production #8f50182b1656de86 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/crewai-tools/src/crewai_tools/tools/brightdata_tool/brightdata_dataset.py:537
            async with session.get(
                f"{BRIGHTDATA_API_URL}/datasets/v3/snapshot/{snapshot_id}",
                params={"format": output_format},
                headers=headers,
            ) as snapshot_response:

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #5b915c9c7e863816 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/brightdata_tool/brightdata_dataset.py:578
        api_key = os.getenv("BRIGHT_DATA_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6749270b3c11a576 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/brightdata_tool/brightdata_serp.py:18
            API_URL=os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d73c151c57d7c8a6 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/brightdata_tool/brightdata_serp.py:18
            API_URL=os.environ.get(
                "BRIGHTDATA_API_URL", "https://api.brightdata.com/request"
            )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f25c28b6d689a0a0 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/brightdata_tool/brightdata_serp.py:125
        self.api_key = os.getenv("BRIGHT_DATA_API_KEY") or ""

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #913ff51b96f4a0ef Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/brightdata_tool/brightdata_serp.py:126
        self.zone = os.getenv("BRIGHT_DATA_ZONE") or ""

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #69e70e7187d01580 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/crewai-tools/src/crewai_tools/tools/brightdata_tool/brightdata_serp.py:224
            response = requests.post(
                self.base_url, json=request_params, headers=headers, timeout=30
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #4f2cbf5989c221e6 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/brightdata_tool/brightdata_unlocker.py:19
            API_URL=os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #99ca1a2eb963d2e4 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/brightdata_tool/brightdata_unlocker.py:19
            API_URL=os.environ.get(
                "BRIGHTDATA_API_URL", "https://api.brightdata.com/request"
            )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #12ef93481de07ff9 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/brightdata_tool/brightdata_unlocker.py:99
        self.api_key = os.getenv("BRIGHT_DATA_API_KEY") or ""

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f53dd49d204a21d8 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/brightdata_tool/brightdata_unlocker.py:100
        self.zone = os.getenv("BRIGHT_DATA_ZONE") or ""

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #cb3b2b0433ec55de Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/crewai-tools/src/crewai_tools/tools/brightdata_tool/brightdata_unlocker.py:141
            response = requests.post(
                self.base_url, json=payload, headers=headers, timeout=30
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #25838a6d5f0018ff Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/browserbase_load_tool/browserbase_load_tool.py:16
    api_key: str | None = os.getenv("BROWSERBASE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #49ccaa44f6e7eff5 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/browserbase_load_tool/browserbase_load_tool.py:17
    project_id: str | None = os.getenv("BROWSERBASE_PROJECT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d749e41879329400 Filesystem access.
repo/lib/crewai-tools/src/crewai_tools/tools/contextualai_create_agent_tool/contextual_create_agent_tool.py:65
                with open(doc_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bfcfbd452ab7e0aa Filesystem access.
repo/lib/crewai-tools/src/crewai_tools/tools/contextualai_parse_tool/contextual_parse_tool.py:78
            with open(file_path, "rb") as fp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #09b0d962be141995 Hardcoded external endpoint. Review what data is sent to this destination.
repo/lib/crewai-tools/src/crewai_tools/tools/contextualai_parse_tool/contextual_parse_tool.py:80
                result = requests.post(
                    url, headers=headers, data=config, files=file, timeout=30
                )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress production #01716fbade6e92b3 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/crewai-tools/src/crewai_tools/tools/contextualai_parse_tool/contextual_parse_tool.py:89
                result = requests.get(status_url, headers=headers, timeout=30)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress production #5e024b2522861c8a Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/crewai-tools/src/crewai_tools/tools/contextualai_parse_tool/contextual_parse_tool.py:100
            result = requests.get(
                results_url,
                headers=headers,
                params={"output_types": ",".join(output_types)},
                timeout=30,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress production #3d8add250cfe2ae2 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/crewai-tools/src/crewai_tools/tools/contextualai_query_tool/contextual_query_tool.py:49
        response = requests.get(url, headers=headers, timeout=30)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress production #594caac065d5e02a Hardcoded external endpoint. Review what data is sent to this destination.
repo/lib/crewai-tools/src/crewai_tools/tools/contextualai_rerank_tool/contextual_rerank_tool.py:69
            result = requests.post(
                rerank_url, json=payload, headers=headers, timeout=30
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #b4796ad4bede1f67 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/crewai_platform_tools/crewai_platform_action_tool.py:75
                verify=os.environ.get("CREWAI_FACTORY", "false").lower() != "true",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #0b15d4eb81e1a4de Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/crewai-tools/src/crewai_tools/tools/crewai_platform_tools/crewai_platform_tool_builder.py:47
            response = requests.get(
                actions_url,
                headers=headers,
                timeout=30,
                params={"apps": ",".join(self._apps)},
                verify=os.environ.get("CREWAI_FACTORY", "false").lower() != "true",
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #20f6e3b9d0658bb0 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/crewai_platform_tools/crewai_platform_tool_builder.py:52
                verify=os.environ.get("CREWAI_FACTORY", "false").lower() != "true",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c80a85cfac1c9520 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/crewai_platform_tools/misc.py:6
    base_url = os.getenv("CREWAI_PLUS_URL", "https://app.crewai.com")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #552ca4a10f89558a Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/crewai_platform_tools/misc.py:12
    token = os.getenv("CREWAI_PLATFORM_INTEGRATION_TOKEN") or ""

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #331f28cf755b763f Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/databricks_query_tool/databricks_query_tool.py:145
        has_profile = "DATABRICKS_CONFIG_PROFILE" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e2daa81027ae8f71 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/databricks_query_tool/databricks_query_tool.py:147
            "DATABRICKS_HOST" in os.environ and "DATABRICKS_TOKEN" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #636e43756da36d27 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/daytona_sandbox_tool/daytona_base_tool.py:35
        default_factory=lambda: os.getenv("DAYTONA_API_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #71dbd8d948b130f7 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/daytona_sandbox_tool/daytona_base_tool.py:40
        default_factory=lambda: os.getenv("DAYTONA_API_URL"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0b3413e4fbd93ed3 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/daytona_sandbox_tool/daytona_base_tool.py:45
        default_factory=lambda: os.getenv("DAYTONA_TARGET"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #ccc1a484d6af1c9b Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/crewai-tools/src/crewai_tools/tools/daytona_sandbox_tool/daytona_base_tool.py:152
            return client.get(self.sandbox_id), False

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #d77a6c4d9c30b1e2 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/e2b_sandbox_tool/e2b_base_tool.py:36
            SecretStr(val) if (val := os.getenv("E2B_API_KEY")) else None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fa83cef23fc69207 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/e2b_sandbox_tool/e2b_base_tool.py:43
        default_factory=lambda: os.getenv("E2B_DOMAIN"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #10174bce72e2e6cd Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/exa_tools/exa_search_tool.py:58
        default_factory=lambda: os.getenv("EXA_API_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9ee7f0a64825c7f3 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/exa_tools/exa_search_tool.py:63
        default_factory=lambda: os.getenv("EXA_BASE_URL"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #93937827ca5c5b56 Filesystem access.
repo/lib/crewai-tools/src/crewai_tools/tools/file_read_tool/file_read_tool.py:93
            with open(file_path, "r") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2b9f7651420a59dc Filesystem access.
repo/lib/crewai-tools/src/crewai_tools/tools/file_writer_tool/file_writer_tool.py:70
            with open(real_filepath, mode) as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f9312d67095b0e22 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/generate_crewai_automation_tool/generate_crewai_automation_tool.py:28
        default_factory=lambda: os.getenv("CREWAI_PLUS_URL", "https://app.crewai.com"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9f773ef7cc6e927f Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/generate_crewai_automation_tool/generate_crewai_automation_tool.py:32
        default_factory=lambda: os.getenv("CREWAI_PERSONAL_ACCESS_TOKEN"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #1b0d9bf18ac0e02b Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/crewai-tools/src/crewai_tools/tools/generate_crewai_automation_tool/generate_crewai_automation_tool.py:52
        response = requests.post(  # noqa: S113
            f"{self.crewai_enterprise_url}/crewai_plus/api/v1/studio",
            headers=self._get_headers(input_data.organization_id),
            json={"prompt": input_data.prompt},
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #06fb5efd80aa854e Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/hyperbrowser_load_tool/hyperbrowser_load_tool.py:49
        self.api_key = api_key or os.getenv("HYPERBROWSER_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #816e520433173aa4 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/crewai-tools/src/crewai_tools/tools/invoke_crewai_automation_tool/invoke_crewai_automation_tool.py:123
        response = requests.post(
            f"{self.crew_api_url}/kickoff",
            headers={
                "Authorization": f"Bearer {self.crew_bearer_token}",
                "Content-Type": "application/json",
            },
            json={"inputs": inputs},
            timeout=30,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress production #5af1d192f0d53189 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/crewai-tools/src/crewai_tools/tools/invoke_crewai_automation_tool/invoke_crewai_automation_tool.py:144
        response = requests.get(
            f"{self.crew_api_url}/status/{crew_id}",
            headers={
                "Authorization": f"Bearer {self.crew_bearer_token}",
                "Content-Type": "application/json",
            },
            timeout=30,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress production #149279370f357cf7 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/crewai-tools/src/crewai_tools/tools/jina_scrape_website_tool/jina_scrape_website_tool.py:51
        response = requests.get(
            f"https://r.jina.ai/{url}", headers=self.headers, timeout=15
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #820fe9aa990ca67b Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/linkup/linkup_search_tool.py:54
        self._client = LinkupClient(api_key=api_key or os.getenv("LINKUP_API_KEY"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #30bb028f2362112f Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/merge_agent_handler_tool/merge_agent_handler_tool.py:65
        api_key = os.environ.get("AGENT_HANDLER_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #f49bb693f9eddea5 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/crewai-tools/src/crewai_tools/tools/merge_agent_handler_tool/merge_agent_handler_tool.py:97
            response = requests.post(url, json=payload, headers=headers, timeout=60)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #c9b57b8fa6317763 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/mongodb_vector_search_tool/vector_search.py:124
        if "AZURE_OPENAI_ENDPOINT" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f84d95b09c3abba0 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/mongodb_vector_search_tool/vector_search.py:126
        elif "OPENAI_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9c0dd3a685dbc99b Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/multion_tool/example.py:7
os.environ["OPENAI_API_KEY"] = "Your Key"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2bef4e00e41ae934 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/multion_tool/multion_tool.py:52
        self.multion = MultiOn(api_key=api_key or os.getenv("MULTION_API_KEY"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3a2f780abe6e0f4a Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/nl2sql/nl2sql_tool.py:256
        if os.environ.get("CREWAI_NL2SQL_ALLOW_DML", "").strip().lower() == "true":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c9422eb6dce5bd9f Filesystem access.
repo/lib/crewai-tools/src/crewai_tools/tools/ocr_tool/ocr_tool.py:104
        with open(image_path, "rb") as image_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bef5d56f5cc9c650 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/oxylabs_amazon_product_scraper_tool/oxylabs_amazon_product_scraper_tool.py:146
        username = os.environ.get("OXYLABS_USERNAME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5e3fe0194bc56757 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/oxylabs_amazon_product_scraper_tool/oxylabs_amazon_product_scraper_tool.py:147
        password = os.environ.get("OXYLABS_PASSWORD")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0c0575d473bbd2b0 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/oxylabs_amazon_search_scraper_tool/oxylabs_amazon_search_scraper_tool.py:148
        username = os.environ.get("OXYLABS_USERNAME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4a1687d31cfb2e5f Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/oxylabs_amazon_search_scraper_tool/oxylabs_amazon_search_scraper_tool.py:149
        password = os.environ.get("OXYLABS_PASSWORD")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f90f595a01bff3cb Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/oxylabs_google_search_scraper_tool/oxylabs_google_search_scraper_tool.py:151
        username = os.environ.get("OXYLABS_USERNAME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e398afb3ddc8d550 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/oxylabs_google_search_scraper_tool/oxylabs_google_search_scraper_tool.py:152
        password = os.environ.get("OXYLABS_PASSWORD")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #02be80dd06991253 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/oxylabs_universal_scraper_tool/oxylabs_universal_scraper_tool.py:142
        username = os.environ.get("OXYLABS_USERNAME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #502d7223949400f2 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/oxylabs_universal_scraper_tool/oxylabs_universal_scraper_tool.py:143
        password = os.environ.get("OXYLABS_PASSWORD")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9996ee8440112047 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/parallel_tools/parallel_search_tool.py:78
        api_key = os.environ.get("PARALLEL_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #57171e18e69269fa Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/crewai-tools/src/crewai_tools/tools/parallel_tools/parallel_search_tool.py:104
            resp = requests.post(
                self.search_url, json=payload, headers=headers, timeout=request_timeout
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress production #acc22b9db2420fb1 Hardcoded external endpoint. Review what data is sent to this destination.
repo/lib/crewai-tools/src/crewai_tools/tools/patronus_eval_tool/patronus_eval_tool.py:39
            requests.get(
                "https://api.patronus.ai/v1/evaluators",
                headers={
                    "accept": "application/json",
                    "X-API-KEY": os.environ["PATRONUS_API_KEY"],
                },
                timeout=30,
            ).text

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #65b8b41251fda83f Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/patronus_eval_tool/patronus_eval_tool.py:43
                    "X-API-KEY": os.environ["PATRONUS_API_KEY"],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #5e5c082f5abc9d74 Hardcoded external endpoint. Review what data is sent to this destination.
repo/lib/crewai-tools/src/crewai_tools/tools/patronus_eval_tool/patronus_eval_tool.py:62
            requests.get(
                "https://api.patronus.ai/v1/evaluator-criteria",
                headers={
                    "accept": "application/json",
                    "X-API-KEY": os.environ["PATRONUS_API_KEY"],
                },
                timeout=30,
            ).text

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #a536efd4ff8a63c7 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/patronus_eval_tool/patronus_eval_tool.py:66
                    "X-API-KEY": os.environ["PATRONUS_API_KEY"],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #637711da1acab6a8 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/patronus_eval_tool/patronus_eval_tool.py:138
        api_key = os.getenv("PATRONUS_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #45c642791e984d02 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/crewai-tools/src/crewai_tools/tools/patronus_eval_tool/patronus_eval_tool.py:145
        response = requests.post(
            self.evaluate_url,
            headers=headers,
            data=json.dumps(data),
            timeout=30,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #85381d460b0a3953 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/patronus_eval_tool/patronus_predefined_criteria_eval_tool.py:60
        api_key = os.getenv("PATRONUS_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #a98de8a498113a75 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/crewai-tools/src/crewai_tools/tools/patronus_eval_tool/patronus_predefined_criteria_eval_tool.py:95
        response = requests.post(
            self.evaluate_url,
            headers=headers,
            data=json.dumps(data),
            timeout=30,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #2eb6352e16cebfc7 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/qdrant_vector_search_tool/qdrant_search_tool.py:113
                    .Client(api_key=os.getenv("OPENAI_API_KEY"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #57e239eb966b8dea Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/scrape_element_from_website/scrape_element_from_website.py:68
                self.cookies = {cookies["name"]: os.getenv(cookies["value"]) or ""}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #42d4b3b37c744b89 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/scrape_website_tool/scrape_website_tool.py:67
                self.cookies = {cookies["name"]: os.getenv(cookies["value"]) or ""}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #473b23d88e2668a0 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/scrapegraph_scrape_tool/scrapegraph_scrape_tool.py:113
        self.api_key = api_key or os.getenv("SCRAPEGRAPH_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #82c1c6137164a2ab Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/scrapfly_scrape_website_tool/scrapfly_scrape_website_tool.py:66
        self.scrapfly = ScrapflyClient(key=api_key or os.getenv("SCRAPFLY_API_KEY"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #433f07f275d3e6ae Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/serpapi_tool/serpapi_base_tool.py:44
        api_key = os.getenv("SERPAPI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f264e5729a00a306 Filesystem access.
repo/lib/crewai-tools/src/crewai_tools/tools/serper_dev_tool/serper_dev_tool.py:94
        with open(filename, "w") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #80e10765d1fb4dd7 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/serper_dev_tool/serper_dev_tool.py:251
            "X-API-KEY": os.environ["SERPER_API_KEY"],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #0df5ac9f0bcec18a Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/crewai-tools/src/crewai_tools/tools/serper_dev_tool/serper_dev_tool.py:257
            response = requests.post(
                search_url, headers=headers, json=payload, timeout=10
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #04a6a0bbdf09bdab Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/serper_scrape_website_tool/serper_scrape_website_tool.py:52
            api_key = os.getenv("SERPER_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #0a327194aab65958 Hardcoded external endpoint. Review what data is sent to this destination.
repo/lib/crewai-tools/src/crewai_tools/tools/serper_scrape_website_tool/serper_scrape_website_tool.py:59
            response = requests.post(
                api_url,
                headers=headers,
                data=payload,
                timeout=30,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #314d7dfe9b02b7ef Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/serply_api_tool/serply_job_search_tool.py:47
            "X-API-KEY": os.environ["SERPLY_API_KEY"],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #d5baa06df7fc58e9 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/crewai-tools/src/crewai_tools/tools/serply_api_tool/serply_job_search_tool.py:66
        response = requests.request("GET", url, headers=self.headers, timeout=30)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #10b7b8a3ce652b15 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/serply_api_tool/serply_news_search_tool.py:47
            "X-API-KEY": os.environ["SERPLY_API_KEY"],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #e63959d6d481b43e Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/crewai-tools/src/crewai_tools/tools/serply_api_tool/serply_news_search_tool.py:65
        response = requests.request(
            "GET",
            url,
            headers=self.headers,
            timeout=30,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress production #347c007f9a973cad Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/crewai-tools/src/crewai_tools/tools/serply_api_tool/serply_news_search_tool.py:78
                    r = requests.get(
                        result["link"],
                        timeout=30,
                    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #9ed6605d487a4b9d Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/serply_api_tool/serply_scholar_search_tool.py:51
            "X-API-KEY": os.environ["SERPLY_API_KEY"],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #c9f40a6673d42bdf Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/crewai-tools/src/crewai_tools/tools/serply_api_tool/serply_scholar_search_tool.py:69
        response = requests.request(
            "GET",
            url,
            headers=self.headers,
            timeout=30,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #3325badb5c96b429 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/serply_api_tool/serply_web_search_tool.py:67
            "X-API-KEY": os.environ["SERPLY_API_KEY"],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #54efa90612b0b9b0 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/crewai-tools/src/crewai_tools/tools/serply_api_tool/serply_web_search_tool.py:84
        response = requests.request(
            "GET",
            url,
            headers=self.headers,
            timeout=30,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #d899e3118d1bae8b Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/serply_api_tool/serply_webpage_to_markdown_tool.py:31
            "X-API-KEY": os.environ["SERPLY_API_KEY"],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #16f5f2793884d76f Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/crewai-tools/src/crewai_tools/tools/serply_api_tool/serply_webpage_to_markdown_tool.py:54
        response = requests.request(
            "POST",
            self.request_url,
            headers=self.headers,
            json=data,
            timeout=30,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #05367487d8ea1809 Filesystem access.
repo/lib/crewai-tools/src/crewai_tools/tools/snowflake_search_tool/snowflake_search_tool.py:188
            with open(self.config.private_key_path, "rb") as key_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ea238fde00cba4ae Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/stagehand_tool/example.py:34
browserbase_api_key = os.environ.get("BROWSERBASE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ea902863b280b339 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/stagehand_tool/example.py:35
browserbase_project_id = os.environ.get("BROWSERBASE_PROJECT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f8c811b4d91d8fd7 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/stagehand_tool/example.py:36
model_api_key = os.environ.get("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5a2e1cfa27da83ba Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/stagehand_tool/stagehand_tool.py:208
        self.api_key = api_key or os.getenv("BROWSERBASE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #61a0131a555feff4 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/stagehand_tool/stagehand_tool.py:209
        self.project_id = project_id or os.getenv("BROWSERBASE_PROJECT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #12a30cddaa6b02e6 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/stagehand_tool/stagehand_tool.py:263
            return self.model_api_key or os.getenv("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #44851f3377ebad10 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/stagehand_tool/stagehand_tool.py:265
            return self.model_api_key or os.getenv("ANTHROPIC_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cd26236a2e056506 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/stagehand_tool/stagehand_tool.py:267
            return self.model_api_key or os.getenv("GOOGLE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #64413b008c78ade7 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/stagehand_tool/stagehand_tool.py:271
            or os.getenv("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #98cd4be8e73a136e Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/stagehand_tool/stagehand_tool.py:272
            or os.getenv("ANTHROPIC_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cd98c4bae114f712 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/tavily_extractor_tool/tavily_extractor_tool.py:62
        default_factory=lambda: os.getenv("TAVILY_API_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bd0934886c98286a Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/tavily_get_research_tool/tavily_get_research_tool.py:56
            api_key = os.getenv("TAVILY_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6e442e6301ee3306 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/tavily_research_tool/tavily_research_tool.py:92
            api_key = os.getenv("TAVILY_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d9a6e481a570e256 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/tavily_search_tool/tavily_search_tool.py:61
        default_factory=lambda: os.getenv("TAVILY_API_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c55ef40e44ed3cd8 Filesystem access.
repo/lib/crewai-tools/src/crewai_tools/tools/vision_tool/vision_tool.py:140
        with open(image_path, "rb") as image_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8834030df3fd3e71 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/weaviate_tool/vector_search.py:89
            openai_api_key = os.environ.get("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #71d9c3474f261f24 Environment-variable access.
repo/lib/crewai-tools/src/crewai_tools/tools/zapier_action_tool/zapier_action_tool.py:23
        zapier_api_key = os.getenv("ZAPIER_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

first-party (python): lib/crewai

python first-party
medium telemetry production #94dc803559b89672 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/lib/crewai/src/crewai/crew.py:21
from opentelemetry import baggage

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #8c1420f1580244f3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/lib/crewai/src/crewai/crew.py:22
from opentelemetry.context import attach, detach

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #3e15c59ca0f9bace Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/lib/crewai/src/crewai/crew.py:42
    from opentelemetry.trace import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #d8a3a30bdf65f974 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/lib/crewai/src/crewai/crews/utils.py:9
from opentelemetry import baggage

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #370c45e8f38e4726 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/lib/crewai/src/crewai/flow/runtime/__init__.py:35
from opentelemetry import baggage

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #dae2b2012fd51128 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/lib/crewai/src/crewai/flow/runtime/__init__.py:36
from opentelemetry.context import attach, detach

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #8da4852375173194 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/lib/crewai/src/crewai/telemetry/telemetry.py:23
from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #93c7e56e34c2ed01 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/lib/crewai/src/crewai/telemetry/telemetry.py:24
from opentelemetry.exporter.otlp.proto.http.trace_exporter import (
    OTLPSpanExporter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #5fc00dd8bc0de3c2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/lib/crewai/src/crewai/telemetry/telemetry.py:27
from opentelemetry.sdk.resources import SERVICE_NAME, Resource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #862962789b76aaf2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/lib/crewai/src/crewai/telemetry/telemetry.py:28
from opentelemetry.sdk.trace import TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #0394dcc444c93123 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/lib/crewai/src/crewai/telemetry/telemetry.py:29
from opentelemetry.sdk.trace.export import (
    BatchSpanProcessor,
    SpanExportResult,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #e4f6bb1be987465c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/lib/crewai/src/crewai/telemetry/telemetry.py:33
from opentelemetry.trace import ProxyTracerProvider, Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #14f7df8d6badc228 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/lib/crewai/src/crewai/telemetry/utils.py:11
from opentelemetry.trace import Span, Status, StatusCode

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #62e6623cac940a3b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/lib/crewai/src/crewai/utilities/crew/crew_context.py:5
from opentelemetry import baggage

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

expand_more 120 low-confidence finding(s)
low env_fs production #a7d863b00613ac1a Filesystem access.
repo/lib/crewai/src/crewai/a2a/auth/client_schemes.py:112
            root_certs = Path(self.ca_cert_path).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9075d95ce72db400 Filesystem access.
repo/lib/crewai/src/crewai/a2a/auth/client_schemes.py:115
            private_key = Path(self.client_key_path).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #88a7b844d12a160b Filesystem access.
repo/lib/crewai/src/crewai/a2a/auth/client_schemes.py:116
            certificate_chain = Path(self.client_cert_path).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #99808df1b1267cef Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/crewai/src/crewai/a2a/auth/client_schemes.py:393
        response = await client.post(self.token_url, data=data)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress production #4c94b84c09c57737 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/crewai/src/crewai/a2a/auth/client_schemes.py:511
        response = await client.post(self.token_url, data=data)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress production #4d124e9f5ec95165 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/crewai/src/crewai/a2a/auth/client_schemes.py:541
        response = await client.post(self.token_url, data=data)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #483a26b9656ed6ce Environment-variable access.
repo/lib/crewai/src/crewai/a2a/auth/server_schemes.py:151
        return os.environ.get("AUTH_TOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #64d489d7b1a77006 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/crewai/src/crewai/a2a/auth/server_schemes.py:589
                response = await client.post(
                    str(self.introspection_url),
                    data={"token": token},
                    auth=(
                        self.introspection_client_id or "",
                        self.introspection_client_secret.get_secret_value()
                        if self.introspection_client_secret
                        else "",
                    ),
                )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #f336f2d4ed2ff6b2 Filesystem access.
repo/lib/crewai/src/crewai/a2a/config.py:130
            return Path(self.private_key_path).read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #fe9092aeac56e100 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/crewai/src/crewai/a2a/utils/agent_card.py:268
            return await temp_client.get(agent_card_url)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #6e2ea3c283699b56 Environment-variable access.
repo/lib/crewai/src/crewai/a2a/utils/task.py:102
_redis_url = os.environ.get("REDIS_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #aa9d061e095abb13 Environment-variable access.
repo/lib/crewai/src/crewai/agent/core.py:1229
            else os.getenv(CREWAI_TRAINED_AGENTS_FILE_ENV, TRAINED_AGENTS_DATA_FILE)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fff5b929401cda03 Environment-variable access.
repo/lib/crewai/src/crewai/context.py:47
        token = os.getenv("CREWAI_PLATFORM_INTEGRATION_TOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #adc6911bd3b42e67 Environment-variable access.
repo/lib/crewai/src/crewai/events/listeners/tracing/trace_listener.py:194
            "user_id": os.getenv("CREWAI_USER_ID", "anonymous"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #010391105dab95be Environment-variable access.
repo/lib/crewai/src/crewai/events/listeners/tracing/trace_listener.py:195
            "organization_id": os.getenv("CREWAI_ORG_ID", ""),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8f22b3edc4461ac4 Environment-variable access.
repo/lib/crewai/src/crewai/events/listeners/tracing/utils.py:128
    env_value = os.getenv("CREWAI_TRACING_ENABLED", "").lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1fd047b9e23e0dd5 Environment-variable access.
repo/lib/crewai/src/crewai/events/listeners/tracing/utils.py:188
    return os.environ.get("CREWAI_TESTING", "").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #13b2bbbbd3024fa2 Filesystem access.
repo/lib/crewai/src/crewai/events/listeners/tracing/utils.py:297
                content = path.read_text().strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e6dda14f6a60e22d Environment-variable access.
repo/lib/crewai/src/crewai/events/listeners/tracing/utils.py:341
            container_id = os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6a0daaf7024af648 Environment-variable access.
repo/lib/crewai/src/crewai/events/listeners/tracing/utils.py:341
            container_id = os.environ.get(
                "HOSTNAME", os.environ.get("CONTAINER_ID", "")
            )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1e83ac97992a8553 Environment-variable access.
repo/lib/crewai/src/crewai/events/listeners/tracing/utils.py:342
                "HOSTNAME", os.environ.get("CONTAINER_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9d4be27f2e99dc32 Filesystem access.
repo/lib/crewai/src/crewai/events/listeners/tracing/utils.py:380
        p.write_text(json.dumps(data, indent=2))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ef59c87b5469f59c Filesystem access.
repo/lib/crewai/src/crewai/events/listeners/tracing/utils.py:412
        p.write_text(json.dumps(data, indent=2))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1175e9a027eb11dc Environment-variable access.
repo/lib/crewai/src/crewai/events/utils/console_formatter.py:70
        if os.getenv("CI", "").lower() in ("true", "1"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #70773ce8628f2e37 Environment-variable access.
repo/lib/crewai/src/crewai/events/utils/console_formatter.py:73
        if os.getenv("CREWAI_DISABLE_VERSION_CHECK", "").lower() in ("true", "1"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d5775f478ac25176 Filesystem access.
repo/lib/crewai/src/crewai/experimental/evaluation/experiment/result.py:42
            with open(filepath, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5f966beb0a3a0856 Filesystem access.
repo/lib/crewai/src/crewai/experimental/evaluation/experiment/result.py:58
                with open(baseline_filepath, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2d62c803a2137921 Filesystem access.
repo/lib/crewai/src/crewai/experimental/evaluation/experiment/result.py:73
                with open(baseline_filepath, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f07b7e9f68d2532a Filesystem access.
repo/lib/crewai/src/crewai/experimental/evaluation/experiment/result.py:91
            with open(baseline_filepath, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #156123e67466c352 Filesystem access.
repo/lib/crewai/src/crewai/flow/flow_definition.py:824
            contents = source_path.expanduser().read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #70314ac6becc3ba4 Environment-variable access.
repo/lib/crewai/src/crewai/flow/runtime/_actions.py:238
        raw = os.environ.get(_ALLOW_SCRIPT_EXECUTION_ENV_VAR, "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #42e35b75aab10044 Filesystem access.
repo/lib/crewai/src/crewai/flow/skill.py:89
    example_yaml = (_TEMPLATES_DIR / "flow_definition_example.yaml").read_text(
        encoding="utf-8"
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e567da76511335dd Filesystem access.
repo/lib/crewai/src/crewai/flow/visualization/renderers/interactive.py:414
    css_content = css_file.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #69004baa2ef8bd4c Filesystem access.
repo/lib/crewai/src/crewai/flow/visualization/renderers/interactive.py:421
    css_output_path.write_text(css_content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c52a2522405015de Filesystem access.
repo/lib/crewai/src/crewai/flow/visualization/renderers/interactive.py:424
    js_content = js_file.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #172e1cc4bbda0418 Filesystem access.
repo/lib/crewai/src/crewai/flow/visualization/renderers/interactive.py:438
    js_output_path.write_text(js_content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #526438b9e41e0a30 Filesystem access.
repo/lib/crewai/src/crewai/flow/visualization/renderers/interactive.py:461
    output_path.write_text(html_content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f2459498d9a7f0d8 Environment-variable access.
repo/lib/crewai/src/crewai/knowledge/knowledge.py:66
os.environ["TOKENIZERS_PARALLELISM"] = "false"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8c3e95d37b59c83c Filesystem access.
repo/lib/crewai/src/crewai/knowledge/source/csv_knowledge_source.py:17
            with open(file_path, "r", encoding="utf-8") as csvfile:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #dee0960a56341087 Filesystem access.
repo/lib/crewai/src/crewai/knowledge/source/json_knowledge_source.py:18
            with open(path, "r", encoding="utf-8") as json_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a5a17035687e87e7 Filesystem access.
repo/lib/crewai/src/crewai/knowledge/source/text_file_knowledge_source.py:17
            with open(path, "r", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #dc5113357b835fe4 Environment-variable access.
repo/lib/crewai/src/crewai/llm.py:629
            or os.getenv("OPENAI_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7931ce7c387ec5bb Environment-variable access.
repo/lib/crewai/src/crewai/llm.py:630
            or os.getenv("OPENAI_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ae3de0ea1a0d732c Environment-variable access.
repo/lib/crewai/src/crewai/llm.py:2524
            success_callbacks_str = os.environ.get("LITELLM_SUCCESS_CALLBACKS", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7b172800fdfbf2bf Environment-variable access.
repo/lib/crewai/src/crewai/llm.py:2531
            failure_callbacks_str = os.environ.get("LITELLM_FAILURE_CALLBACKS", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c5474e5a4a50bdc5 Environment-variable access.
repo/lib/crewai/src/crewai/llms/providers/anthropic/completion.py:256
            self.api_key = os.getenv("ANTHROPIC_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #311e39e52cd35d84 Environment-variable access.
repo/lib/crewai/src/crewai/llms/providers/azure/completion.py:122
        data["api_key"] = data.get("api_key") or os.getenv("AZURE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e3c850500f74a4ba Environment-variable access.
repo/lib/crewai/src/crewai/llms/providers/azure/completion.py:125
            or os.getenv("AZURE_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b6b2ffb22f724e24 Environment-variable access.
repo/lib/crewai/src/crewai/llms/providers/azure/completion.py:126
            or os.getenv("AZURE_OPENAI_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2afe59ce3b197865 Environment-variable access.
repo/lib/crewai/src/crewai/llms/providers/azure/completion.py:127
            or os.getenv("AZURE_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8e5724bd3e2850c4 Environment-variable access.
repo/lib/crewai/src/crewai/llms/providers/azure/completion.py:130
            data.get("api_version") or os.getenv("AZURE_API_VERSION") or "2024-06-01"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #af8b2811b0688b32 Environment-variable access.
repo/lib/crewai/src/crewai/llms/providers/azure/completion.py:164
        raw = os.getenv("AZURE_CREDENTIAL_SCOPES")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5a586f70d47ae784 Environment-variable access.
repo/lib/crewai/src/crewai/llms/providers/azure/completion.py:271
            self.api_key = os.getenv("AZURE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9bb2e8a4a02deab3 Environment-variable access.
repo/lib/crewai/src/crewai/llms/providers/azure/completion.py:274
                os.getenv("AZURE_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #011b88b4a944e6a5 Environment-variable access.
repo/lib/crewai/src/crewai/llms/providers/azure/completion.py:275
                or os.getenv("AZURE_OPENAI_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #384e15f459c81d1e Environment-variable access.
repo/lib/crewai/src/crewai/llms/providers/azure/completion.py:276
                or os.getenv("AZURE_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e83622aeaf38995b Environment-variable access.
repo/lib/crewai/src/crewai/llms/providers/bedrock/completion.py:275
        data["aws_access_key_id"] = data.get("aws_access_key_id") or os.getenv(
            "AWS_ACCESS_KEY_ID"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #eb6e5ffb216a4ebc Environment-variable access.
repo/lib/crewai/src/crewai/llms/providers/bedrock/completion.py:278
        data["aws_secret_access_key"] = data.get("aws_secret_access_key") or os.getenv(
            "AWS_SECRET_ACCESS_KEY"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #94f8a639dc7ceb53 Environment-variable access.
repo/lib/crewai/src/crewai/llms/providers/bedrock/completion.py:281
        data["aws_session_token"] = data.get("aws_session_token") or os.getenv(
            "AWS_SESSION_TOKEN"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a764acc2f47797e7 Environment-variable access.
repo/lib/crewai/src/crewai/llms/providers/bedrock/completion.py:286
            or os.getenv("AWS_DEFAULT_REGION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6e01e92b5309b5cd Environment-variable access.
repo/lib/crewai/src/crewai/llms/providers/bedrock/completion.py:287
            or os.getenv("AWS_REGION_NAME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ebc95e1bc7a7f7b9 Environment-variable access.
repo/lib/crewai/src/crewai/llms/providers/gemini/completion.py:84
            or os.getenv("GOOGLE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #92d10124a01274f4 Environment-variable access.
repo/lib/crewai/src/crewai/llms/providers/gemini/completion.py:85
            or os.getenv("GEMINI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a01a94384bf880ec Environment-variable access.
repo/lib/crewai/src/crewai/llms/providers/gemini/completion.py:87
        data["project"] = data.get("project") or os.getenv("GOOGLE_CLOUD_PROJECT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #47a9a27bd9c36731 Environment-variable access.
repo/lib/crewai/src/crewai/llms/providers/gemini/completion.py:89
            data.get("location") or os.getenv("GOOGLE_CLOUD_LOCATION") or "us-central1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #694a602b5d3acb73 Environment-variable access.
repo/lib/crewai/src/crewai/llms/providers/gemini/completion.py:94
            use_vx = os.getenv("GOOGLE_GENAI_USE_VERTEXAI", "").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3326ad75a106b8dc Environment-variable access.
repo/lib/crewai/src/crewai/llms/providers/gemini/completion.py:133
                self.api_key = os.getenv("GOOGLE_API_KEY") or os.getenv(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6ebea4c14fd9c70f Environment-variable access.
repo/lib/crewai/src/crewai/llms/providers/gemini/completion.py:133
                self.api_key = os.getenv("GOOGLE_API_KEY") or os.getenv(
                    "GEMINI_API_KEY"
                )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #647b203b01d9eb35 Environment-variable access.
repo/lib/crewai/src/crewai/llms/providers/gemini/completion.py:137
                self.project = os.getenv("GOOGLE_CLOUD_PROJECT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #39103393c7a0d2a3 Environment-variable access.
repo/lib/crewai/src/crewai/llms/providers/openai/completion.py:253
                or os.getenv("OPENAI_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #102bef28dab4997c Environment-variable access.
repo/lib/crewai/src/crewai/llms/providers/openai/completion.py:254
                or os.getenv("OPENAI_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #10e5a8d31cfd4095 Environment-variable access.
repo/lib/crewai/src/crewai/llms/providers/openai/completion.py:265
        data["api_key"] = data.get("api_key") or os.getenv("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a98bd6a668b9a381 Environment-variable access.
repo/lib/crewai/src/crewai/llms/providers/openai/completion.py:379
                or os.getenv("OPENAI_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9f700fba72b43ba2 Environment-variable access.
repo/lib/crewai/src/crewai/llms/providers/openai/completion.py:380
                or os.getenv("OPENAI_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c4632aae695e88fd Environment-variable access.
repo/lib/crewai/src/crewai/llms/providers/openai/completion.py:388
            self.api_key = os.getenv("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #337f58b01d9f5eca Environment-variable access.
repo/lib/crewai/src/crewai/llms/providers/openai/completion.py:398
            or os.getenv("OPENAI_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d84ffcb32de5e9e8 Environment-variable access.
repo/lib/crewai/src/crewai/llms/providers/openai/completion.py:399
            or os.getenv("OPENAI_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #be5eab213b7603ff Environment-variable access.
repo/lib/crewai/src/crewai/llms/providers/openai_compatible/completion.py:189
        env_key = os.getenv(config.api_key_env)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #764b930788568c4e Environment-variable access.
repo/lib/crewai/src/crewai/llms/providers/openai_compatible/completion.py:220
            env_value = os.getenv(config.base_url_env)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #de420a0a0240241a Environment-variable access.
repo/lib/crewai/src/crewai/llms/providers/snowflake/completion.py:93
                token = os.getenv(env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9ea561fa1e1b66fa Environment-variable access.
repo/lib/crewai/src/crewai/llms/providers/snowflake/completion.py:114
        account_url = data.get("account_url") or os.getenv("SNOWFLAKE_ACCOUNT_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c1f344a4ba259274 Environment-variable access.
repo/lib/crewai/src/crewai/llms/providers/snowflake/completion.py:122
            or os.getenv("SNOWFLAKE_ACCOUNT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3492c3a60a87c375 Environment-variable access.
repo/lib/crewai/src/crewai/llms/providers/snowflake/completion.py:123
            or os.getenv("SNOWFLAKE_ACCOUNT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3d8e9534633fca33 Environment-variable access.
repo/lib/crewai/src/crewai/llms/providers/snowflake/completion.py:124
            or os.getenv("SNOWFLAKE_ACCOUNT_IDENTIFIER")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c2ad73f09e04e6cf Environment-variable access.
repo/lib/crewai/src/crewai/memory/storage/lancedb_storage.py:68
            storage_dir = os.environ.get("CREWAI_STORAGE_DIR")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #29273bf6f3f45d95 Environment-variable access.
repo/lib/crewai/src/crewai/memory/storage/qdrant_edge_storage.py:104
            storage_dir = os.environ.get("CREWAI_STORAGE_DIR")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b615ca7d40064a7d Filesystem access.
repo/lib/crewai/src/crewai/project/crew_base.py:391
        with open(config_path, encoding="utf-8") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #783d95f5bae2d1bd Filesystem access.
repo/lib/crewai/src/crewai/project/json_loader.py:209
    return parse_jsonc(path.read_text(encoding="utf-8"), source=path)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #94daf5d504db5a2d Environment-variable access.
repo/lib/crewai/src/crewai/rag/chromadb/config.py:61
            api_key=os.getenv("OPENAI_API_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f2430a7fea623b45 Filesystem access.
repo/lib/crewai/src/crewai/skills/cache.py:91
        (skill_dir / _META_FILENAME).write_text(
            json.dumps(meta, indent=2), encoding="utf-8"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8a3fa6f07cd97f6d Filesystem access.
repo/lib/crewai/src/crewai/skills/cache.py:109
                            json.loads(meta_file.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #820387e77545fa46 Filesystem access.
repo/lib/crewai/src/crewai/skills/parser.py:89
    content = path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7c8940eb00c57dfd Environment-variable access.
repo/lib/crewai/src/crewai/skills/registry.py:76
        os.environ.get("CI") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9494b2b44ee399af Environment-variable access.
repo/lib/crewai/src/crewai/skills/registry.py:77
        or os.environ.get("CREWAI_NONINTERACTIVE") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #83196ad6c85612c8 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/crewai/src/crewai/skills/registry.py:192
        dl_response = httpx.get(download_url, follow_redirects=True)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #e5145cd54380779e Filesystem access.
repo/lib/crewai/src/crewai/state/provider/json_provider.py:66
        with open(file_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9e7bb61e8272075b Filesystem access.
repo/lib/crewai/src/crewai/state/provider/json_provider.py:132
        return Path(location).read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #af84dedf9740e742 Filesystem access.
repo/lib/crewai/src/crewai/state/provider/utils.py:29
        with open(file_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7501e29c70186fd6 Environment-variable access.
repo/lib/crewai/src/crewai/telemetry/telemetry.py:151
            os.getenv("OTEL_SDK_DISABLED", "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #78dc43dcdd0c821b Environment-variable access.
repo/lib/crewai/src/crewai/telemetry/telemetry.py:152
            or os.getenv("CREWAI_DISABLE_TELEMETRY", "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3652452b17dcdf29 Environment-variable access.
repo/lib/crewai/src/crewai/telemetry/telemetry.py:153
            or os.getenv("CREWAI_DISABLE_TRACKING", "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0ce39d062c1d2cef Environment-variable access.
repo/lib/crewai/src/crewai/types/callback.py:27
    raw = os.environ.get("CREWAI_DESERIALIZE_CALLBACKS", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1c54e2ccf51f7756 Environment-variable access.
repo/lib/crewai/src/crewai/utilities/env.py:20
    return any(os.environ.get(var) for var in CODEX_ENV_VARS)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8d279d1da9bfa105 Environment-variable access.
repo/lib/crewai/src/crewai/utilities/env.py:24
    return any(os.environ.get(var) for var in CURSOR_ENV_VARS)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d64eff55b636057e Environment-variable access.
repo/lib/crewai/src/crewai/utilities/env.py:32
    if os.environ.get(CC_ENV_VAR):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f06bdcb5a121fca6 Filesystem access.
repo/lib/crewai/src/crewai/utilities/file_handler.py:94
                        with open(self._path, encoding="utf-8") as read_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e59cfb1464256444 Filesystem access.
repo/lib/crewai/src/crewai/utilities/file_handler.py:100
                    with open(self._path, "w", encoding="utf-8") as write_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #25cfac9e09ea81d4 Filesystem access.
repo/lib/crewai/src/crewai/utilities/file_handler.py:112
                    with open(self._path, "a", encoding="utf-8") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #76b8ee1cd996ecd1 Filesystem access.
repo/lib/crewai/src/crewai/utilities/file_handler.py:151
            with open(self.file_path, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #133d7ebc0b6c47aa Filesystem access.
repo/lib/crewai/src/crewai/utilities/file_handler.py:165
                with open(self.file_path, "rb") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e951dc16bcd08ada Filesystem access.
repo/lib/crewai/src/crewai/utilities/i18n.py:38
                with open(self.prompt_file, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #89a309cc7a007bea Filesystem access.
repo/lib/crewai/src/crewai/utilities/i18n.py:44
                with open(prompts_path, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8ded6e0b142fdd29 Environment-variable access.
repo/lib/crewai/src/crewai/utilities/llm_utils.py:104
        os.environ.get("MODEL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e6113303006eb9be Environment-variable access.
repo/lib/crewai/src/crewai/utilities/llm_utils.py:105
        or os.environ.get("MODEL_NAME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7551078b43674ab4 Environment-variable access.
repo/lib/crewai/src/crewai/utilities/llm_utils.py:106
        or os.environ.get("OPENAI_MODEL_NAME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #98c38aa55de8f2d4 Environment-variable access.
repo/lib/crewai/src/crewai/utilities/llm_utils.py:130
        os.environ.get("BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2f40264408ba3ad2 Environment-variable access.
repo/lib/crewai/src/crewai/utilities/llm_utils.py:131
        or os.environ.get("OPENAI_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4d6206f14a8f758e Environment-variable access.
repo/lib/crewai/src/crewai/utilities/llm_utils.py:132
        or os.environ.get("OPENAI_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a3c0fe5ab3efc8a5 Environment-variable access.
repo/lib/crewai/src/crewai/utilities/llm_utils.py:135
    api_base = os.environ.get("API_BASE") or os.environ.get("AZURE_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2236207cbd5f499e Environment-variable access.
repo/lib/crewai/src/crewai/utilities/llm_utils.py:178
                    env_value = os.environ.get(key_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

first-party (python): lib/crewai-core

python first-party
medium telemetry production #005c99efbedaa6ef Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/lib/crewai-core/src/crewai_core/telemetry.py:22
from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #8ffb5d0a1a01563b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/lib/crewai-core/src/crewai_core/telemetry.py:23
from opentelemetry.exporter.otlp.proto.http.trace_exporter import OTLPSpanExporter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #5bea3b7756800f96 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/lib/crewai-core/src/crewai_core/telemetry.py:24
from opentelemetry.sdk.resources import SERVICE_NAME, Resource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #3337c8cc99e37f2c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/lib/crewai-core/src/crewai_core/telemetry.py:25
from opentelemetry.sdk.trace import TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #97eb277ca2ec3762 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/lib/crewai-core/src/crewai_core/telemetry.py:26
from opentelemetry.sdk.trace.export import (
    BatchSpanProcessor,
    SpanExportResult,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #841052cc11b46dff Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/lib/crewai-core/src/crewai_core/telemetry.py:30
from opentelemetry.trace import ProxyTracerProvider, Span, Status, StatusCode

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

expand_more 24 low-confidence finding(s)
low egress production #32b2e551c41f9839 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/crewai-core/src/crewai_core/auth/oauth2.py:139
            response = httpx.post(
                self.oauth2_provider.get_token_url(), data=token_payload, timeout=30
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #261a0858e2c0fa56 Environment-variable access.
repo/lib/crewai-core/src/crewai_core/lock_store.py:33
_REDIS_URL: str | None = os.environ.get("REDIS_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #be629716c76a3154 Environment-variable access.
repo/lib/crewai-core/src/crewai_core/paths.py:13
    return os.environ.get("CREWAI_STORAGE_DIR", Path.cwd().name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #95e52a46d4cd9cac Environment-variable access.
repo/lib/crewai-core/src/crewai_core/plus_api.py:175
            or os.getenv("CREWAI_PLUS_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #99d6217918ad6140 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/crewai-core/src/crewai_core/plus_api.py:199
            return client.request(method, url, **request_kwargs)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress production #44a05da3c36b0d3b Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/crewai-core/src/crewai_core/plus_api.py:229
            return client.request(method, url, files=files, **request_kwargs)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #44a8e1dabcfabe8e Filesystem access.
repo/lib/crewai-core/src/crewai_core/project.py:26
    with open(file_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #44b46a68884f2701 Filesystem access.
repo/lib/crewai-core/src/crewai_core/project.py:163
        with open(pyproject_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #51112a353ded4c3f Filesystem access.
repo/lib/crewai-core/src/crewai_core/settings.py:97
                test_file.write_text("test")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c3e09f73f7568df7 Environment-variable access.
repo/lib/crewai-core/src/crewai_core/telemetry.py:125
            os.getenv("OTEL_SDK_DISABLED", "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c326a9d9f1cf4a1d Environment-variable access.
repo/lib/crewai-core/src/crewai_core/telemetry.py:126
            or os.getenv("CREWAI_DISABLE_TELEMETRY", "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a29e966ee78d58e4 Environment-variable access.
repo/lib/crewai-core/src/crewai_core/telemetry.py:127
            or os.getenv("CREWAI_DISABLE_TRACKING", "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2bfcd4a7e41998ba Environment-variable access.
repo/lib/crewai-core/src/crewai_core/token_manager.py:88
            base_path = os.environ.get("LOCALAPPDATA")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3cafcb9023cd6265 Filesystem access.
repo/lib/crewai-core/src/crewai_core/token_manager.py:150
            with open(file_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1d490b832f60d685 Environment-variable access.
repo/lib/crewai-core/src/crewai_core/tool_credentials.py:24
    env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #079d763d8cfd6979 Environment-variable access.
repo/lib/crewai-core/src/crewai_core/tool_credentials.py:42
    env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cd9677512f6ddfe5 Filesystem access.
repo/lib/crewai-core/src/crewai_core/user_data.py:39
            return cast(dict[str, Any], json.loads(p.read_text()))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d82cb0116dd18b31 Filesystem access.
repo/lib/crewai-core/src/crewai_core/user_data.py:49
        p.write_text(json.dumps(data, indent=2))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #724b88a1d737bca7 Environment-variable access.
repo/lib/crewai-core/src/crewai_core/user_data.py:86
    if os.getenv("CREWAI_TRACING_ENABLED", "false").lower() in ("true", "1"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e5bc7a0c5bc03314 Filesystem access.
repo/lib/crewai-core/src/crewai_core/version.py:117
            cache_data = json.loads(cache_file.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #5a9c8dd54517b43e Hardcoded external endpoint. Review what data is sent to this destination.
repo/lib/crewai-core/src/crewai_core/version.py:125
        with request.urlopen(
            "https://pypi.org/pypi/crewai/json", timeout=timeout
        ) as response:

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #cd1cfb7351dd4174 Filesystem access.
repo/lib/crewai-core/src/crewai_core/version.py:142
            cache_file.write_text(json.dumps(cache_data))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d548a99c2196bb32 Filesystem access.
repo/lib/crewai-core/src/crewai_core/version.py:154
            cache_data = json.loads(cache_file.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ca1568f86a287fdc Filesystem access.
repo/lib/crewai-core/src/crewai_core/version.py:168
        cache_data = json.loads(cache_file.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

first-party (python)

python first-party
expand_more 15 low-confidence finding(s)
low env_fs production #f4a722c28597e278 Environment-variable access.
repo/conftest.py:241
        os.environ["CREWAI_STORAGE_DIR"] = str(storage_dir)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9e26ed14de9f7ece Environment-variable access.
repo/conftest.py:242
        os.environ["CREWAI_TESTING"] = "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #45e629e7bef6c96c Environment-variable access.
repo/conftest.py:247
            os.environ.pop("CREWAI_TESTING", "true")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a56e8698a7c1eafb Environment-variable access.
repo/conftest.py:248
            os.environ.pop("CREWAI_STORAGE_DIR", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b6aab05641ba53b5 Environment-variable access.
repo/conftest.py:249
            os.environ.pop("CREWAI_DISABLE_TELEMETRY", "true")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3ea691b2f25caca0 Environment-variable access.
repo/conftest.py:250
            os.environ.pop("OTEL_SDK_DISABLED", "true")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c726ecb5b4692698 Environment-variable access.
repo/conftest.py:251
            os.environ.pop("OPENAI_BASE_URL", "https://api.openai.com/v1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cecca8e7722a1d28 Environment-variable access.
repo/conftest.py:252
            os.environ.pop("OPENAI_API_BASE", "https://api.openai.com/v1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2c90898cfc9f4aa2 Environment-variable access.
repo/conftest.py:416
        "record_mode": os.getenv("PYTEST_VCR_RECORD_MODE", "once"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8a61eff9a79eb80a Environment-variable access.
repo/conftest.py:424
    if os.getenv("GITHUB_ACTIONS") == "true":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only Excluded from app score #378ffddf7fa3b9e3 Environment-variable access.
repo/scripts/age90_file_input_runner.py:109
    if model.startswith("openai/") and not os.getenv("OPENAI_API_KEY") and not payload_only:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only Excluded from app score #e9b7aea31056b634 Filesystem access.
repo/scripts/docs/freeze_historical_versions.py:154
        text = mdx.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only Excluded from app score #f89a801b407c6b82 Filesystem access.
repo/scripts/docs/freeze_historical_versions.py:157
            mdx.write_text(new_text, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only Excluded from app score #965e81b4632ae1e1 Filesystem access.
repo/scripts/docs/prefix_version_paths.py:359
    data = json.loads(docs_json.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only Excluded from app score #1950d7016eba7ff0 Filesystem access.
repo/scripts/docs/prefix_version_paths.py:389
    docs_json.write_text(
        json.dumps(data, indent=2, ensure_ascii=False) + "\n",
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

first-party (python): lib/cli

python first-party
expand_more 77 low-confidence finding(s)
low env_fs production #9852a5482941dc8d Filesystem access.
repo/lib/cli/src/crewai_cli/checkpoint_cli.py:85
        with open(path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #666169fbbdd1c2a7 Filesystem access.
repo/lib/cli/src/crewai_cli/checkpoint_cli.py:233
            with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #65148835ce88f688 Filesystem access.
repo/lib/cli/src/crewai_cli/checkpoint_cli.py:254
    with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a6a86015780c2ebe Filesystem access.
repo/lib/cli/src/crewai_cli/checkpoint_cli.py:265
    with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #217b3952d2c4ff79 Environment-variable access.
repo/lib/cli/src/crewai_cli/cli.py:944
    crewai_tracing = os.getenv("CREWAI_TRACING_ENABLED", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #29cedbc47cf41162 Environment-variable access.
repo/lib/cli/src/crewai_cli/cli.py:958
    crewai_testing = os.getenv("CREWAI_TESTING", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c906f7673d1b0315 Environment-variable access.
repo/lib/cli/src/crewai_cli/cli.py:962
    crewai_user_id = os.getenv("CREWAI_USER_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5aca4745e960309d Environment-variable access.
repo/lib/cli/src/crewai_cli/cli.py:966
    crewai_org_id = os.getenv("CREWAI_ORG_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #74b7d1b47d0844bf Environment-variable access.
repo/lib/cli/src/crewai_cli/cli.py:1060
    env_enabled = os.getenv("CREWAI_TRACING_ENABLED", "false")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c365c976c1f41139 Filesystem access.
repo/lib/cli/src/crewai_cli/create_crew.py:32
    with open(template_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b5d71a696c398db0 Filesystem access.
repo/lib/cli/src/crewai_cli/create_flow.py:47
    with open(project_root / ".env", "w") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #04ad9f640b69dedb Filesystem access.
repo/lib/cli/src/crewai_cli/create_flow.py:70
            with open(src_file, "r", encoding="utf-8") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e4e1d0cf596959e7 Filesystem access.
repo/lib/cli/src/crewai_cli/create_flow.py:83
        with open(dst_file, "w") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #389d3c25b0b6b957 Filesystem access.
repo/lib/cli/src/crewai_cli/create_flow.py:142
        content = src_file.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #52362987891e4452 Filesystem access.
repo/lib/cli/src/crewai_cli/create_flow.py:149
        dst_file.write_text(content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9fa1794a69625b52 Filesystem access.
repo/lib/cli/src/crewai_cli/create_flow.py:151
    (project_root / ".env").write_text("OPENAI_API_KEY=YOUR_API_KEY", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cb8f8b2554c90cc8 Filesystem access.
repo/lib/cli/src/crewai_cli/create_flow.py:152
    (package_root / "__init__.py").write_text("", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e8f4a47f3ef0b065 Filesystem access.
repo/lib/cli/src/crewai_cli/create_flow.py:154
        (package_root / folder / ".gitkeep").write_text("", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f1ee31cba24da2a3 Filesystem access.
repo/lib/cli/src/crewai_cli/create_json_crew.py:830
    path.write_text(content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5b2ae5e9f57a41bc Filesystem access.
repo/lib/cli/src/crewai_cli/create_json_crew.py:932
    (folder_path / "pyproject.toml").write_text(
        _render_json_crew_template(
            "pyproject.toml",
            {
                "folder_name": folder_name,
                "name": name,
                "crewai_tools_dependency": get_crewai_tools_dependency(),
            },
        ),
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a28941bd47f6872b Filesystem access.
repo/lib/cli/src/crewai_cli/create_json_crew.py:945
    (folder_path / ".gitignore").write_text(
        _render_json_crew_template(".gitignore"),
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #72ee79015e576c32 Filesystem access.
repo/lib/cli/src/crewai_cli/create_json_crew.py:951
    (folder_path / "README.md").write_text(
        _render_json_crew_template("README.md", {"name": name}),
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c6cb385213df8b8f Filesystem access.
repo/lib/cli/src/crewai_cli/create_json_crew.py:957
    (folder_path / "knowledge" / "user_preference.txt").write_text(
        _render_json_crew_template("knowledge/user_preference.txt"),
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cf6c67bf251a5372 Filesystem access.
repo/lib/cli/src/crewai_cli/create_json_crew.py:963
    (folder_path / "skills" / ".gitkeep").write_text("", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #af4b372312550c96 Filesystem access.
repo/lib/cli/src/crewai_cli/crew_run_tui.py:67
            content = env_file.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4bac36a3db830521 Filesystem access.
repo/lib/cli/src/crewai_cli/crew_run_tui.py:71
            env_file.write_text(f"{content}{sep}{key}=true\n")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5dcab94ea8225cca Filesystem access.
repo/lib/cli/src/crewai_cli/crew_run_tui.py:73
            env_file.write_text(f"{key}=true\n")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fccfa19b1c1c684e Filesystem access.
repo/lib/cli/src/crewai_cli/deploy/validate.py:286
            referenced.update(pattern.findall(crew_path.read_text(errors="ignore")))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6244d640fddaedb2 Filesystem access.
repo/lib/cli/src/crewai_cli/deploy/validate.py:296
                    pattern.findall(agent_path.read_text(errors="ignore"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d676c1c563d9ecda Filesystem access.
repo/lib/cli/src/crewai_cli/deploy/validate.py:305
                text = py_path.read_text(encoding="utf-8", errors="ignore")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #02266eeb797e6b05 Filesystem access.
repo/lib/cli/src/crewai_cli/deploy/validate.py:321
            for line in env_file.read_text(errors="ignore").splitlines():

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #80a0decb84e92d6d Environment-variable access.
repo/lib/cli/src/crewai_cli/deploy/validate.py:332
            and var not in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bf89ea40eed7e93c Filesystem access.
repo/lib/cli/src/crewai_cli/deploy/validate.py:873
                text = path.read_text(encoding="utf-8", errors="ignore")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #267256915809160b Filesystem access.
repo/lib/cli/src/crewai_cli/deploy/validate.py:880
                text = path.read_text(encoding="utf-8", errors="ignore")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a5edc88aaed5ed71 Filesystem access.
repo/lib/cli/src/crewai_cli/deploy/validate.py:888
            for line in env_file.read_text(errors="ignore").splitlines():

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4df0b7216cb34acc Environment-variable access.
repo/lib/cli/src/crewai_cli/deploy/validate.py:899
            and var not in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #72024411f7bdb207 Filesystem access.
repo/lib/cli/src/crewai_cli/deploy/validate.py:931
            text = lockfile.read_text(errors="ignore")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #c51007df779e32ea Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/cli/src/crewai_cli/enterprise/main.py:50
            response = httpx.get(oauth_endpoint, timeout=30, headers=headers)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #6c64ace5f66b721f Filesystem access.
repo/lib/cli/src/crewai_cli/git.py:166
        existing = exclude_file.read_text() if exclude_file.exists() else ""

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5c2756ee07b695f7 Filesystem access.
repo/lib/cli/src/crewai_cli/git.py:178
        exclude_file.write_text(
            f"{existing}{prefix}# CrewAI deploy auto-commit excludes\n{patterns}\n"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2c6317f0c53fa67f Environment-variable access.
repo/lib/cli/src/crewai_cli/model_catalog.py:79
        value = os.environ.get(env)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1e5d60f04ca700d4 Environment-variable access.
repo/lib/cli/src/crewai_cli/model_catalog.py:302
        os.environ.get("OLLAMA_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #69c6169452d948eb Environment-variable access.
repo/lib/cli/src/crewai_cli/model_catalog.py:303
        or os.environ.get("API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e068e537a87e77a1 Environment-variable access.
repo/lib/cli/src/crewai_cli/model_catalog.py:304
        or os.environ.get("OLLAMA_HOST")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1621d6a515f8992e Filesystem access.
repo/lib/cli/src/crewai_cli/model_catalog.py:414
        cache_file.write_text(json.dumps(data), encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #25d69a2ed4da1511 Environment-variable access.
repo/lib/cli/src/crewai_cli/model_catalog.py:550
    ssl_config = os.environ.get("SSL_CERT_FILE") or certifi.where()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #4ee302059c5900a0 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/cli/src/crewai_cli/model_catalog.py:551
    response = httpx.get(
        url,
        headers=headers,
        params=params,
        timeout=_TIMEOUT,
        verify=ssl_config,
        follow_redirects=True,
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #0fd22a017741de13 Filesystem access.
repo/lib/cli/src/crewai_cli/model_catalog.py:585
        data: dict[str, Any] = json.loads(path.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6ebf7e6afc9bebe9 Filesystem access.
repo/lib/cli/src/crewai_cli/model_catalog.py:673
        cache_file.write_text(json.dumps(payload), encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #503cd041bfafc26d Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/cli/src/crewai_cli/plus_api.py:52
            return client.request(method, url, files=files, **request_kwargs)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #15d025133e945a6c Filesystem access.
repo/lib/cli/src/crewai_cli/provider.py:149
        with open(cache_file, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #167abd86dcec86c7 Environment-variable access.
repo/lib/cli/src/crewai_cli/provider.py:165
    ssl_config = os.environ["SSL_CERT_FILE"] = certifi.where()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fb09bb3d80a09eaf Filesystem access.
repo/lib/cli/src/crewai_cli/provider.py:171
            with open(cache_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #b012a0c91dd2dbc7 Hardcoded external endpoint. Review what data is sent to this destination.
repo/lib/cli/src/crewai_cli/remote_template/main.py:166
                response = httpx.get(url, params=params, timeout=15)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress production #24ef935f9b92757e Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/cli/src/crewai_cli/remote_template/main.py:210
            response = httpx.get(url, follow_redirects=True, timeout=60)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #cc37ca412490acf4 Filesystem access.
repo/lib/cli/src/crewai_cli/remote_template/main.py:249
                    with zf.open(member) as src, open(target, "wb") as dst:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #acae31f5e21c29d3 Environment-variable access.
repo/lib/cli/src/crewai_cli/run_crew.py:321
        os.environ[CREWAI_TRAINED_AGENTS_FILE_ENV] = trained_agents_file

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1f29094a5e26117c Environment-variable access.
repo/lib/cli/src/crewai_cli/run_declarative_flow.py:492
    return os.environ.get("UV_RUN_RECURSION_DEPTH") is not None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f83a3a7345ca313a Environment-variable access.
repo/lib/cli/src/crewai_cli/settings/main.py:45
        env_tracing = os.getenv("CREWAI_TRACING_ENABLED", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0ce3a7f191f9d031 Filesystem access.
repo/lib/cli/src/crewai_cli/skills/main.py:67
        skill_md.write_text(_SKILL_MD_TEMPLATE.format(name=name), encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #de1a745ec2b565ad Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/cli/src/crewai_cli/skills/main.py:133
            dl_response = httpx.get(download_url, follow_redirects=True)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #40dc261c8f127e82 Filesystem access.
repo/lib/cli/src/crewai_cli/skills/main.py:174
                (cache_dir / ".crewai_meta.json").write_text(
                    json.dumps(meta, indent=2), encoding="utf-8"
                )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7096904051ff0700 Filesystem access.
repo/lib/cli/src/crewai_cli/skills/main.py:232
            frontmatter = self._parse_frontmatter(skill_md.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3ef799349401665e Filesystem access.
repo/lib/cli/src/crewai_cli/skills/main.py:323
                            meta = json.loads(meta_file.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bfa9051b862db0e7 Filesystem access.
repo/lib/cli/src/crewai_cli/skills/main.py:414
            fm = self._parse_frontmatter(skill_md.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9840e41900136ffc Filesystem access.
repo/lib/cli/src/crewai_cli/templates/flow/main.py:49
        with open(output_dir / "post.md", "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d61b58b7f462caa7 Environment-variable access.
repo/lib/cli/src/crewai_cli/tools/main.py:147
        build_env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0f13f3d73ca099ef Filesystem access.
repo/lib/cli/src/crewai_cli/tools/main.py:180
            with open(tarball_path, "rb") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #931e80e2b5cc6cdc Filesystem access.
repo/lib/cli/src/crewai_cli/update_crew.py:96
    with open(output_file, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8b8e32d1a2464101 Environment-variable access.
repo/lib/cli/src/crewai_cli/utils.py:53
    value = os.environ.get("CREWAI_DMN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a030d1db7b7b9d0e Filesystem access.
repo/lib/cli/src/crewai_cli/utils.py:86
    with open(dst, "w") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #df0fe5611b404a67 Filesystem access.
repo/lib/cli/src/crewai_cli/utils.py:94
    content = src.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e7c767b6cd779a4b Filesystem access.
repo/lib/cli/src/crewai_cli/utils.py:104
        with open(env_file_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #186b0f64b3adab34 Filesystem access.
repo/lib/cli/src/crewai_cli/utils.py:142
            with open(filepath, "r", encoding="utf-8", errors="ignore") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a9baf6a437ebea1c Filesystem access.
repo/lib/cli/src/crewai_cli/utils.py:144
            with open(filepath, "w") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3a6ed19631912430 Filesystem access.
repo/lib/cli/src/crewai_cli/utils.py:165
        with open(env_file_path, "r") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #72052e346f766ecf Filesystem access.
repo/lib/cli/src/crewai_cli/utils.py:176
    with open(env_file_path, "w") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

first-party (python): lib/crewai-files

python first-party
expand_more 18 low-confidence finding(s)
low env_fs production #75e248845ca9496f Filesystem access.
repo/lib/crewai-files/src/crewai_files/core/sources.py:263
            self._content = self.path.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3bbb0ef84723d5e9 Filesystem access.
repo/lib/crewai-files/src/crewai_files/core/sources.py:282
        with open(self.path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #51f23e0e1117aae1 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/crewai-files/src/crewai_files/core/sources.py:533
            response = httpx.get(self.url, follow_redirects=True)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress production #2c50b9aa6c916629 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/crewai-files/src/crewai_files/core/sources.py:546
                response = await client.get(self.url, follow_redirects=True)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #f2166c6d6d57510e Environment-variable access.
repo/lib/crewai-files/src/crewai_files/formatting/api.py:294
        s3_bucket = os.environ.get("CREWAI_BEDROCK_S3_BUCKET")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9df9f411cf6f4abe Environment-variable access.
repo/lib/crewai-files/src/crewai_files/formatting/api.py:333
        s3_bucket_owner = os.environ.get("CREWAI_BEDROCK_S3_BUCKET_OWNER")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7364ade4623aea2b Environment-variable access.
repo/lib/crewai-files/src/crewai_files/uploaders/anthropic.py:39
        self._api_key = api_key or os.environ.get("ANTHROPIC_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4909e13295cc38f6 Filesystem access.
repo/lib/crewai-files/src/crewai_files/uploaders/bedrock.py:94
    with open(file_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fa64ca9f91700446 Environment-variable access.
repo/lib/crewai-files/src/crewai_files/uploaders/bedrock.py:128
        self._bucket_name = bucket_name or os.environ.get("CREWAI_BEDROCK_S3_BUCKET")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e7daff515e33047d Environment-variable access.
repo/lib/crewai-files/src/crewai_files/uploaders/bedrock.py:129
        self._bucket_owner = bucket_owner or os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #66f27b1429d2f083 Environment-variable access.
repo/lib/crewai-files/src/crewai_files/uploaders/bedrock.py:129
        self._bucket_owner = bucket_owner or os.environ.get(
            "CREWAI_BEDROCK_S3_BUCKET_OWNER"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2ca12de1d5bfb675 Environment-variable access.
repo/lib/crewai-files/src/crewai_files/uploaders/bedrock.py:133
        self._region = region or os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #83ec9185b5c6d1a5 Environment-variable access.
repo/lib/crewai-files/src/crewai_files/uploaders/bedrock.py:133
        self._region = region or os.environ.get(
            "AWS_REGION", os.environ.get("AWS_DEFAULT_REGION")
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5f8fa7b349e6f228 Environment-variable access.
repo/lib/crewai-files/src/crewai_files/uploaders/bedrock.py:134
            "AWS_REGION", os.environ.get("AWS_DEFAULT_REGION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cdbfa6ee26d5dc25 Filesystem access.
repo/lib/crewai-files/src/crewai_files/uploaders/bedrock.py:269
                with open(file_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bcaa44855a6b27ea Environment-variable access.
repo/lib/crewai-files/src/crewai_files/uploaders/factory.py:192
            not os.environ.get("CREWAI_BEDROCK_S3_BUCKET")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c6bc86d239c2f3c0 Environment-variable access.
repo/lib/crewai-files/src/crewai_files/uploaders/gemini.py:108
        self._api_key = api_key or os.environ.get("GOOGLE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #425f5979d8ef7930 Environment-variable access.
repo/lib/crewai-files/src/crewai_files/uploaders/openai.py:136
        self._api_key = api_key or os.environ.get("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

first-party (python): lib/devtools

python first-party
expand_more 34 low-confidence finding(s)
low env_fs production #bbcc5847cc7af703 Filesystem access.
repo/lib/devtools/src/crewai_devtools/cli.py:287
    content = file_path.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #407f6bf3be6857fc Filesystem access.
repo/lib/devtools/src/crewai_devtools/cli.py:298
        file_path.write_text("\n".join(lines) + "\n")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #132e33a8eb3e04e0 Filesystem access.
repo/lib/devtools/src/crewai_devtools/cli.py:317
    doc = tomlkit.parse(file_path.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2dc020ef28db3b64 Filesystem access.
repo/lib/devtools/src/crewai_devtools/cli.py:326
    file_path.write_text(tomlkit.dumps(doc))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cade1bcef69bd45e Filesystem access.
repo/lib/devtools/src/crewai_devtools/cli.py:358
    content = file_path.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4eee36a805a63cbc Filesystem access.
repo/lib/devtools/src/crewai_devtools/cli.py:391
        file_path.write_text("\n".join(lines) + "\n")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #659da2a9fc9bbbb9 Filesystem access.
repo/lib/devtools/src/crewai_devtools/cli.py:591
    content = changelog_path.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4105e869b06d99e1 Filesystem access.
repo/lib/devtools/src/crewai_devtools/cli.py:608
    changelog_path.write_text(new_content)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #21cf1b8a4df8cd96 Filesystem access.
repo/lib/devtools/src/crewai_devtools/cli.py:668
        content = pyproject.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #330ad036ebbd1a56 Filesystem access.
repo/lib/devtools/src/crewai_devtools/cli.py:671
            pyproject.write_text(new_content)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7b0e7e139a5ed270 Filesystem access.
repo/lib/devtools/src/crewai_devtools/cli.py:689
        if "__version__" in init_file.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #dc441a557a7842a8 Environment-variable access.
repo/lib/devtools/src/crewai_devtools/cli.py:1016
            openai_client = OpenAI(api_key=os.getenv("OPENAI_API_KEY"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f7ffee02f65a039c Environment-variable access.
repo/lib/devtools/src/crewai_devtools/cli.py:1264
_ENTERPRISE_REPO: Final[str | None] = os.getenv("ENTERPRISE_REPO")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #22b53185cdba05d3 Environment-variable access.
repo/lib/devtools/src/crewai_devtools/cli.py:1266
    d.strip() for d in os.getenv("ENTERPRISE_VERSION_DIRS", "").split(",") if d.strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d897cf67a5ca4336 Environment-variable access.
repo/lib/devtools/src/crewai_devtools/cli.py:1268
_ENTERPRISE_CREWAI_DEP_PATH: Final[str | None] = os.getenv("ENTERPRISE_CREWAI_DEP_PATH")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d9e22a24b3c5a3cf Environment-variable access.
repo/lib/devtools/src/crewai_devtools/cli.py:1271
    for p in os.getenv("ENTERPRISE_EXTRA_PACKAGES", "").split(",")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #95c8683ca1815ff9 Environment-variable access.
repo/lib/devtools/src/crewai_devtools/cli.py:1276
    for p in os.getenv("ENTERPRISE_WORKFLOW_PATHS", "").split(",")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c05c499d4a0ffc6e Filesystem access.
repo/lib/devtools/src/crewai_devtools/cli.py:1300
    content = pyproject_path.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e5588b33febb0d64 Filesystem access.
repo/lib/devtools/src/crewai_devtools/cli.py:1303
        pyproject_path.write_text(new_content)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1c745df758b9b9e3 Filesystem access.
repo/lib/devtools/src/crewai_devtools/cli.py:1330
    raw = workflow_path.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fab90965412b630d Filesystem access.
repo/lib/devtools/src/crewai_devtools/cli.py:1343
    workflow_path.write_text("".join(lines))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #98f27c5e7ca35518 Filesystem access.
repo/lib/devtools/src/crewai_devtools/cli.py:1460
        content = pyproject.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #429b22567c016e65 Filesystem access.
repo/lib/devtools/src/crewai_devtools/cli.py:1464
            pyproject.write_text(new_content)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #de25624a23abdc75 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/lib/devtools/src/crewai_devtools/cli.py:1557
            with urlopen(url) as resp:  # noqa: S310

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #bd6f3dcd026e52c1 Filesystem access.
repo/lib/devtools/src/crewai_devtools/cli.py:2063
                    content = vfile.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #39c6f79ee341f2d5 Filesystem access.
repo/lib/devtools/src/crewai_devtools/docs_check.py:421
                        ref_content = siblings[0].read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b8c20d80c6aef558 Filesystem access.
repo/lib/devtools/src/crewai_devtools/docs_check.py:429
                en_path.write_text(content)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #389a0b9f0f756919 Filesystem access.
repo/lib/devtools/src/crewai_devtools/docs_check.py:437
            existing = en_path.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cd54b7a20ce331ef Filesystem access.
repo/lib/devtools/src/crewai_devtools/docs_check.py:454
                en_path.write_text(content)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #feff42bbbe5584a7 Filesystem access.
repo/lib/devtools/src/crewai_devtools/docs_check.py:473
                lang_path.write_text(translated)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fe693cc04fb2ca15 Filesystem access.
repo/lib/devtools/src/crewai_devtools/docs_versioning.py:181
        text = mdx.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f239ff5d701c65e3 Filesystem access.
repo/lib/devtools/src/crewai_devtools/docs_versioning.py:184
            mdx.write_text(new_text, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #94b2d33b87a55ffb Filesystem access.
repo/lib/devtools/src/crewai_devtools/docs_versioning.py:383
    data = json.loads(docs_json.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f5816a1e2b8d7775 Filesystem access.
repo/lib/devtools/src/crewai_devtools/docs_versioning.py:427
    docs_json.write_text(
        json.dumps(data, indent=2, ensure_ascii=False) + "\n",
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

</> Dependencies

litellm

python dependency
high pii_flow dependency Excluded from app score #3ffbf6251f69356b A credential read from the environment/filesystem flows to an external network call in a non-auth-header position (request body). Review what is sent.
pkgs/python/[email protected]/litellm/proxy_auth/credentials.py:160 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/litellm/proxy_auth/credentials.py:161 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/litellm/proxy_auth/credentials.py:160
        response = httpx.post(
            self.token_url,
            data={
                "grant_type": "client_credentials",
                "client_id": self.client_id,
                "client_secret": self.client_secret,
                "scope": scope,
            },
        )

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

medium telemetry dependency Excluded from app score #1428135b63388945 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/_service_logger.py:15
    from opentelemetry.trace import Span as _Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #23ed189d806d3272 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/caching/base_cache.py:15
    from opentelemetry.trace import Span as _Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #37e08d76e2a5bae4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/caching/disk_cache.py:7
    from opentelemetry.trace import Span as _Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #11d35c583395d801 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/caching/dual_cache.py:30
    from opentelemetry.trace import Span as _Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7d855b05c110810f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/caching/redis_cache.py:42
    from opentelemetry.trace import Span as _Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ad94d0a320052a85 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/caching/redis_cluster_cache.py:13
    from opentelemetry.trace import Span as _Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f1f56b38742a915f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/arize/_utils.py:18
    from opentelemetry.trace import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4ad44f27239fe3c0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/arize/arize.py:19
    from opentelemetry.trace import Span as _Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7d3c1834b965a580 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/arize/arize.py:45
        from opentelemetry.sdk.trace import TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #07fc764c81b6fd2a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/arize/arize.py:46
        from opentelemetry.trace import SpanKind

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #62191f7cadeb07e5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/arize/arize_phoenix.py:12
    from opentelemetry.sdk.trace import TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #631856881031f608 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/arize/arize_phoenix.py:13
    from opentelemetry.sdk.trace.export import SpanProcessor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d90360a70f316734 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/arize/arize_phoenix.py:14
    from opentelemetry.trace import Span as _Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ddf0d6c5b994bb32 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/arize/arize_phoenix.py:15
    from opentelemetry.trace import SpanKind

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3ea29256b4e2d906 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/arize/arize_phoenix.py:16
    from opentelemetry.trace import Tracer

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5b822dd1d8ad3f77 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/arize/arize_phoenix.py:69
        from opentelemetry.trace import SpanKind

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f57d41cb1313daaa Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/arize/arize_phoenix.py:131
        from opentelemetry.sdk.resources import OTELResourceDetector, Resource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c90d4dcc67ae2bba Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/arize/arize_phoenix.py:148
        from opentelemetry.sdk.trace import TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e7bc565ff8aca7a9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/arize/arize_phoenix.py:306
        from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d7ecbdb165530725 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/arize/arize_phoenix.py:347
        from opentelemetry.trace import Status, StatusCode

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9aa21798f483692a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/custom_logger.py:38
    from opentelemetry.trace import Span as _Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium pii_flow dependency Excluded from app score #3182480fa7863f73 PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/litellm/integrations/gcs_bucket/gcs_bucket_base.py:111 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/litellm/integrations/gcs_bucket/gcs_bucket_base.py:92 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/litellm/integrations/gcs_bucket/gcs_bucket_base.py:111
        verbose_logger.debug("constructed auth_header [set=%s]", auth_header is not None)

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow dependency Excluded from app score #cc3c66ddefd9b60f PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/litellm/integrations/lago.py:189 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/litellm/integrations/lago.py:169 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/litellm/integrations/lago.py:189
            verbose_logger.debug(f"Logged Lago Object: {response.text}")

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow dependency Excluded from app score #e725ffa059851e2f PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/litellm/integrations/lago.py:192 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/litellm/integrations/lago.py:169 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/litellm/integrations/lago.py:192
                verbose_logger.debug(f"\nError Message: {response.text}")

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium telemetry dependency Excluded from app score #4aed54e4fe391d9b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/langfuse/langfuse_otel.py:19
    from opentelemetry.trace import Span as _Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #33d0100f1665c991 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/langfuse/langfuse_otel_attributes.py:28
    from opentelemetry.trace import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #00e19ff5e91f364e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/langtrace.py:7
    from opentelemetry.trace import Span as _Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #710520124752069a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/levo/levo.py:7
    from opentelemetry.trace import Span as _Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2d7486f4b5f4a459 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:45
    from opentelemetry.sdk.trace.export import SpanExporter as _SpanExporter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5abc23c820dd9a0a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:46
    from opentelemetry.trace import Context as _Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1ec4650a0cc00946 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:47
    from opentelemetry.trace import Span as _Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0e6da13af745bb66 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:48
    from opentelemetry.trace import Tracer as _Tracer

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d21f17f8b2180055 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:273
        from opentelemetry.sdk.trace.export.in_memory_span_exporter import (
            InMemorySpanExporter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #206e03cf9e485d99 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:364
        from opentelemetry.sdk.resources import OTELResourceDetector, Resource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6307fafacc45c359 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:539
        from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6460feeb6c517c66 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:540
        from opentelemetry.sdk.trace import TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0a9123a88b88a57a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:541
        from opentelemetry.trace import SpanKind

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5061bdee0ccaef7b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:575
        from opentelemetry import metrics

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #16e7813edd60cd41 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:576
        from opentelemetry.sdk.metrics import MeterProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c78ab1b32de340fa Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:635
        from opentelemetry._logs import get_logger_provider, set_logger_provider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c5bfdfcd6fd72ebc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:636
        from opentelemetry.sdk._logs import LoggerProvider as OTLoggerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #28e7d1efcfc39582 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:637
        from opentelemetry.sdk._logs.export import BatchLogRecordProcessor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #190b8b37e306fe51 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:677
        from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #657b2307bba9640e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:678
        from opentelemetry.trace import Status, StatusCode

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #01bcb469096ad2bf Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:737
        from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ecd34ce667a01790 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:738
        from opentelemetry.trace import Status, StatusCode

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #29644273d9e37c26 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:799
        from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ae0ff2f21bf2d218 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:800
        from opentelemetry.trace import Status, StatusCode

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #73ac0b731da6bbc8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:892
        from opentelemetry import trace as _trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c65b05efb8b6bcc7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:994
        from opentelemetry.sdk.trace import TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #becf5a9c3064bffc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:1116
        from opentelemetry.trace import Status, StatusCode

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #bc1a50eff31471be Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:1164
            from opentelemetry.trace import Status, StatusCode

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b0f6cf363b80874a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:1218
        from opentelemetry.trace import Status, StatusCode

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cbb7b8203c09aaa0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:1237
        from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e9740a86562f0564 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:1238
        from opentelemetry.trace import Status, StatusCode

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3b9e715c1d521f4d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:1611
        from opentelemetry._logs import SeverityNumber

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b646ba05b3e127cb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:1614
            from opentelemetry.sdk._logs import LogRecord  # OTEL < 1.39.0

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8d7582d8514d9847 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:1616
            from opentelemetry.sdk._logs._internal import (  # OTEL >= 1.39.0
                LogRecord,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #409e46c741f1d690 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:1728
        from opentelemetry import trace as _trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #bbbaea2150693883 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:1850
        from opentelemetry.trace import Status, StatusCode

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ab5edf9abe8c0a11 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:2685
        from opentelemetry.trace.propagation.tracecontext import (
            TraceContextTextMapPropagator,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #67f0da3ff32131a6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:2696
        from opentelemetry import context, trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a0265411ef54da8b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:2697
        from opentelemetry.trace.propagation.tracecontext import (
            TraceContextTextMapPropagator,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #91738a5fb225e5e3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:2751
        from opentelemetry.sdk.trace.export import (
            BatchSpanProcessor,
            ConsoleSpanExporter,
            SimpleSpanProcessor,
            SpanExporter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d627e5977486b296 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:2793
                from opentelemetry.exporter.otlp.proto.http.trace_exporter import (
                    OTLPSpanExporter as OTLPSpanExporterHTTP,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ac00466a985c2a93 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:2812
                from opentelemetry.exporter.otlp.proto.grpc.trace_exporter import (
                    OTLPSpanExporter as OTLPSpanExporterGRPC,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #567e6ec8d5749e62 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:2868
            from opentelemetry.sdk._logs.export import ConsoleLogExporter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9ccee04fa89bae90 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:2880
            from opentelemetry.exporter.otlp.proto.http._log_exporter import (
                OTLPLogExporter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2435d9696282a395 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:2892
                from opentelemetry.exporter.otlp.proto.grpc._log_exporter import (
                    OTLPLogExporter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #844a1726ff154987 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:2912
            from opentelemetry.sdk._logs.export import ConsoleLogExporter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1ba6f044ca49be66 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:2920
        from opentelemetry.sdk.metrics import Histogram

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3af9c156ba45db79 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:2921
        from opentelemetry.sdk.metrics.export import (
            AggregationTemporality,
            ConsoleMetricExporter,
            PeriodicExportingMetricReader,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a68251073f665ae0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:2946
            from opentelemetry.exporter.otlp.proto.http.metric_exporter import (
                OTLPMetricExporter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6abb85a6be64ebe1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:2959
                from opentelemetry.exporter.otlp.proto.grpc.metric_exporter import (
                    OTLPMetricExporter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #73c87bd0a21323ed Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:3078
        from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e280b7195d0989f7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:3079
        from opentelemetry.trace import Status, StatusCode

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ea6f7f7241f52cf4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:3136
        from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4c653ac20ef5cc83 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:3137
        from opentelemetry.trace import Status, StatusCode

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5fb7141c5d151914 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry_utils/base_otel_llm_obs_attributes.py:5
    from opentelemetry.trace import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e08ed1a9bd0b810f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/opentelemetry_utils/gen_ai_semconv.py:39
    from opentelemetry.trace import Span as _Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #38abbfa9afa4f65e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/emitter.py:6
from opentelemetry.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #21cd4531e8ddee97 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/emitter.py:7
from opentelemetry.trace import Link, Span, Tracer

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #483567a0c5bb3239 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/emitter.py:8
from opentelemetry.trace.status import Status, StatusCode

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #361ef47aac9eafc7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/logger.py:8
from opentelemetry.context import Context, attach, get_current

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b9dfcfe3707b0c70 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/logger.py:9
from opentelemetry.sdk._logs import LoggerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #117794e00aecbc48 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/logger.py:10
from opentelemetry.sdk.trace import TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7f0c17a262e7c2a6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/logger.py:11
from opentelemetry.trace import Span, Tracer, get_current_span, use_span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d18c190a56e0d344 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/mount.py:113
        from opentelemetry.instrumentation.fastapi import FastAPIInstrumentor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e3bf0038f23b94c3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/plumbing/context.py:6
from opentelemetry import baggage

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #321ca5bb4734fae3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/plumbing/context.py:7
from opentelemetry.context import Context, get_current

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #eec93de4be9bedee Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/plumbing/context.py:8
from opentelemetry.trace import Link, Span, get_current_span, set_span_in_context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #acacc661905df1e2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/plumbing/context.py:9
from opentelemetry.trace.propagation.tracecontext import (
    TraceContextTextMapPropagator,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #145295c910d6f5cd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/plumbing/events.py:13
from opentelemetry._events import Event, EventLogger

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cf5fe0e23dcf7384 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/plumbing/events.py:14
from opentelemetry._logs.severity import SeverityNumber

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6978ff194c6d9eac Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/plumbing/events.py:15
from opentelemetry.trace import SpanContext

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8d3bf99d1f62eef8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/plumbing/metrics.py:15
from opentelemetry.metrics import Histogram, Meter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e2f7a831067da614 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/plumbing/providers.py:5
from opentelemetry import _logs, baggage, metrics

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0a042f2be2039c20 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/plumbing/providers.py:6
from opentelemetry._events import EventLogger

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ef0bb4d65b2a1325 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/plumbing/providers.py:7
from opentelemetry._logs import LoggerProvider, NoOpLoggerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #21de2f19e5bd718e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/plumbing/providers.py:8
from opentelemetry.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1f764408a67e4f6a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/plumbing/providers.py:9
from opentelemetry.metrics import MeterProvider, NoOpMeterProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0f8dbabdea57abb4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/plumbing/providers.py:10
from opentelemetry.sdk._events import EventLoggerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #dc8e423650ec960f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/plumbing/providers.py:11
from opentelemetry.sdk._logs import LoggerProvider as SDKLoggerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3939c44f113e2113 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/plumbing/providers.py:12
from opentelemetry.sdk._logs.export import (
    BatchLogRecordProcessor,
    ConsoleLogExporter,
    InMemoryLogExporter,
    LogExporter,
    SimpleLogRecordProcessor,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #bffc104dd3c87d72 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/plumbing/providers.py:19
from opentelemetry.sdk.metrics import MeterProvider as SDKMeterProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #11b283a615442f45 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/plumbing/providers.py:20
from opentelemetry.sdk.resources import Resource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6f984436343d991b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/plumbing/providers.py:21
from opentelemetry.sdk.trace import ReadableSpan, SpanProcessor, TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #710d04d5bbb4e2a5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/plumbing/providers.py:22
from opentelemetry.sdk.trace.export import (
    BatchSpanProcessor,
    ConsoleSpanExporter,
    SimpleSpanProcessor,
    SpanExporter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fafc91aa96f81d66 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/plumbing/providers.py:28
from opentelemetry.sdk.trace.export.in_memory_span_exporter import (
    InMemorySpanExporter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #767535c4054efbd3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/plumbing/providers.py:31
from opentelemetry.trace import Span, SpanKind, Tracer

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #db87c8ab9dd52215 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/plumbing/providers.py:42
    from opentelemetry.metrics import Meter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0d567cb9d82efa3b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/plumbing/providers.py:43
    from opentelemetry.sdk.metrics.export import MetricReader

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4fa74401eda5b4fa Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/plumbing/providers.py:130
        from opentelemetry.exporter.otlp.proto.http.trace_exporter import (
            OTLPSpanExporter as HTTPExporter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ca84e9591cf975a2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/plumbing/providers.py:139
        from opentelemetry.exporter.otlp.proto.grpc.trace_exporter import (
            OTLPSpanExporter as GRPCExporter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5b956133e680d949 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/plumbing/providers.py:195
    from opentelemetry.sdk.metrics.export import (
        ConsoleMetricExporter,
        PeriodicExportingMetricReader,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c1978f1128f68c15 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/plumbing/providers.py:202
        from opentelemetry.exporter.otlp.proto.http.metric_exporter import (
            OTLPMetricExporter as HTTPMetricExporter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #61a78e468f7d36cc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/plumbing/providers.py:205
        from opentelemetry.sdk.metrics import Histogram

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #047457b81a79df02 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/plumbing/providers.py:206
        from opentelemetry.sdk.metrics.export import AggregationTemporality

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ab4d835e5aa00484 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/plumbing/providers.py:214
        from opentelemetry.sdk.metrics import Histogram

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #69172a5e4c072536 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/plumbing/providers.py:215
        from opentelemetry.sdk.metrics.export import AggregationTemporality

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f166f404ea69eb22 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/plumbing/providers.py:218
            from opentelemetry.exporter.otlp.proto.grpc.metric_exporter import (
                OTLPMetricExporter as GRPCMetricExporter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4371f4d317050c61 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/plumbing/providers.py:269
        from opentelemetry.exporter.otlp.proto.http._log_exporter import (
            OTLPLogExporter as HTTPLogExporter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #29b592d641b4964e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/plumbing/providers.py:279
            from opentelemetry.exporter.otlp.proto.grpc._log_exporter import (
                OTLPLogExporter as GRPCLogExporter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fd68fad9e5e74fd2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/plumbing/routing.py:14
from opentelemetry.sdk.trace import TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b7cab8c794847218 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/plumbing/routing.py:15
from opentelemetry.trace import Tracer

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7ed2274030113a41 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/otel/presets/agentops.py:75
    from opentelemetry.exporter.otlp.proto.http.trace_exporter import (
        OTLPSpanExporter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ae2409551e166edf Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/traceloop.py:39
        from opentelemetry.semconv.ai import SpanAttributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d127d0475a95b932 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/traceloop.py:40
        from opentelemetry.trace import SpanKind, Status, StatusCode

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c0e82ac2aa0605f8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/weave/weave_otel.py:8
from opentelemetry.trace import Status, StatusCode

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #078cab9773af4010 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/integrations/weave/weave_otel.py:26
    from opentelemetry.trace import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5ec7b9dc59bc2d4b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/litellm_core_utils/core_helpers.py:12
    from opentelemetry.trace import Span as _Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #195c232a84ccc9a5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/litellm_core_utils/litellm_logging.py:3423
                    import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #77457364bcf1c7b9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/litellm_core_utils/litellm_logging.py:3427
                    import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #08cdafb82ec21d8d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/litellm_core_utils/litellm_logging.py:3428
                from sentry_sdk.scrubber import EventScrubber

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e93f0b82cb0995cb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/litellm_core_utils/logging_utils.py:18
    from opentelemetry.trace import Span as _Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d2b6374f360b8e76 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/llms/base_llm/managed_resources/base_managed_resource.py:30
    from opentelemetry.trace import Span as _Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium pii_flow dependency Excluded from app score #4f9d9a2376bfb9f5 PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/litellm/llms/bedrock/base_aws_llm.py:1075 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/litellm/llms/bedrock/base_aws_llm.py:1067 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/litellm/llms/bedrock/base_aws_llm.py:1075
            verbose_logger.debug(f"IRSA detected: using web identity token from {web_identity_token_file}")

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow dependency Excluded from app score #c387796bd9c7bc14 A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/litellm/llms/bedrock/files/handler.py:136 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/litellm/llms/bedrock/files/handler.py:122 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/litellm/llms/bedrock/files/handler.py:136
        mock_response = httpx.Response(
            status_code=200,
            content=file_content,
            headers={"content-type": "application/octet-stream"},
            request=httpx.Request(method="GET", url=s3_uri),
        )

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

medium pii_flow dependency Excluded from app score #bc9c2c92791a2764 PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/litellm/llms/databricks/common_utils.py:389 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/litellm/llms/databricks/common_utils.py:336 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/litellm/llms/databricks/common_utils.py:389
        verbose_logger.debug(f"Databricks request headers: {self.redact_headers_for_logging(headers)}")

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow dependency Excluded from app score #81a0ce16e1a9b93c A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/litellm/llms/huggingface/common_utils.py:83 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/litellm/llms/huggingface/common_utils.py:77 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/litellm/llms/huggingface/common_utils.py:83
        response = httpx.get(path, headers=headers, params=params)

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

medium pii_flow dependency Excluded from app score #1247a8eaa5c4581e A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/litellm/llms/sagemaker/completion/handler.py:625 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/litellm/llms/sagemaker/completion/handler.py:560 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/litellm/llms/sagemaker/completion/handler.py:625
        mock_response = HttpxResponse(
            status_code=200,
            content=json.dumps(response).encode("utf-8"),
            headers={"content-type": "application/json"},
        )

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

medium pii_flow dependency Excluded from app score #3aef922c68fae1df PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/litellm/main.py:2631 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/litellm/main.py:2590 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/litellm/main.py:2631
        logging.post_call(
            input=messages,
            api_key=api_key,
            original_response=response,
        )

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium telemetry dependency Excluded from app score #fd06fbbbe179391c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/proxy/_types.py:61
    from opentelemetry.trace import Span as _Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e8be153d6a6538c4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/proxy/auth/auth_checks.py:101
    from opentelemetry.trace import Span as _Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cbc73b8455bf8e5b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/proxy/auth/auth_exception_handler.py:29
    from opentelemetry.trace import Span as _Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium pii_flow dependency Excluded from app score #ee92af1cdf498f98 PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/litellm/proxy/auth/oauth2_check.py:184 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/litellm/proxy/auth/oauth2_check.py:139 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/litellm/proxy/auth/oauth2_check.py:184
            verbose_proxy_logger.debug(
                "Oauth2 token validation for token=%s, response from endpoint=%s",
                token,
                data,
            )

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium telemetry dependency Excluded from app score #47ad1f9ba31747bc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/proxy/hooks/batch_rate_limiter.py:61
    from opentelemetry.trace import Span as _Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a8d2ff6ee4f790f5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/proxy/hooks/parallel_request_limiter.py:24
    from opentelemetry.trace import Span as _Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d1a0c2a34b3f1569 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/proxy/hooks/parallel_request_limiter_v3.py:51
    from opentelemetry.trace import Span as _Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f7bdcca69d256b03 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:128
    from opentelemetry.trace import Span as _Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #31635e6db0b332a8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:957
            from opentelemetry import trace as _otel_trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e9fa66dc4f3c60b1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:1369
        from opentelemetry.trace import Status, StatusCode

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6a9e5a4418ab9e21 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/proxy/utils.py:172
    from opentelemetry.trace import Span as _Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b6aad8c4bdef7223 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/router.py:204
    from opentelemetry.trace import Span as _Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f639dad054198faf Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/router_strategy/lowest_latency.py:16
    from opentelemetry.trace import Span as _Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #38d02eeac1553e74 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/router_strategy/lowest_tpm_rpm_v2.py:21
    from opentelemetry.trace import Span as _Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #19d2516f8bce3324 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/router_utils/cooldown_cache.py:17
    from opentelemetry.trace import Span as _Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #def57a820a537597 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/router_utils/cooldown_handlers.py:29
    from opentelemetry.trace import Span as _Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a026d24bb13d1f0e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/router_utils/handle_error.py:12
    from opentelemetry.trace import Span as _Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2b8a03c247b90c7f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/router_utils/health_state_cache.py:17
    from opentelemetry.trace import Span as _Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4f5339fd6d1d7364 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/router_utils/pre_call_checks/model_rate_limit_check.py:24
    from opentelemetry.trace import Span as _Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #edd32e60cb782125 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/litellm/router_utils/prompt_caching_cache.py:16
    from opentelemetry.trace import Span as _Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium pii_flow dependency Excluded from app score #63923e4920b7001a PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/litellm/secret_managers/get_azure_ad_token_provider.py:71 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/litellm/secret_managers/get_azure_ad_token_provider.py:69 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/litellm/secret_managers/get_azure_ad_token_provider.py:71
    verbose_logger.info(f"For Azure AD Token Provider, choosing credential type: {cred}")

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

expand_more 1614 low-confidence finding(s)
low env_fs dependency Excluded from app score #7221365c94749af5 Environment-variable access.
pkgs/python/[email protected]/litellm/__init__.py:23
    return os.getenv("LITELLM_DEV_ENV_HOT_RELOAD") == "True"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #86437cb249bd7234 Environment-variable access.
pkgs/python/[email protected]/litellm/__init__.py:26
if os.getenv("LITELLM_MODE", "DEV") == "DEV":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e09474a1f00f8019 Environment-variable access.
pkgs/python/[email protected]/litellm/__init__.py:97
litellm_mode = os.getenv("LITELLM_MODE", "DEV")  # "PRODUCTION", "DEV"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dfe28304234406df Environment-variable access.
pkgs/python/[email protected]/litellm/__init__.py:227
drop_params = bool(os.getenv("LITELLM_DROP_PARAMS", False))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2d7bac2326f78187 Environment-variable access.
pkgs/python/[email protected]/litellm/__init__.py:228
modify_params = bool(os.getenv("LITELLM_MODIFY_PARAMS", False))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #eaebae744565e7ef Environment-variable access.
pkgs/python/[email protected]/litellm/__init__.py:230
    os.getenv("LITELLM_USE_CHAT_COMPLETIONS_URL_FOR_ANTHROPIC_MESSAGES", False)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #92e6ce132c1a5db8 Environment-variable access.
pkgs/python/[email protected]/litellm/__init__.py:244
    os.getenv("LITELLM_ROUTE_ALL_CHAT_OPENAI_TO_RESPONSES", "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a2cec05f750f38ab Environment-variable access.
pkgs/python/[email protected]/litellm/__init__.py:248
gemini_live_defer_setup: bool = os.getenv("LITELLM_GEMINI_LIVE_DEFER_SETUP", "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #820e82c46c9efab6 Environment-variable access.
pkgs/python/[email protected]/litellm/__init__.py:250
    os.getenv("LITELLM_USE_LEGACY_INTERACTIONS_SCHEMA", "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #89373e8172474c45 Environment-variable access.
pkgs/python/[email protected]/litellm/__init__.py:393
model_cost_map_url: str = os.getenv(
    "LITELLM_MODEL_COST_MAP_URL",
    "https://raw.githubusercontent.com/BerriAI/litellm/main/model_prices_and_context_window.json",
)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cee059284d8e3aca Environment-variable access.
pkgs/python/[email protected]/litellm/__init__.py:397
blog_posts_url: str = os.getenv(
    "LITELLM_BLOG_POSTS_URL",
    "https://docs.litellm.ai/blog/rss.xml",
)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8bf1c610aea72559 Environment-variable access.
pkgs/python/[email protected]/litellm/__init__.py:401
anthropic_beta_headers_url: str = os.getenv(
    "LITELLM_ANTHROPIC_BETA_HEADERS_URL",
    "https://raw.githubusercontent.com/BerriAI/litellm/main/litellm/anthropic_beta_headers_config.json",
)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #46aca4a8139d5813 Environment-variable access.
pkgs/python/[email protected]/litellm/__init__.py:2108
if os.getenv("LITELLM_DISABLE_LAZY_LOADING", "").lower() in ("1", "true", "yes", "on"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #94c5b46e088c0dd8 Environment-variable access.
pkgs/python/[email protected]/litellm/_logging.py:20
_ENABLE_SECRET_REDACTION = os.getenv("LITELLM_DISABLE_REDACT_SECRETS", "").lower() != "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #eba45bbc2d6f3af6 Environment-variable access.
pkgs/python/[email protected]/litellm/_logging.py:80
json_logs = bool(os.getenv("JSON_LOGS", False))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7608e704daacba19 Environment-variable access.
pkgs/python/[email protected]/litellm/_logging.py:82
log_level = os.getenv("LITELLM_LOG", "DEBUG")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #80df3c71fa69661e Environment-variable access.
pkgs/python/[email protected]/litellm/_redis.py:199
    _client_id = azure_client_id or os.environ.get("AZURE_CLIENT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2fe0cffe73e46ba6 Environment-variable access.
pkgs/python/[email protected]/litellm/_redis.py:200
    _tenant_id = azure_tenant_id or os.environ.get("AZURE_TENANT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f17e903d7297f626 Environment-variable access.
pkgs/python/[email protected]/litellm/_redis.py:201
    _client_secret = azure_client_secret or os.environ.get("AZURE_CLIENT_SECRET")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #802366962a6499a4 Environment-variable access.
pkgs/python/[email protected]/litellm/_redis.py:269
        username = os.environ.get("REDIS_USERNAME", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4b501ca99fa362a9 Environment-variable access.
pkgs/python/[email protected]/litellm/_redis.py:296
    if "REDIS_URL" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #95889cdc620cea2f Environment-variable access.
pkgs/python/[email protected]/litellm/_redis.py:297
        return os.environ["REDIS_URL"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b405d284b6c17b52 Environment-variable access.
pkgs/python/[email protected]/litellm/_redis.py:299
    if "REDIS_HOST" not in os.environ or "REDIS_PORT" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #676103966e405518 Environment-variable access.
pkgs/python/[email protected]/litellm/_redis.py:302
    if "REDIS_SSL" in os.environ and os.environ["REDIS_SSL"].lower() == "true":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1d3de6efcd2e1d6c Environment-variable access.
pkgs/python/[email protected]/litellm/_redis.py:309
    if "REDIS_USERNAME" in os.environ and "REDIS_PASSWORD" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4ca86ab8749f1051 Environment-variable access.
pkgs/python/[email protected]/litellm/_redis.py:310
        auth_part = f"{os.environ['REDIS_USERNAME']}:{os.environ['REDIS_PASSWORD']}@"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2aa24ddc92b49dbc Environment-variable access.
pkgs/python/[email protected]/litellm/_redis.py:311
    elif "REDIS_PASSWORD" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a684b29c953eb99a Environment-variable access.
pkgs/python/[email protected]/litellm/_redis.py:312
        auth_part = f"{os.environ['REDIS_PASSWORD']}@"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a8caff7627655b24 Environment-variable access.
pkgs/python/[email protected]/litellm/_redis.py:314
    return f"{redis_protocol}://{auth_part}{os.environ['REDIS_HOST']}:{os.environ['REDIS_PORT']}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9d70aaef05e3f33d Environment-variable access.
pkgs/python/[email protected]/litellm/_redis.py:579
                username=os.environ.get("REDIS_USERNAME") or None,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f14702b0bc329884 Environment-variable access.
pkgs/python/[email protected]/litellm/_redis.py:629
            username=os.environ.get("REDIS_USERNAME") or None,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4566fd8778e4cd4b Environment-variable access.
pkgs/python/[email protected]/litellm/_redis.py:675
            username=os.environ.get("REDIS_USERNAME") or None,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #ffa7ef78dd711789 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/a2a_protocol/providers/bedrock_agentcore/handler.py:60
        response = await client.post(
            url,
            headers=headers,
            data=body,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #08a7f1764da17d33 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/a2a_protocol/providers/bedrock_agentcore/handler.py:107
        response = await client.post(
            url,
            headers=headers,
            data=body,
            stream=True,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #ff4ae3ee6c2b75b1 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/a2a_protocol/providers/pydantic_ai_agents/transformation.py:105
            response = await client.post(
                endpoint,
                json=poll_request,
                headers={
                    **(agent_extra_headers or {}),
                    "Content-Type": "application/json",
                },
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #fb831684cc735a0b Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/a2a_protocol/providers/pydantic_ai_agents/transformation.py:182
        response = await client.post(
            endpoint,
            json=a2a_request,
            headers={
                **(agent_extra_headers or {}),
                "Content-Type": "application/json",
            },
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #e03ff37dda735703 Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/a2a_protocol/providers/watsonx_orchestrate/handler.py:83
            response = await client.post(
                _IBM_CLOUD_IAM_URL,
                data={
                    "grant_type": "urn:ibm:params:oauth:grant-type:apikey",
                    "apikey": api_key,
                },
                headers={"Content-Type": "application/x-www-form-urlencoded"},
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #c4794643bdcc870e Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/a2a_protocol/providers/watsonx_orchestrate/handler.py:99
            response = await client.post(
                token_url,
                json={"username": username, "api_key": api_key},
                headers={"Content-Type": "application/json"},
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #ec422bc75cdb05ec Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/a2a_protocol/providers/watsonx_orchestrate/handler.py:133
            response = await client.get(url, headers=auth_headers)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #b2c4597b31f95be4 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/a2a_protocol/providers/watsonx_orchestrate/handler.py:242
        run_response = await client.post(
            f"{base_url}/v1/orchestrate/runs",
            json=body,
            headers=auth_headers,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #24adae235f021023 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/a2a_protocol/providers/watsonx_orchestrate/handler.py:290
            response = await client.post(
                f"{base_url}/v1/orchestrate/runs/stream",
                json=body,
                headers=auth_headers,
                stream=True,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #92d9e6ecf9bb0f30 Filesystem access.
pkgs/python/[email protected]/litellm/anthropic_beta_headers_manager.py:51
                files("litellm").joinpath("anthropic_beta_headers_config.json").read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #a23f4a4f18ff4d00 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/anthropic_beta_headers_manager.py:117
        response = httpx.get(url, timeout=timeout)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #bd38c5393d3ad80d Environment-variable access.
pkgs/python/[email protected]/litellm/anthropic_beta_headers_manager.py:137
    if os.getenv("LITELLM_LOCAL_ANTHROPIC_BETA_HEADERS", "").lower() == "true":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5d3f82362f01e575 Environment-variable access.
pkgs/python/[email protected]/litellm/assistants/main.py:109
            or os.getenv("OPENAI_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fe118e194d2c3d71 Environment-variable access.
pkgs/python/[email protected]/litellm/assistants/main.py:110
            or os.getenv("OPENAI_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f68c02962930aad8 Environment-variable access.
pkgs/python/[email protected]/litellm/assistants/main.py:116
            or os.getenv("OPENAI_ORGANIZATION", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ade15340b0f0e7d4 Environment-variable access.
pkgs/python/[email protected]/litellm/assistants/main.py:124
            or os.getenv("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e1a8b12af0e5d15b Environment-variable access.
pkgs/python/[email protected]/litellm/assistants/main.py:298
            or os.getenv("OPENAI_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3da1e29c26c2a78f Environment-variable access.
pkgs/python/[email protected]/litellm/assistants/main.py:299
            or os.getenv("OPENAI_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c851a1aac1f5a9d2 Environment-variable access.
pkgs/python/[email protected]/litellm/assistants/main.py:305
            or os.getenv("OPENAI_ORGANIZATION", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ee8a54927d720b32 Environment-variable access.
pkgs/python/[email protected]/litellm/assistants/main.py:313
            or os.getenv("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c4726d705967d164 Environment-variable access.
pkgs/python/[email protected]/litellm/assistants/main.py:459
            or os.getenv("OPENAI_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7d5d573f275e2bf3 Environment-variable access.
pkgs/python/[email protected]/litellm/assistants/main.py:460
            or os.getenv("OPENAI_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2b996c6fafe13335 Environment-variable access.
pkgs/python/[email protected]/litellm/assistants/main.py:464
            optional_params.organization or litellm.organization or os.getenv("OPENAI_ORGANIZATION", None) or None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #08914d67135db152 Environment-variable access.
pkgs/python/[email protected]/litellm/assistants/main.py:467
        api_key = optional_params.api_key or litellm.api_key or litellm.openai_key or os.getenv("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #090d7b27597a3649 Environment-variable access.
pkgs/python/[email protected]/litellm/assistants/main.py:630
            or os.getenv("OPENAI_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a4fc8a26147aacbe Environment-variable access.
pkgs/python/[email protected]/litellm/assistants/main.py:631
            or os.getenv("OPENAI_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #92d62a72ac8c5af8 Environment-variable access.
pkgs/python/[email protected]/litellm/assistants/main.py:637
            or os.getenv("OPENAI_ORGANIZATION", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f0d2f81ee57d76e6 Environment-variable access.
pkgs/python/[email protected]/litellm/assistants/main.py:645
            or os.getenv("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #240c3e96ca7b941d Environment-variable access.
pkgs/python/[email protected]/litellm/assistants/main.py:782
            or os.getenv("OPENAI_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #018e5bbf573b1243 Environment-variable access.
pkgs/python/[email protected]/litellm/assistants/main.py:783
            or os.getenv("OPENAI_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b7da3a8f26b67f1e Environment-variable access.
pkgs/python/[email protected]/litellm/assistants/main.py:789
            or os.getenv("OPENAI_ORGANIZATION", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fa0b8badd5e814ea Environment-variable access.
pkgs/python/[email protected]/litellm/assistants/main.py:797
            or os.getenv("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #472e0725fc408e17 Environment-variable access.
pkgs/python/[email protected]/litellm/assistants/main.py:965
            or os.getenv("OPENAI_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #35b302d4b0246468 Environment-variable access.
pkgs/python/[email protected]/litellm/assistants/main.py:966
            or os.getenv("OPENAI_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bb748d889d178baf Environment-variable access.
pkgs/python/[email protected]/litellm/assistants/main.py:972
            or os.getenv("OPENAI_ORGANIZATION", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #08284f1e686bde3f Environment-variable access.
pkgs/python/[email protected]/litellm/assistants/main.py:980
            or os.getenv("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4c7202c072423625 Environment-variable access.
pkgs/python/[email protected]/litellm/assistants/main.py:1123
            or os.getenv("OPENAI_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #412b3b28e3b19876 Environment-variable access.
pkgs/python/[email protected]/litellm/assistants/main.py:1124
            or os.getenv("OPENAI_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7a80da7d059ffe43 Environment-variable access.
pkgs/python/[email protected]/litellm/assistants/main.py:1130
            or os.getenv("OPENAI_ORGANIZATION", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c376a5ed7bfa377f Environment-variable access.
pkgs/python/[email protected]/litellm/assistants/main.py:1138
            or os.getenv("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #74d6183671f0b5f0 Environment-variable access.
pkgs/python/[email protected]/litellm/assistants/main.py:1318
            or os.getenv("OPENAI_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b50bb18a1aefbf15 Environment-variable access.
pkgs/python/[email protected]/litellm/assistants/main.py:1319
            or os.getenv("OPENAI_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f2b8d5093d624eaa Environment-variable access.
pkgs/python/[email protected]/litellm/assistants/main.py:1325
            or os.getenv("OPENAI_ORGANIZATION", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f064e9d109146ca0 Environment-variable access.
pkgs/python/[email protected]/litellm/assistants/main.py:1333
            or os.getenv("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ca83755578d8be0a Environment-variable access.
pkgs/python/[email protected]/litellm/batches/main.py:246
                or os.getenv("OPENAI_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e957fca026df0743 Environment-variable access.
pkgs/python/[email protected]/litellm/batches/main.py:247
                or os.getenv("OPENAI_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d4ce21eb611c7853 Environment-variable access.
pkgs/python/[email protected]/litellm/batches/main.py:253
                or os.getenv("OPENAI_ORGANIZATION", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6b22b8742a302cfe Environment-variable access.
pkgs/python/[email protected]/litellm/batches/main.py:261
                or os.getenv("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4d3c5ff1efd8d621 Environment-variable access.
pkgs/python/[email protected]/litellm/batches/main.py:395
            or os.getenv("OPENAI_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7f1d7cda572451f1 Environment-variable access.
pkgs/python/[email protected]/litellm/batches/main.py:396
            or os.getenv("OPENAI_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b23d42f8fe7ab4cd Environment-variable access.
pkgs/python/[email protected]/litellm/batches/main.py:402
            or os.getenv("OPENAI_ORGANIZATION", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5b7ca47eecb0a58c Environment-variable access.
pkgs/python/[email protected]/litellm/batches/main.py:410
            or os.getenv("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #05cc224da2453bf1 Environment-variable access.
pkgs/python/[email protected]/litellm/batches/main.py:711
            or os.getenv("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cf1e31437fcd0764 Environment-variable access.
pkgs/python/[email protected]/litellm/batches/main.py:735
                or os.getenv("OPENAI_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7425a4606695622f Environment-variable access.
pkgs/python/[email protected]/litellm/batches/main.py:736
                or os.getenv("OPENAI_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4934ec6625cdb067 Environment-variable access.
pkgs/python/[email protected]/litellm/batches/main.py:742
                or os.getenv("OPENAI_ORGANIZATION", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a595a1a1a38ca819 Environment-variable access.
pkgs/python/[email protected]/litellm/batches/main.py:927
                or os.getenv("OPENAI_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9c158cd2a676ae30 Environment-variable access.
pkgs/python/[email protected]/litellm/batches/main.py:928
                or os.getenv("OPENAI_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #69057156c274272a Environment-variable access.
pkgs/python/[email protected]/litellm/batches/main.py:932
                optional_params.organization or litellm.organization or os.getenv("OPENAI_ORGANIZATION", None) or None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3074692b6f2e8095 Environment-variable access.
pkgs/python/[email protected]/litellm/batches/main.py:934
            api_key = optional_params.api_key or litellm.api_key or litellm.openai_key or os.getenv("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1cfb892585e4503f Filesystem access.
pkgs/python/[email protected]/litellm/budget_manager.py:55
                with open("user_cost.json", "r") as json_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #22b56af673f848cf Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/budget_manager.py:65
            response = litellm.module_level_client.post(url, headers=self.headers, json=data)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #ad6f69f9881d30b5 Filesystem access.
pkgs/python/[email protected]/litellm/budget_manager.py:208
            with open("user_cost.json", "w") as json_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #73430e85eca1a1dc Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/budget_manager.py:214
            response = litellm.module_level_client.post(url, headers=self.headers, json=data)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #49e13f1b26284175 Environment-variable access.
pkgs/python/[email protected]/litellm/caching/qdrant_semantic_cache.py:71
        qdrant_api_base = qdrant_api_base or os.getenv("QDRANT_URL") or os.getenv("QDRANT_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #186cfa46cc63af5b Environment-variable access.
pkgs/python/[email protected]/litellm/caching/qdrant_semantic_cache.py:72
        qdrant_api_key = qdrant_api_key or os.getenv("QDRANT_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #0d091718594ca20b Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/caching/redis_cache.py:979
            cached_response = self.redis_client.get(key)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #b9f1acb37ca7bf73 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/caching/redis_cache.py:1075
            cached_response = await _redis_client.get(key)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #eb1cf4c458d2447e Environment-variable access.
pkgs/python/[email protected]/litellm/caching/redis_semantic_cache.py:93
                host = host or os.environ["REDIS_HOST"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ffa2e5c33f3808a0 Environment-variable access.
pkgs/python/[email protected]/litellm/caching/redis_semantic_cache.py:94
                port = port or os.environ["REDIS_PORT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #977c2ad198577f39 Environment-variable access.
pkgs/python/[email protected]/litellm/caching/redis_semantic_cache.py:95
                password = password or os.environ["REDIS_PASSWORD"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #da13ab09ad4c5eed Environment-variable access.
pkgs/python/[email protected]/litellm/caching/valkey_semantic_cache.py:99
        host = host or os.environ.get("VALKEY_HOST") or os.environ.get("REDIS_HOST")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ade4af1b5091274d Environment-variable access.
pkgs/python/[email protected]/litellm/caching/valkey_semantic_cache.py:100
        port = port or os.environ.get("VALKEY_PORT") or os.environ.get("REDIS_PORT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a22d37597c9bbaac Environment-variable access.
pkgs/python/[email protected]/litellm/caching/valkey_semantic_cache.py:101
        password = password or os.environ.get("VALKEY_PASSWORD") or os.environ.get("REDIS_PASSWORD")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #06abf808958633ac Environment-variable access.
pkgs/python/[email protected]/litellm/completion_extras/litellm_responses_transformation/transformation.py:924
            litellm.reasoning_auto_summary or os.getenv("LITELLM_REASONING_AUTO_SUMMARY", "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c5081169e545ec11 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:7
DEFAULT_HEALTH_CHECK_PROMPT = str(os.getenv("DEFAULT_HEALTH_CHECK_PROMPT", "test from litellm"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #15442c0ebf493e5e Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:8
AZURE_DEFAULT_RESPONSES_API_VERSION = str(os.getenv("AZURE_DEFAULT_RESPONSES_API_VERSION", "preview"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8bfd5eac6d15b71d Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:9
ROUTER_MAX_FALLBACKS = int(os.getenv("ROUTER_MAX_FALLBACKS", 5))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6c4a0532f2c54c79 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:10
DEFAULT_BATCH_SIZE = int(os.getenv("DEFAULT_BATCH_SIZE", 512))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fb3dd36e09a4bb67 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:11
DEFAULT_FLUSH_INTERVAL_SECONDS = int(os.getenv("DEFAULT_FLUSH_INTERVAL_SECONDS", 5))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7c8cb8178c5ef92b Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:12
DEFAULT_S3_FLUSH_INTERVAL_SECONDS = int(os.getenv("DEFAULT_S3_FLUSH_INTERVAL_SECONDS", 10))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ea6842685f90e6da Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:13
DEFAULT_S3_BATCH_SIZE = int(os.getenv("DEFAULT_S3_BATCH_SIZE", 512))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f03c6cfa9c846ef7 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:14
DEFAULT_SQS_FLUSH_INTERVAL_SECONDS = int(os.getenv("DEFAULT_SQS_FLUSH_INTERVAL_SECONDS", 10))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b7bc1ef5bdbda9ec Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:15
DEFAULT_NUM_WORKERS_LITELLM_PROXY = int(os.getenv("DEFAULT_NUM_WORKERS_LITELLM_PROXY", 1))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #849a4dcd354370f6 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:16
DYNAMIC_RATE_LIMIT_ERROR_THRESHOLD_PER_MINUTE = int(os.getenv("DYNAMIC_RATE_LIMIT_ERROR_THRESHOLD_PER_MINUTE", 1))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #660bd6142ab01028 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:17
DEFAULT_SQS_BATCH_SIZE = int(os.getenv("DEFAULT_SQS_BATCH_SIZE", 512))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #65ccc50aa68afcb8 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:20
DEFAULT_MAX_RETRIES = int(os.getenv("DEFAULT_MAX_RETRIES", 2))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #35cd3181aed41465 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:24
DEFAULT_MAX_RECURSE_DEPTH = int(os.getenv("DEFAULT_MAX_RECURSE_DEPTH", 100))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b1e46e4ec57db1f9 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:25
DEFAULT_MAX_RECURSE_DEPTH_SENSITIVE_DATA_MASKER = int(os.getenv("DEFAULT_MAX_RECURSE_DEPTH_SENSITIVE_DATA_MASKER", 10))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a8ff48fa6b7283e0 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:27
    os.getenv("DEFAULT_FAILURE_THRESHOLD_PERCENT", 0.5)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c7b9444019127e8d Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:29
DEFAULT_MAX_TOKENS = int(os.getenv("DEFAULT_MAX_TOKENS", 4096))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b62215d9e719f211 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:30
DEFAULT_ALLOWED_FAILS = int(os.getenv("DEFAULT_ALLOWED_FAILS", 3))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3efc947bb144b0a2 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:31
DEFAULT_REDIS_SYNC_INTERVAL = int(os.getenv("DEFAULT_REDIS_SYNC_INTERVAL", 1))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #918fa360c65989f5 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:32
DEFAULT_COOLDOWN_TIME_SECONDS = int(os.getenv("DEFAULT_COOLDOWN_TIME_SECONDS", 5))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5869d7c45a2f3027 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:33
DEFAULT_REPLICATE_POLLING_RETRIES = int(os.getenv("DEFAULT_REPLICATE_POLLING_RETRIES", 5))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #48f860689bdc562a Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:34
DEFAULT_REPLICATE_POLLING_DELAY_SECONDS = int(os.getenv("DEFAULT_REPLICATE_POLLING_DELAY_SECONDS", 1))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #de772ae84da5ac48 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:35
DEFAULT_IMAGE_TOKEN_COUNT = int(os.getenv("DEFAULT_IMAGE_TOKEN_COUNT", 250))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #14c438c5153d4d30 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:40
_max_stream_duration_env = os.getenv("LITELLM_MAX_STREAMING_DURATION_SECONDS", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6fc1a51d9bdd5fd9 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:48
MAX_BASE64_LENGTH_FOR_LOGGING = int(os.getenv("MAX_BASE64_LENGTH_FOR_LOGGING", 64))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3f5533716e89b3c1 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:52
LITELLM_DETAILED_TIMING = os.getenv("LITELLM_DETAILED_TIMING", "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6158f58d90e79181 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:56
    os.getenv("MODEL_COST_MAP_MIN_MODEL_COUNT", 50)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ad74fed50179318f Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:59
    os.getenv("MODEL_COST_MAP_MAX_SHRINK_RATIO", 0.5)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a662eb2ebe35a215 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:61
DEFAULT_IMAGE_WIDTH = int(os.getenv("DEFAULT_IMAGE_WIDTH", 300))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f30c5bedb70a6dc0 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:62
DEFAULT_IMAGE_HEIGHT = int(os.getenv("DEFAULT_IMAGE_HEIGHT", 300))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #986fd0eb667348b3 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:67
MAX_IMAGE_URL_DOWNLOAD_SIZE_MB = float(os.getenv("MAX_IMAGE_URL_DOWNLOAD_SIZE_MB", 50))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f7d9adb2805b53da Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:69
    os.getenv("MAX_SIZE_PER_ITEM_IN_MEMORY_CACHE_IN_KB", 1024)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cc18701d2990a913 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:76
    os.getenv("SINGLE_DEPLOYMENT_TRAFFIC_FAILURE_THRESHOLD", 1000)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #afb7c72932ea5e32 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:79
    os.getenv("DEFAULT_FAILURE_THRESHOLD_MINIMUM_REQUESTS", 5)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7bdefe511ba211b3 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:82
DEFAULT_REASONING_EFFORT_DISABLE_THINKING_BUDGET = int(os.getenv("DEFAULT_REASONING_EFFORT_DISABLE_THINKING_BUDGET", 0))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #05d9f701805606f7 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:86
    os.getenv("DEFAULT_MCP_SEMANTIC_FILTER_EMBEDDING_MODEL", "text-embedding-3-small")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #24cc1bdefc1d2567 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:88
DEFAULT_MCP_SEMANTIC_FILTER_TOP_K = int(os.getenv("DEFAULT_MCP_SEMANTIC_FILTER_TOP_K", 10))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0da4b5150de4b4cc Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:90
    os.getenv("DEFAULT_MCP_SEMANTIC_FILTER_SIMILARITY_THRESHOLD", 0.3)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5131fa130387f355 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:92
MAX_MCP_SEMANTIC_FILTER_TOOLS_HEADER_LENGTH = int(os.getenv("MAX_MCP_SEMANTIC_FILTER_TOOLS_HEADER_LENGTH", 150))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #17a48fda258c3056 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:96
    os.getenv("DEFAULT_SEMANTIC_GUARD_EMBEDDING_MODEL", "text-embedding-3-small")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #477f19467d5d4eca Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:98
DEFAULT_SEMANTIC_GUARD_SIMILARITY_THRESHOLD = float(os.getenv("DEFAULT_SEMANTIC_GUARD_SIMILARITY_THRESHOLD", 0.75))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #acf2d10588aef4be Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:101
MCP_OAUTH2_TOKEN_EXPIRY_BUFFER_SECONDS = int(os.getenv("MCP_OAUTH2_TOKEN_EXPIRY_BUFFER_SECONDS", "60"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #76ed69f51685f9a3 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:102
MCP_OAUTH2_TOKEN_CACHE_MAX_SIZE = int(os.getenv("MCP_OAUTH2_TOKEN_CACHE_MAX_SIZE", "200"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e5ba4fcb9e441ced Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:103
MCP_OAUTH2_TOKEN_CACHE_DEFAULT_TTL = int(os.getenv("MCP_OAUTH2_TOKEN_CACHE_DEFAULT_TTL", "3600"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b72c68bd4d28950f Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:108
MCP_NPM_CACHE_DIR = os.getenv("MCP_NPM_CACHE_DIR", "/tmp/.npm_mcp_cache")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6338a193cd3f3803 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:109
MCP_OAUTH2_TOKEN_CACHE_MIN_TTL = int(os.getenv("MCP_OAUTH2_TOKEN_CACHE_MIN_TTL", "10"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7e697ad27d0fb5b3 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:114
    os.getenv("MCP_PER_USER_TOKEN_DEFAULT_TTL", "43200")  # 12 hours

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f2bd622f3c8e2bad Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:116
MCP_PER_USER_TOKEN_EXPIRY_BUFFER_SECONDS = int(os.getenv("MCP_PER_USER_TOKEN_EXPIRY_BUFFER_SECONDS", "60"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e466ae3fbede693b Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:119
MCP_CLIENT_TIMEOUT = float(os.getenv("LITELLM_MCP_CLIENT_TIMEOUT", "60.0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fca20b5a471316f3 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:120
MCP_TOOL_LISTING_TIMEOUT = float(os.getenv("LITELLM_MCP_TOOL_LISTING_TIMEOUT", "30.0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bbc40acc141b98b2 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:121
MCP_METADATA_TIMEOUT = float(os.getenv("LITELLM_MCP_METADATA_TIMEOUT", "10.0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2c9a20ec32110813 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:122
MCP_HEALTH_CHECK_TIMEOUT = float(os.getenv("LITELLM_MCP_HEALTH_CHECK_TIMEOUT", "10.0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #49a44f548ee3a73e Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:129
_MCP_STDIO_EXTRA_COMMANDS = os.getenv("LITELLM_MCP_STDIO_EXTRA_COMMANDS", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #04629ebcfb9ac728 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:135
MCP_TOKEN_EXCHANGE_CACHE_MAX_SIZE = int(os.getenv("MCP_TOKEN_EXCHANGE_CACHE_MAX_SIZE", "500"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9c45b749ce95ebb3 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:145
    os.getenv("DEFAULT_REASONING_EFFORT_MINIMAL_THINKING_BUDGET_GEMINI_2_5_FLASH", 1)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9ccb4e018e4d6bee Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:148
    os.getenv("DEFAULT_REASONING_EFFORT_MINIMAL_THINKING_BUDGET_GEMINI_2_5_PRO", 128)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #82e4082d0b9977c5 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:151
    os.getenv("DEFAULT_REASONING_EFFORT_MINIMAL_THINKING_BUDGET_GEMINI_2_5_FLASH_LITE", 512)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0b7fa91784c993d3 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:165
    os.getenv("DEFAULT_REASONING_EFFORT_MINIMAL_THINKING_BUDGET", 128)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ea3c1651530b43ea Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:183
DEFAULT_REASONING_EFFORT_LOW_THINKING_BUDGET = int(os.getenv("DEFAULT_REASONING_EFFORT_LOW_THINKING_BUDGET", 1024))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6ad0b184642734f2 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:185
    os.getenv("DEFAULT_REASONING_EFFORT_MEDIUM_THINKING_BUDGET", 2048)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f52a97b3b15cfd84 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:187
DEFAULT_REASONING_EFFORT_HIGH_THINKING_BUDGET = int(os.getenv("DEFAULT_REASONING_EFFORT_HIGH_THINKING_BUDGET", 4096))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8df6b82b50efc105 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:188
DEFAULT_REASONING_EFFORT_XHIGH_THINKING_BUDGET = int(os.getenv("DEFAULT_REASONING_EFFORT_XHIGH_THINKING_BUDGET", 8192))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #133475aa4a8440a7 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:189
DEFAULT_REASONING_EFFORT_MAX_THINKING_BUDGET = int(os.getenv("DEFAULT_REASONING_EFFORT_MAX_THINKING_BUDGET", 16384))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b5dcdfd6f9eb5263 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:191
    os.getenv("MAX_TOKEN_TRIMMING_ATTEMPTS", 10)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fd0d5591ac717ffa Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:194
RUNWAYML_DEFAULT_API_VERSION = str(os.getenv("RUNWAYML_DEFAULT_API_VERSION", "2024-11-06"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ac0257c0335d29f8 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:195
RUNWAYML_POLLING_TIMEOUT = int(os.getenv("RUNWAYML_POLLING_TIMEOUT", 600))  # 10 minutes default for image generation

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bf319086d61bb3cc Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:202
AIOHTTP_CONNECTOR_LIMIT = int(os.getenv("AIOHTTP_CONNECTOR_LIMIT", 1000))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #15c191ca28661c6d Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:203
AIOHTTP_CONNECTOR_LIMIT_PER_HOST = int(os.getenv("AIOHTTP_CONNECTOR_LIMIT_PER_HOST", 500))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8ba0055b98bc746b Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:204
AIOHTTP_KEEPALIVE_TIMEOUT = int(os.getenv("AIOHTTP_KEEPALIVE_TIMEOUT", 120))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f7be418731a01fe8 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:205
AIOHTTP_TTL_DNS_CACHE = int(os.getenv("AIOHTTP_TTL_DNS_CACHE", 300))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f3598a2065d02bd3 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:212
AIOHTTP_SO_KEEPALIVE = os.getenv("AIOHTTP_SO_KEEPALIVE", "False").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6b949b99b242d937 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:213
AIOHTTP_TCP_KEEPIDLE = int(os.getenv("AIOHTTP_TCP_KEEPIDLE", 60))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5292cea8c5fade18 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:214
AIOHTTP_TCP_KEEPINTVL = int(os.getenv("AIOHTTP_TCP_KEEPINTVL", 30))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #92151ddaa2bfd415 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:215
AIOHTTP_TCP_KEEPCNT = int(os.getenv("AIOHTTP_TCP_KEEPCNT", 5))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cd70ae7e21af3972 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:228
_max_size_env = os.getenv("REALTIME_WEBSOCKET_MAX_MESSAGE_SIZE_BYTES")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ac342976d77f454d Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:234
DEFAULT_SSL_CIPHERS = os.getenv(
    "LITELLM_SSL_CIPHERS",
    # Priority 1: TLS 1.3 ciphers (fastest, ~50ms handshake)
    "TLS_AES_256_GCM_SHA384:"  # Fastest observed in testing
    "TLS_AES_128_GCM_SHA256:"  # Slightly faster than 256-bit
    "TLS_CHACHA20_POLY1305_SHA256:"  # Fast on ARM/mobile
    # Priority 2: TLS 1.2 ECDHE+GCM (fast, ~100ms handshake, widely supported)
    "ECDHE-RSA-AES256-GCM-SHA384:"
    "ECDHE-RSA-AES128-GCM-SHA256:"
    "ECDHE-ECDSA-AES256-GCM-SHA384:"
    "ECDHE-ECDSA-AES128-GCM-SHA256:"
    # Priority 3: Additional modern ciphers (good balance)
    "ECDHE-RSA-CHACHA20-POLY1305:"
    "ECDHE-ECDSA-CHACHA20-POLY1305:"
    # Priority 4: Widely compatible fallbacks (slower but universally supported)
    "ECDHE-RSA-AES256-SHA384:"  # Common fallback
    "ECDHE-RSA-AES128-SHA256:"  # Very widely supported
    "AES256-GCM-SHA384:"  # Non-PFS fallback (compatibility)
    "AES128-GCM-SHA256",  # Last resort (maximum compatibility)
)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ada0f301272c222b Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:263
MAX_REDIS_BUFFER_DEQUEUE_COUNT = int(os.getenv("MAX_REDIS_BUFFER_DEQUEUE_COUNT", 100))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8fc9bdcc70e4cda8 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:265
LITELLM_ASYNCIO_QUEUE_MAXSIZE = int(os.getenv("LITELLM_ASYNCIO_QUEUE_MAXSIZE", 1000))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #715a15318d6ac430 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:266
TOOL_POLICY_CACHE_TTL_SECONDS = int(os.getenv("TOOL_POLICY_CACHE_TTL_SECONDS", 60))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #15287b5086ebfa32 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:269
MAX_SIZE_IN_MEMORY_QUEUE = int(os.getenv("MAX_SIZE_IN_MEMORY_QUEUE", int(LITELLM_ASYNCIO_QUEUE_MAXSIZE * 0.8)))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c8c8908fc52eeff0 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:270
MAX_IN_MEMORY_QUEUE_FLUSH_COUNT = int(os.getenv("MAX_IN_MEMORY_QUEUE_FLUSH_COUNT", 1000))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #aca1515620b53a63 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:273
    os.getenv("MINIMUM_PROMPT_CACHE_TOKEN_COUNT", 1024)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5b59b4f233a6f1e6 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:276
    os.getenv("DEFAULT_TRIM_RATIO", 0.75)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e7f322b1d0acdf54 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:278
HOURS_IN_A_DAY = int(os.getenv("HOURS_IN_A_DAY", 24))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #aa8fbc4c2a1b18ce Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:279
DAYS_IN_A_WEEK = int(os.getenv("DAYS_IN_A_WEEK", 7))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6168f65df8de4816 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:280
DAYS_IN_A_MONTH = int(os.getenv("DAYS_IN_A_MONTH", 28))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a4cd1998d99967de Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:281
DAYS_IN_A_YEAR = int(os.getenv("DAYS_IN_A_YEAR", 365))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0cda5d27cc864172 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:282
REPLICATE_MODEL_NAME_WITH_ID_LENGTH = int(os.getenv("REPLICATE_MODEL_NAME_WITH_ID_LENGTH", 64))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2b0f84ff2ebf2172 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:284
FUNCTION_DEFINITION_TOKEN_COUNT = int(os.getenv("FUNCTION_DEFINITION_TOKEN_COUNT", 9))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e2dd1daf951cf8da Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:285
SYSTEM_MESSAGE_TOKEN_COUNT = int(os.getenv("SYSTEM_MESSAGE_TOKEN_COUNT", 4))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c91ac837f5d25502 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:286
TOOL_CHOICE_OBJECT_TOKEN_COUNT = int(os.getenv("TOOL_CHOICE_OBJECT_TOKEN_COUNT", 4))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #807d345985ab49b1 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:287
DEFAULT_MOCK_RESPONSE_PROMPT_TOKEN_COUNT = int(os.getenv("DEFAULT_MOCK_RESPONSE_PROMPT_TOKEN_COUNT", 10))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6142b0d354f6aa76 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:288
DEFAULT_MOCK_RESPONSE_COMPLETION_TOKEN_COUNT = int(os.getenv("DEFAULT_MOCK_RESPONSE_COMPLETION_TOKEN_COUNT", 20))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #af924743308650aa Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:289
MAX_SHORT_SIDE_FOR_IMAGE_HIGH_RES = int(os.getenv("MAX_SHORT_SIDE_FOR_IMAGE_HIGH_RES", 768))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f8a1bb1df8ed6a94 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:290
MAX_LONG_SIDE_FOR_IMAGE_HIGH_RES = int(os.getenv("MAX_LONG_SIDE_FOR_IMAGE_HIGH_RES", 2000))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e65851443a7fe462 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:291
MAX_TILE_WIDTH = int(os.getenv("MAX_TILE_WIDTH", 512))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ac9e1b6050365e05 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:292
MAX_TILE_HEIGHT = int(os.getenv("MAX_TILE_HEIGHT", 512))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #575b11d6c651e634 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:293
OPENAI_FILE_SEARCH_COST_PER_1K_CALLS = float(os.getenv("OPENAI_FILE_SEARCH_COST_PER_1K_CALLS", 2.5 / 1000))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #733d1ede5c8aa321 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:297
    os.getenv("AZURE_FILE_SEARCH_COST_PER_GB_PER_DAY", 0.1)  # $0.1 USD per 1 GB/Day

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #07f3487dbe518d1d Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:300
    os.getenv("AZURE_COMPUTER_USE_INPUT_COST_PER_1K_TOKENS", 3.0)  # $0.003 USD per 1K Tokens

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d3b6d687e891618f Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:303
    os.getenv("AZURE_COMPUTER_USE_OUTPUT_COST_PER_1K_TOKENS", 12.0)  # $0.012 USD per 1K Tokens

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1e7147f26195b0af Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:306
    os.getenv("AZURE_VECTOR_STORE_COST_PER_GB_PER_DAY", 0.1)  # $0.1 USD per 1 GB/Day (same as file search)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #715bdb1cf381bd45 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:308
MIN_NON_ZERO_TEMPERATURE = float(os.getenv("MIN_NON_ZERO_TEMPERATURE", 0.0001))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9ee8aea0645e2008 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:311
    os.getenv("REPEATED_STREAMING_CHUNK_LIMIT", 100)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b4467198d2b408e8 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:315
DEFAULT_MAX_LRU_CACHE_SIZE = int(os.getenv("DEFAULT_MAX_LRU_CACHE_SIZE", 64))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a9747d923b9704c2 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:317
INITIAL_RETRY_DELAY = float(os.getenv("INITIAL_RETRY_DELAY", 0.5))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2904203745ea4326 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:318
MAX_RETRY_DELAY = float(os.getenv("MAX_RETRY_DELAY", 8.0))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #efa193ba9b8e8728 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:319
JITTER = float(os.getenv("JITTER", 0.75))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3df3fd11ed91a92c Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:320
DEFAULT_IN_MEMORY_TTL = int(os.getenv("DEFAULT_IN_MEMORY_TTL", 5))  # default time to live for the in-memory cache

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #777702c671d89500 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:322
    os.getenv("DEFAULT_MAX_REDIS_BATCH_CACHE_SIZE", 1000)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #14f2188d5cd0913a Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:325
    os.getenv("DEFAULT_POLLING_INTERVAL", 0.03)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4c4f0e0b9f2e1d70 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:327
AZURE_OPERATION_POLLING_TIMEOUT = int(os.getenv("AZURE_OPERATION_POLLING_TIMEOUT", 120))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2af374b45c3dfe3a Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:328
AZURE_DOCUMENT_INTELLIGENCE_API_VERSION = str(os.getenv("AZURE_DOCUMENT_INTELLIGENCE_API_VERSION", "2024-11-30"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b43e588560a576bd Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:329
AZURE_DOCUMENT_INTELLIGENCE_DEFAULT_DPI = int(os.getenv("AZURE_DOCUMENT_INTELLIGENCE_DEFAULT_DPI", 96))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #570ad2d6c33dc4aa Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:330
REDIS_SOCKET_TIMEOUT = float(os.getenv("REDIS_SOCKET_TIMEOUT", 0.1))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7b6a560cfb0089d6 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:331
REDIS_CONNECTION_POOL_TIMEOUT = int(os.getenv("REDIS_CONNECTION_POOL_TIMEOUT", 5))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #346a975dc5845baf Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:332
REDIS_CIRCUIT_BREAKER_FAILURE_THRESHOLD = int(os.getenv("REDIS_CIRCUIT_BREAKER_FAILURE_THRESHOLD", 5))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8296e239d152e95d Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:333
REDIS_CIRCUIT_BREAKER_RECOVERY_TIMEOUT = int(os.getenv("REDIS_CIRCUIT_BREAKER_RECOVERY_TIMEOUT", 60))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #aac839b45db8b61a Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:334
REDIS_CIRCUIT_BREAKER_ENABLED = os.getenv("REDIS_CIRCUIT_BREAKER_ENABLED", "true").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1bef55dff37c7226 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:341
DEFAULT_REDIS_MAJOR_VERSION = int(os.getenv("DEFAULT_REDIS_MAJOR_VERSION", 7))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e62845df6e4c0555 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:343
    os.getenv("NON_LLM_CONNECTION_TIMEOUT", 15)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #af28bee724b832e6 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:345
MAX_EXCEPTION_MESSAGE_LENGTH = int(os.getenv("MAX_EXCEPTION_MESSAGE_LENGTH", 2000))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2852d96a3a9e7b85 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:346
MAX_STRING_LENGTH_PROMPT_IN_DB = int(os.getenv("MAX_STRING_LENGTH_PROMPT_IN_DB", 2048))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #351ba9cfcd8c20b0 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:347
BEDROCK_MAX_POLICY_SIZE = int(os.getenv("BEDROCK_MAX_POLICY_SIZE", 75))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #90af61157d24dd87 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:348
BEDROCK_MIN_THINKING_BUDGET_TOKENS = int(os.getenv("BEDROCK_MIN_THINKING_BUDGET_TOKENS", 1024))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f8ca16b047ad4ffc Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:351
REPLICATE_POLLING_DELAY_SECONDS = float(os.getenv("REPLICATE_POLLING_DELAY_SECONDS", 0.5))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1642fe2ebe9b97bd Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:352
DEFAULT_ANTHROPIC_CHAT_MAX_TOKENS = int(os.getenv("DEFAULT_ANTHROPIC_CHAT_MAX_TOKENS", 4096))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #119e1a13c6206ff4 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:354
TOGETHER_AI_4_B = int(os.getenv("TOGETHER_AI_4_B", 4))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b62ca846b5473748 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:355
TOGETHER_AI_8_B = int(os.getenv("TOGETHER_AI_8_B", 8))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8c51266f0b72a2c7 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:356
TOGETHER_AI_21_B = int(os.getenv("TOGETHER_AI_21_B", 21))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c6c4b07fe0031a6b Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:357
TOGETHER_AI_41_B = int(os.getenv("TOGETHER_AI_41_B", 41))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6c4773f7fad57be1 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:358
TOGETHER_AI_80_B = int(os.getenv("TOGETHER_AI_80_B", 80))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b66f980d21acfed9 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:359
TOGETHER_AI_110_B = int(os.getenv("TOGETHER_AI_110_B", 110))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5c835ac5b178a68d Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:360
TOGETHER_AI_EMBEDDING_150_M = int(os.getenv("TOGETHER_AI_EMBEDDING_150_M", 150))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9f27a9a6bba8cf02 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:361
TOGETHER_AI_EMBEDDING_350_M = int(os.getenv("TOGETHER_AI_EMBEDDING_350_M", 350))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f3971c8f448fce28 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:362
QDRANT_SCALAR_QUANTILE = float(os.getenv("QDRANT_SCALAR_QUANTILE", 0.99))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7697d427e88ffc7c Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:363
QDRANT_VECTOR_SIZE = int(os.getenv("QDRANT_VECTOR_SIZE", 1536))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b282a438b2b9f935 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:364
CACHED_STREAMING_CHUNK_DELAY = float(os.getenv("CACHED_STREAMING_CHUNK_DELAY", 0.02))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7e0852692141ea81 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:366
    os.getenv("AUDIO_SPEECH_CHUNK_SIZE", 8192)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #21e3cc1423bc3a6a Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:368
DEFAULT_MAX_TOKENS_FOR_TRITON = int(os.getenv("DEFAULT_MAX_TOKENS_FOR_TRITON", 2000))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #07d1f1dc9c7b85f4 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:381
request_timeout: float = float(os.getenv("REQUEST_TIMEOUT", str(int(DEFAULT_REQUEST_TIMEOUT_SECONDS))))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #94ab347bddc83a34 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:382
request_timeout_explicitly_set: bool = "REQUEST_TIMEOUT" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5e42f3f25a302030 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:383
DEFAULT_A2A_AGENT_TIMEOUT: float = float(os.getenv("DEFAULT_A2A_AGENT_TIMEOUT", 6000))  # 10 minutes

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e04101ed4266942c Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:404
    os.getenv("DEFAULT_REPLICATE_GPU_PRICE_PER_SECOND", 0.001400)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7248bd7083291748 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:406
FIREWORKS_AI_56_B_MOE = int(os.getenv("FIREWORKS_AI_56_B_MOE", 56))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f092af9981075e7a Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:407
FIREWORKS_AI_176_B_MOE = int(os.getenv("FIREWORKS_AI_176_B_MOE", 176))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6576ec2c9632772a Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:408
FIREWORKS_AI_4_B = int(os.getenv("FIREWORKS_AI_4_B", 4))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4eb413427ae89ddd Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:409
FIREWORKS_AI_16_B = int(os.getenv("FIREWORKS_AI_16_B", 16))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e28bc0329c9473dc Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:410
FIREWORKS_AI_80_B = int(os.getenv("FIREWORKS_AI_80_B", 80))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d4eb474250766843 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:413
MAX_LANGFUSE_INITIALIZED_CLIENTS = int(os.getenv("MAX_LANGFUSE_INITIALIZED_CLIENTS", 50))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ee2615ccb55eb35d Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:414
LOGGING_WORKER_CONCURRENCY = int(os.getenv("LOGGING_WORKER_CONCURRENCY", 100))  # Must be above 0

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #30c6c2ed59594441 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:415
LOGGING_WORKER_MAX_QUEUE_SIZE = int(os.getenv("LOGGING_WORKER_MAX_QUEUE_SIZE", 50_000))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1a84e0b38bfd224f Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:416
LOGGING_WORKER_MAX_TIME_PER_COROUTINE = float(os.getenv("LOGGING_WORKER_MAX_TIME_PER_COROUTINE", 20.0))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #86d7f386ffbdf1ab Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:418
    os.getenv("LOGGING_WORKER_CLEAR_PERCENTAGE", 50)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e4b719a06691bdd0 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:420
MAX_ITERATIONS_TO_CLEAR_QUEUE = int(os.getenv("MAX_ITERATIONS_TO_CLEAR_QUEUE", 200))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b5b7ec44fe5d5e8c Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:421
MAX_TIME_TO_CLEAR_QUEUE = float(os.getenv("MAX_TIME_TO_CLEAR_QUEUE", 5.0))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6174f7720a401565 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:423
    os.getenv("LOGGING_WORKER_AGGRESSIVE_CLEAR_COOLDOWN_SECONDS", 0.5)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #569c6d65120045f2 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:425
DD_TRACER_STREAMING_CHUNK_YIELD_RESOURCE = os.getenv(
    "DD_TRACER_STREAMING_CHUNK_YIELD_RESOURCE", "streaming.chunk.yield"
)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #66c1e60b94152d3e Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:431
EMAIL_BUDGET_ALERT_TTL = int(os.getenv("EMAIL_BUDGET_ALERT_TTL", 24 * 60 * 60))  # 24 hours in seconds

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b95f5b45c3cf2687 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:433
    os.getenv("EMAIL_BUDGET_ALERT_MAX_SPEND_ALERT_PERCENTAGE", 0.8)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2761ec9eab6df86b Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:437
ANTHROPIC_TOKEN_COUNTING_BETA_VERSION = os.getenv("ANTHROPIC_TOKEN_COUNTING_BETA_VERSION", "token-counting-2024-11-01")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6805201e19eb2daa Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:452
DEFAULT_GOOGLE_VIDEO_DURATION_SECONDS = int(os.getenv("DEFAULT_GOOGLE_VIDEO_DURATION_SECONDS", 8))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #36057098f43c84f2 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:456
    os.getenv("DEFAULT_DATAFORSEO_LOCATION_CODE", 2250)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ded3fb847830bc1c Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1270
HUMANLOOP_PROMPT_CACHE_TTL_SECONDS = int(os.getenv("HUMANLOOP_PROMPT_CACHE_TTL_SECONDS", 60))  # 1 minute

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f74afe09cd3ca2d7 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1276
    os.getenv("PROMETHEUS_BUDGET_METRICS_REFRESH_INTERVAL_MINUTES", 5)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1eeee809078f04a0 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1278
CLOUDZERO_EXPORT_INTERVAL_MINUTES = int(os.getenv("CLOUDZERO_EXPORT_INTERVAL_MINUTES", 60))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5611d58d148b497d Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1280
MAXIMUM_TRACEBACK_LINES_TO_LOG = int(os.getenv("MAXIMUM_TRACEBACK_LINES_TO_LOG", 100))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0eb2c393faee0257 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1303
    os.getenv("MAX_SPENDLOG_ROWS_TO_QUERY", 1_000_000)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #901a76443685b3fa Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1306
    os.getenv("DEFAULT_SOFT_BUDGET", 50.0)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a566c988c908dacc Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1313
PYTHON_GC_THRESHOLD = os.getenv("PYTHON_GC_THRESHOLD")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fd0dd15f96f8531e Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1341
BATCH_STATUS_POLL_INTERVAL_SECONDS = int(os.getenv("BATCH_STATUS_POLL_INTERVAL_SECONDS", 3600))  # 1 hour

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b42f53e0151c83d7 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1342
BATCH_STATUS_POLL_MAX_ATTEMPTS = int(os.getenv("BATCH_STATUS_POLL_MAX_ATTEMPTS", 24))  # for 24 hours

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #22a48e830e2ef841 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1344
HEALTH_CHECK_TIMEOUT_SECONDS = int(os.getenv("HEALTH_CHECK_TIMEOUT_SECONDS", 60))  # 60 seconds

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8df78196c86e7763 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1345
_background_health_check_max_tokens_env = os.getenv("BACKGROUND_HEALTH_CHECK_MAX_TOKENS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d29549256dd4ebdc Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1357
_background_health_check_max_tokens_reasoning_env = os.getenv("BACKGROUND_HEALTH_CHECK_MAX_TOKENS_REASONING")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9296a4924504f7d6 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1388
LITELLM_KEY_ROTATION_ENABLED = os.getenv("LITELLM_KEY_ROTATION_ENABLED", "false")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #18a0f19e23eab02a Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1390
    os.getenv("LITELLM_KEY_ROTATION_CHECK_INTERVAL_SECONDS", 86400)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d1f0b8889a4c11c9 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1392
LITELLM_KEY_ROTATION_GRACE_PERIOD: str = os.getenv(
    "LITELLM_KEY_ROTATION_GRACE_PERIOD", ""
)  # Duration to keep old key valid after rotation (e.g. "24h", "2d"); empty = immediate revoke (default)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8e59c3fe2dae70c5 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1396
    os.getenv("LITELLM_KEY_ROTATION_LOCK_TTL_SECONDS", 600)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #80cd60e5d44fdf96 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1399
LITELLM_EXPIRED_UI_SESSION_KEY_CLEANUP_ENABLED = os.getenv("LITELLM_EXPIRED_UI_SESSION_KEY_CLEANUP_ENABLED", "false")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #db44bd7d9a52dcf0 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1401
    os.getenv("LITELLM_EXPIRED_UI_SESSION_KEY_CLEANUP_INTERVAL_SECONDS", 86400)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #23b19d77f367f961 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1404
    os.getenv("LITELLM_EXPIRED_UI_SESSION_KEY_CLEANUP_BATCH_SIZE", 1000)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5500a49b0122f895 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1416
    os.getenv("CLI_JWT_EXPIRATION_HOURS") or os.getenv("LITELLM_CLI_JWT_EXPIRATION_HOURS") or 24

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a551ba4b42a82ac2 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1420
CLI_SSO_CLAIM_MAP = os.getenv("CLI_SSO_CLAIM_MAP") or os.getenv("LITELLM_CLI_SSO_CLAIM_MAP") or ""

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9b286a90d9af0ab3 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1426
LITELLM_UI_SESSION_DURATION = os.getenv("LITELLM_UI_SESSION_DURATION", "24h")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b359f2a3a006546a Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1434
CLOUDZERO_MAX_FETCHED_DATA_RECORDS = int(os.getenv("CLOUDZERO_MAX_FETCHED_DATA_RECORDS", 50000))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a0e1a02866f7b99e Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1438
SPEND_LOG_RUN_LOOPS = int(os.getenv("SPEND_LOG_RUN_LOOPS", 500))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #758ba6611d35f3b0 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1439
SPEND_LOG_CLEANUP_BATCH_SIZE = int(os.getenv("SPEND_LOG_CLEANUP_BATCH_SIZE", 1000))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9cb15eda7cc11a2a Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1440
SPEND_LOG_CLEANUP_MAX_CONSECUTIVE_BATCH_FAILURES = int(os.getenv("SPEND_LOG_CLEANUP_MAX_CONSECUTIVE_BATCH_FAILURES", 3))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #33816310630c8e59 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1442
    os.getenv("SPEND_LOG_CLEANUP_BATCH_FAILURE_BACKOFF_SECONDS", 0.5)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1ff81babeb077e59 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1444
SPEND_LOG_PARTITION_INTERVAL = os.getenv("SPEND_LOG_PARTITION_INTERVAL", "day")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #afc13f1039323352 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1445
SPEND_LOG_PARTITION_PRECREATE_AHEAD = int(os.getenv("SPEND_LOG_PARTITION_PRECREATE_AHEAD", 7))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1cee65404a67a260 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1446
SPEND_LOG_QUEUE_SIZE_THRESHOLD = int(os.getenv("SPEND_LOG_QUEUE_SIZE_THRESHOLD", 100))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1cb42d643da5ebd0 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1447
SPEND_LOG_QUEUE_POLL_INTERVAL = float(os.getenv("SPEND_LOG_QUEUE_POLL_INTERVAL", 2.0))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b229f72149fe7b26 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1448
SPEND_COUNTER_RESEED_LOCKS_MAX_SIZE = int(os.getenv("SPEND_COUNTER_RESEED_LOCKS_MAX_SIZE", 10000))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #270efd84ec6b20d6 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1449
DEFAULT_CRON_JOB_LOCK_TTL_SECONDS = int(os.getenv("DEFAULT_CRON_JOB_LOCK_TTL_SECONDS", 60))  # 1 minute

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2066f0749000979e Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1450
PROXY_BUDGET_RESCHEDULER_MIN_TIME = int(os.getenv("PROXY_BUDGET_RESCHEDULER_MIN_TIME", 597))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #28f226dd6839f91c Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1451
PROXY_BATCH_POLLING_INTERVAL = int(os.getenv("PROXY_BATCH_POLLING_INTERVAL", 3600))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7a00138df827ddc3 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1452
MAX_OBJECTS_PER_POLL_CYCLE = max(1, int(os.getenv("MAX_OBJECTS_PER_POLL_CYCLE", 50)))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #407248703ab45a30 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1453
MANAGED_OBJECT_STALENESS_CUTOFF_DAYS = max(1, int(os.getenv("MANAGED_OBJECT_STALENESS_CUTOFF_DAYS", 7)))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a91e974f4ff632b1 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1454
STALE_OBJECT_CLEANUP_BATCH_SIZE = max(1, int(os.getenv("STALE_OBJECT_CLEANUP_BATCH_SIZE", 1000)))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5a1c8980b40b0bfb Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1458
_batch_polling_env = os.getenv("PROXY_BATCH_POLLING_ENABLED", "true").lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #310758189bebb6fe Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1460
PROXY_BUDGET_RESCHEDULER_MAX_TIME = int(os.getenv("PROXY_BUDGET_RESCHEDULER_MAX_TIME", 605))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #309ce1cf2f21bc0b Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1461
PROXY_BATCH_WRITE_AT = int(os.getenv("PROXY_BATCH_WRITE_AT", 10))  # in seconds, increased from 10

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f1b4e957e164f58b Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1465
APSCHEDULER_COALESCE = os.getenv("APSCHEDULER_COALESCE", "True").lower() in [

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #56e6c5fe5af3ed9a Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1470
    os.getenv("APSCHEDULER_MISFIRE_GRACE_TIME", 3600)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #65b2716d511a7ab5 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1472
APSCHEDULER_MAX_INSTANCES = int(os.getenv("APSCHEDULER_MAX_INSTANCES", 1))  # prevent concurrent job instances

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #30bbac2d5146987c Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1473
APSCHEDULER_REPLACE_EXISTING = os.getenv("APSCHEDULER_REPLACE_EXISTING", "True").lower() in [

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e00c00dcce28fd59 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1482
DEFAULT_HEALTH_CHECK_INTERVAL = int(os.getenv("DEFAULT_HEALTH_CHECK_INTERVAL", 300))  # 5 minutes

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b06daeadef3463af Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1484
    os.getenv("DEFAULT_SHARED_HEALTH_CHECK_TTL", 300)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f6c1128081369e17 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1487
    os.getenv("DEFAULT_SHARED_HEALTH_CHECK_LOCK_TTL", 60)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1ae7c1cdebf05d02 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1490
PROMETHEUS_FALLBACK_STATS_SEND_TIME_HOURS = int(os.getenv("PROMETHEUS_FALLBACK_STATS_SEND_TIME_HOURS", 9))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #97b513ea9dfb4c7b Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1492
    os.getenv("DEFAULT_MODEL_CREATED_AT_TIME", 1677610602)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b602a2b9cb361e1e Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1494
DEFAULT_SLACK_ALERTING_THRESHOLD = int(os.getenv("DEFAULT_SLACK_ALERTING_THRESHOLD", 300))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #70cc703c98f4c681 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1495
MAX_TEAM_LIST_LIMIT = int(os.getenv("MAX_TEAM_LIST_LIMIT", 20))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6c3447cefe9933c8 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1496
MAX_POLICY_ESTIMATE_IMPACT_ROWS = int(os.getenv("MAX_POLICY_ESTIMATE_IMPACT_ROWS", 1000))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8719c97ac7a6a488 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1497
DEFAULT_PROMPT_INJECTION_SIMILARITY_THRESHOLD = float(os.getenv("DEFAULT_PROMPT_INJECTION_SIMILARITY_THRESHOLD", 0.7))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7ee848a421b1ac9d Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1498
LENGTH_OF_LITELLM_GENERATED_KEY = int(os.getenv("LENGTH_OF_LITELLM_GENERATED_KEY", 16))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c460ad6cc3594b24 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1499
SECRET_MANAGER_REFRESH_INTERVAL = int(os.getenv("SECRET_MANAGER_REFRESH_INTERVAL", 86400))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8e0dffe3721596f7 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1511
DEFAULT_MANAGEMENT_OBJECT_IN_MEMORY_CACHE_TTL = int(os.getenv("DEFAULT_MANAGEMENT_OBJECT_IN_MEMORY_CACHE_TTL", 60))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b32301488a721919 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1512
DEFAULT_ACCESS_GROUP_CACHE_TTL = int(os.getenv("DEFAULT_ACCESS_GROUP_CACHE_TTL", 600))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #610e1e1f82bba9cd Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1591
COROUTINE_CHECKER_MAX_SIZE_IN_MEMORY = int(os.getenv("COROUTINE_CHECKER_MAX_SIZE_IN_MEMORY", 1000))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c6ae7c614b74882b Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1594
DEFAULT_CHUNK_SIZE = int(os.getenv("DEFAULT_CHUNK_SIZE", 1000))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3e11940e7fab1dc1 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1595
DEFAULT_CHUNK_OVERLAP = int(os.getenv("DEFAULT_CHUNK_OVERLAP", 200))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #78ea9c479dc852f5 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1598
S3_VECTORS_DEFAULT_DIMENSION = int(os.getenv("S3_VECTORS_DEFAULT_DIMENSION", 1024))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a9df8824dd6eea7e Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1599
S3_VECTORS_DEFAULT_DISTANCE_METRIC = str(os.getenv("S3_VECTORS_DEFAULT_DISTANCE_METRIC", "cosine"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0cbdee8435912549 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1603
MICROSOFT_USER_EMAIL_ATTRIBUTE = str(os.getenv("MICROSOFT_USER_EMAIL_ATTRIBUTE", "userPrincipalName"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e953f0a8e1a404f7 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1604
MICROSOFT_USER_DISPLAY_NAME_ATTRIBUTE = str(os.getenv("MICROSOFT_USER_DISPLAY_NAME_ATTRIBUTE", "displayName"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #20b556da3dfc5a47 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1605
MICROSOFT_USER_ID_ATTRIBUTE = str(os.getenv("MICROSOFT_USER_ID_ATTRIBUTE", "id"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #58da453aebe106a6 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1606
MICROSOFT_USER_FIRST_NAME_ATTRIBUTE = str(os.getenv("MICROSOFT_USER_FIRST_NAME_ATTRIBUTE", "givenName"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ef4830881494632f Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1607
MICROSOFT_USER_LAST_NAME_ATTRIBUTE = str(os.getenv("MICROSOFT_USER_LAST_NAME_ATTRIBUTE", "surname"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c07b79de6297a12a Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1611
MAX_PAYLOAD_SIZE_FOR_DEBUG_LOG = int(os.getenv("MAX_PAYLOAD_SIZE_FOR_DEBUG_LOG", 102400))  # 100 KB

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #58836954d45b55e8 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1614
MAX_COMPETITOR_NAMES = int(os.getenv("MAX_COMPETITOR_NAMES", 100))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #616227614cdc1400 Environment-variable access.
pkgs/python/[email protected]/litellm/constants.py:1615
COMPETITOR_LLM_TEMPERATURE = float(os.getenv("COMPETITOR_LLM_TEMPERATURE", 0.3))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #13e28846038f4c38 Filesystem access.
pkgs/python/[email protected]/litellm/containers/endpoint_factory.py:40
    with open(config_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #51838a9a26d7ba92 Environment-variable access.
pkgs/python/[email protected]/litellm/experimental_mcp_client/client.py:326
            if key in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f5db3adff27aad61 Environment-variable access.
pkgs/python/[email protected]/litellm/experimental_mcp_client/client.py:327
                safe_env[key] = os.environ[key]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #350bc536efa8f3ac Environment-variable access.
pkgs/python/[email protected]/litellm/fine_tuning/main.py:201
                or os.getenv("OPENAI_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d6e8fc16f592d0d3 Environment-variable access.
pkgs/python/[email protected]/litellm/fine_tuning/main.py:202
                or os.getenv("OPENAI_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dbc15b00b9fac969 Environment-variable access.
pkgs/python/[email protected]/litellm/fine_tuning/main.py:208
                or os.getenv("OPENAI_ORGANIZATION", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7e8ff75275157880 Environment-variable access.
pkgs/python/[email protected]/litellm/fine_tuning/main.py:216
                or os.getenv("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #875e0bcb9d4f9472 Environment-variable access.
pkgs/python/[email protected]/litellm/fine_tuning/main.py:414
                or os.getenv("OPENAI_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #55d1082bff5bbe18 Environment-variable access.
pkgs/python/[email protected]/litellm/fine_tuning/main.py:415
                or os.getenv("OPENAI_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9d19455c16d78b05 Environment-variable access.
pkgs/python/[email protected]/litellm/fine_tuning/main.py:421
                or os.getenv("OPENAI_ORGANIZATION", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c00cdd859bc694cc Environment-variable access.
pkgs/python/[email protected]/litellm/fine_tuning/main.py:429
                or os.getenv("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cfcaffd7941457fa Environment-variable access.
pkgs/python/[email protected]/litellm/fine_tuning/main.py:572
                or os.getenv("OPENAI_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c823eedaaab8b60b Environment-variable access.
pkgs/python/[email protected]/litellm/fine_tuning/main.py:573
                or os.getenv("OPENAI_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #633e42a1b36516c2 Environment-variable access.
pkgs/python/[email protected]/litellm/fine_tuning/main.py:579
                or os.getenv("OPENAI_ORGANIZATION", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #22b8fb562ba97a4a Environment-variable access.
pkgs/python/[email protected]/litellm/fine_tuning/main.py:587
                or os.getenv("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #51ad5f8586504dfa Environment-variable access.
pkgs/python/[email protected]/litellm/fine_tuning/main.py:725
                or os.getenv("OPENAI_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #54e90475bd40113d Environment-variable access.
pkgs/python/[email protected]/litellm/fine_tuning/main.py:726
                or os.getenv("OPENAI_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fec849e2750f0779 Environment-variable access.
pkgs/python/[email protected]/litellm/fine_tuning/main.py:730
                optional_params.organization or litellm.organization or os.getenv("OPENAI_ORGANIZATION", None) or None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ca5f963284c448af Environment-variable access.
pkgs/python/[email protected]/litellm/fine_tuning/main.py:732
            api_key = optional_params.api_key or litellm.api_key or litellm.openai_key or os.getenv("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ff7827b0d024e009 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/SlackAlerting/slack_alerting.py:1041
    base_url={os.getenv("PROXY_BASE_URL", "http://0.0.0.0:4000")}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #af7bd6e9e3ee2591 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/SlackAlerting/slack_alerting.py:1086
        webhook_url = os.getenv("WEBHOOK_URL", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a7b7ce81ae2c278e Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/SlackAlerting/slack_alerting.py:1131
            email_logo_url = os.getenv("SMTP_SENDER_LOGO", os.getenv("EMAIL_LOGO_URL", None))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c0a402d21f46601f Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/SlackAlerting/slack_alerting.py:1132
            email_support_contact = os.getenv("EMAIL_SUPPORT_CONTACT", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #607444e0c0dbc9ce Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/SlackAlerting/slack_alerting.py:1150
            base_url = os.getenv("PROXY_BASE_URL", "http://0.0.0.0:4000")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #62f24efc219290e7 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/SlackAlerting/slack_alerting.py:1219
        email_logo_url = os.getenv("SMTP_SENDER_LOGO", os.getenv("EMAIL_LOGO_URL", None))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #14dcf0ae42461f9b Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/SlackAlerting/slack_alerting.py:1220
        email_support_contact = os.getenv("EMAIL_SUPPORT_CONTACT", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1f8dbd5417bf104b Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/SlackAlerting/slack_alerting.py:1330
                _digest_webhook = os.getenv("SLACK_WEBHOOK_URL", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f2928d2939a5ec00 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/SlackAlerting/slack_alerting.py:1357
        _proxy_base_url = os.getenv("PROXY_BASE_URL", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1886b837f167f27c Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/SlackAlerting/slack_alerting.py:1383
            slack_webhook_url = os.getenv("SLACK_WEBHOOK_URL", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #323504a6c0bacc58 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/SlackAlerting/slack_alerting.py:1459
                _proxy_base_url = os.getenv("PROXY_BASE_URL", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7793370557d8e417 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/agentops/agentops.py:24
            api_key=os.getenv("AGENTOPS_API_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6077081a2777a881 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/agentops/agentops.py:25
            service_name=os.getenv("AGENTOPS_SERVICE_NAME", "agentops"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7cd48e4a1fbb1a71 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/agentops/agentops.py:26
            deployment_environment=os.getenv("AGENTOPS_ENVIRONMENT", "production"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #388265484c888225 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/argilla.py:59
            float(os.getenv("ARGILLA_SAMPLING_RATE"))  # type: ignore

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d34c43744d17bd90 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/argilla.py:60
            if os.getenv("ARGILLA_SAMPLING_RATE") is not None and os.getenv("ARGILLA_SAMPLING_RATE").strip().isdigit()  # type: ignore

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4c65f44574725f33 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/argilla.py:65
        _batch_size = os.getenv("ARGILLA_BATCH_SIZE", None) or litellm.argilla_batch_size

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5a9ddacc9af3c8ff Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/argilla.py:88
        _credentials_api_key = argilla_api_key or os.getenv("ARGILLA_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3b812d50a4be4213 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/argilla.py:92
        _credentials_base_url = argilla_base_url or os.getenv("ARGILLA_BASE_URL") or "http://localhost:6900/"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d03b612e4f08a5e4 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/argilla.py:96
        _credentials_dataset_name = argilla_dataset_name or os.getenv("ARGILLA_DATASET_NAME") or "litellm-completion"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #61d5573655d2c479 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/argilla.py:199
                float(os.getenv("LANGSMITH_SAMPLING_RATE"))  # type: ignore

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #536de82681769576 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/argilla.py:200
                if os.getenv("LANGSMITH_SAMPLING_RATE") is not None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c219e4bb0374960f Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/argilla.py:201
                and os.getenv("LANGSMITH_SAMPLING_RATE").strip().isdigit()  # type: ignore

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #78c7fcb76438547a Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/arize/__init__.py:20
    api_key = getattr(litellm_params, "api_key", None) or os.environ.get("PHOENIX_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1c8f7fd84af0c96b Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/arize/arize.py:86
        space_id = os.environ.get("ARIZE_SPACE_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cf2d1933698311f1 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/arize/arize.py:87
        space_key = os.environ.get("ARIZE_SPACE_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b4750337484876c1 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/arize/arize.py:88
        api_key = os.environ.get("ARIZE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a12493c9ef54f2e9 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/arize/arize.py:89
        project_name = os.environ.get("ARIZE_PROJECT_NAME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #88ee728a28f14256 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/arize/arize.py:91
        grpc_endpoint = os.environ.get("ARIZE_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f492b0209cbdbd9d Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/arize/arize.py:92
        http_endpoint = os.environ.get("ARIZE_HTTP_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5bbfdece0debcb86 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/arize/arize_phoenix.py:284
            os.environ.get("PHOENIX_PROJECT_NAME") or os.environ.get("ARIZE_PROJECT_NAME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #83f6ede63cab089d Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/arize/arize_phoenix.py:396
        api_key = os.environ.get("PHOENIX_API_KEY", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8d62eaaaa83bdb52 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/arize/arize_phoenix.py:398
        collector_endpoint = os.environ.get("PHOENIX_COLLECTOR_HTTP_ENDPOINT", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6fedbb5462740d36 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/arize/arize_phoenix.py:401
            grpc_endpoint = os.environ.get("PHOENIX_COLLECTOR_ENDPOINT", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #71c7b451cf0522a1 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/arize/arize_phoenix.py:402
            http_endpoint = os.environ.get("PHOENIX_COLLECTOR_HTTP_ENDPOINT", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7917d9360f7280b4 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/arize/arize_phoenix.py:441
        project_name = os.environ.get("PHOENIX_PROJECT_NAME") or "default"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #9b8494d48c014f8c Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/integrations/arize/arize_phoenix_client.py:104
            response = self.http_handler.client.get(url, headers=self.headers)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #d3ea51ca82c19a50 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/athina.py:10
        self.athina_api_key = os.getenv("ATHINA_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #09a1f7ab86972e7d Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/athina.py:15
        self.athina_logging_url = os.getenv("ATHINA_BASE_URL", "https://log.athina.ai") + "/api/v1/log/inference"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #da42733a4304f69b Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/integrations/athina.py:74
            response = litellm.module_level_client.post(
                self.athina_logging_url,
                headers=self.headers,
                data=json.dumps(data, default=str),
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #259d60f2a681c0de Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/azure_sentinel/azure_sentinel.py:68
        resolved_dcr_immutable_id = dcr_immutable_id or os.getenv("AZURE_SENTINEL_DCR_IMMUTABLE_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #63ad297042a33850 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/azure_sentinel/azure_sentinel.py:69
        resolved_stream_name = stream_name or os.getenv("AZURE_SENTINEL_STREAM_NAME") or "Custom-LiteLLM"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9ca4ba0c5931a636 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/azure_sentinel/azure_sentinel.py:71
            audit_stream_name or os.getenv("AZURE_SENTINEL_AUDIT_STREAM_NAME") or resolved_stream_name

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6e05afa1964fc098 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/azure_sentinel/azure_sentinel.py:73
        resolved_endpoint = endpoint or os.getenv("AZURE_SENTINEL_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fb0dd4a7649dcb1d Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/azure_sentinel/azure_sentinel.py:74
        resolved_tenant_id = tenant_id or os.getenv("AZURE_SENTINEL_TENANT_ID") or os.getenv("AZURE_TENANT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #117111ad0ebec492 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/azure_sentinel/azure_sentinel.py:75
        resolved_client_id = client_id or os.getenv("AZURE_SENTINEL_CLIENT_ID") or os.getenv("AZURE_CLIENT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #988660d7102a663e Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/azure_sentinel/azure_sentinel.py:77
            client_secret or os.getenv("AZURE_SENTINEL_CLIENT_SECRET") or os.getenv("AZURE_CLIENT_SECRET")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #88b1b38e297f0f5d Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/azure_storage/azure_storage.py:30
            self.tenant_id = os.getenv("AZURE_STORAGE_TENANT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6eff4c57135b62de Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/azure_storage/azure_storage.py:31
            self.client_id = os.getenv("AZURE_STORAGE_CLIENT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1cc041dfde830fe0 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/azure_storage/azure_storage.py:32
            self.client_secret = os.getenv("AZURE_STORAGE_CLIENT_SECRET")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0ad0ed9801df410c Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/azure_storage/azure_storage.py:33
            self.azure_storage_account_key: Optional[str] = os.getenv("AZURE_STORAGE_ACCOUNT_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a24466f3094f67f8 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/azure_storage/azure_storage.py:36
            _azure_storage_account_name = os.getenv("AZURE_STORAGE_ACCOUNT_NAME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2c33de13c3f5368e Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/azure_storage/azure_storage.py:40
            _azure_storage_file_system = os.getenv("AZURE_STORAGE_FILE_SYSTEM")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #dbb5c5b3db99dfde Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/integrations/azure_storage/azure_storage.py:171
            response = await client.put(f"{base_url}?resource=file", headers=headers)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #7a1b2e19753184d1 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/braintrust_logging.py:44
        self.api_base = api_base or os.getenv("BRAINTRUST_API_BASE") or API_BASE

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a3bb18d10aab543b Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/braintrust_logging.py:46
        self.api_key: str = api_key or os.getenv("BRAINTRUST_API_KEY")  # type: ignore

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6c8bf21dcd225d34 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/braintrust_logging.py:63
        if api_key is None and os.getenv("BRAINTRUST_API_KEY", None) is None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #8683b15949587e89 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/integrations/braintrust_logging.py:78
            response = self.global_braintrust_sync_http_handler.post(
                f"{self.api_base}/project",
                headers=self.headers,
                json={"name": project_name},
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #be15f18284d0bc31 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/integrations/braintrust_logging.py:98
            response = await self.global_braintrust_http_handler.post(
                f"{self.api_base}/project/register",
                headers=self.headers,
                json={"name": project_name},
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #93cd59ffd671ca35 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/integrations/braintrust_logging.py:111
        project = await self.global_braintrust_http_handler.post(
            f"{self.api_base}/project", headers=self.headers, json={"name": "litellm"}
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #638bce770c210300 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/integrations/braintrust_logging.py:120
        project = self.global_braintrust_sync_http_handler.post(
            f"{self.api_base}/project", headers=self.headers, json={"name": "litellm"}
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #0add2c981a006493 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/braintrust_mock_client.py:54
_MOCK_LATENCY_SECONDS = float(os.getenv("BRAINTRUST_MOCK_LATENCY_MS", "100")) / 1000.0

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bea19c07de212d50 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/cloudzero/cloudzero.py:37
        self.api_key = api_key or os.getenv("CLOUDZERO_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #62b1ad59c0702bfe Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/cloudzero/cloudzero.py:38
        self.connection_id = connection_id or os.getenv("CLOUDZERO_CONNECTION_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #410cbe9d09affbf5 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/cloudzero/cloudzero.py:39
        self.timezone = timezone or os.getenv("CLOUDZERO_TIMEZONE", "UTC")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #791a176213bde8e9 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/integrations/cloudzero/cz_stream_api.py:171
                response = client.post(url, headers=headers, json=payload)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #45283bc5216833fa Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/datadog/datadog.py:73
    raw = os.getenv("DD_BATCH_SIZE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c7ddba1781d62f36 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/datadog/datadog.py:144
            resolved_agent_host = dd_agent_host or os.getenv("LITELLM_DD_AGENT_HOST")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3ba25e554039349f Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/datadog/datadog.py:206
        resolved_port = dd_agent_port or os.getenv("LITELLM_DD_AGENT_PORT", "10518")  # default port for logs

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fd918c20720c9a92 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/datadog/datadog.py:209
            os.getenv("DD_API_KEY") if allow_env_credentials else None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5c2a85d756badd37 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/datadog/datadog.py:230
        resolved_api_key = dd_api_key or (os.getenv("DD_API_KEY") if allow_env_credentials else None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f5a4105eeb3d942f Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/datadog/datadog.py:231
        resolved_site = dd_site or os.getenv("DD_SITE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #116fc8e7b9be74a2 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/datadog/datadog_cost_management.py:49
        self.dd_api_key = os.getenv("DD_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c09b2737a14583c9 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/datadog/datadog_cost_management.py:50
        self.dd_app_key = os.getenv("DD_APP_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c0a709bce08742ca Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/datadog/datadog_cost_management.py:51
        self.dd_site = os.getenv("DD_SITE", "datadoghq.com")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #c910472890d230d5 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/integrations/datadog/datadog_cost_management.py:252
        response = await self.async_client.put(self.upload_url, content=data_json, headers=headers)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #cd698a95e1d7aa4d Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/datadog/datadog_handler.py:12
    return os.getenv("DD_SOURCE", "litellm")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3ccb8c45e1d06036 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/datadog/datadog_handler.py:16
    return os.getenv("DD_SERVICE", "litellm-server")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cbf694a562f2c36a Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/datadog/datadog_handler.py:20
    return os.getenv("HOSTNAME", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9239502126dcb65d Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/datadog/datadog_handler.py:28
    return os.getenv("DD_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f4f7af0f1e80612c Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/datadog/datadog_handler.py:32
    return os.getenv("DD_ENV", "unknown")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #60402c3e23ed8115 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/datadog/datadog_handler.py:36
    return os.getenv("POD_NAME", "unknown")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1febd56178f6c34c Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/datadog/datadog_handler.py:52
        "version": os.getenv("DD_VERSION", "unknown"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #77594b8eea8fa0fd Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/datadog/datadog_llm_obs.py:61
            dd_agent_host = os.getenv("LITELLM_DD_AGENT_HOST")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #22bff2a30ddcf225 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/datadog/datadog_llm_obs.py:64
            self.DD_API_KEY = os.getenv("DD_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #15571e07f324d4d3 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/datadog/datadog_llm_obs.py:70
                if os.getenv("DD_API_KEY", None) is None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b6e857466e7e1711 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/datadog/datadog_llm_obs.py:72
                if os.getenv("DD_SITE", None) is None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c70c05ff3e2762a0 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/datadog/datadog_llm_obs.py:103
        agent_port = os.getenv("LITELLM_DD_LLM_OBS_PORT", "8126")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b6da208e68d0b241 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/datadog/datadog_llm_obs.py:115
        self.DD_SITE = os.getenv("DD_SITE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9128ffd51e4e85b9 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/datadog/datadog_metrics.py:32
        self.dd_api_key = os.getenv("DD_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #76c25aefa1bc804e Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/datadog/datadog_metrics.py:33
        self.dd_app_key = os.getenv("DD_APP_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bdcdc659bc00fc34 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/datadog/datadog_metrics.py:34
        self.dd_site = os.getenv("DD_SITE", "datadoghq.com")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9df70984af47356e Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/datadog/datadog_metrics.py:72
            f"version:{os.getenv('DD_VERSION', 'unknown')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #88b69df020ffbf0f Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/integrations/datadog/datadog_metrics.py:237
        response = await self.async_client.post(
            self.upload_url,
            content=compressed_data,
            headers=headers,  # type: ignore
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #5930bf2ecd582245 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/deepeval/deepeval.py:24
        api_key = os.getenv("CONFIDENT_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9754c19c84e9825f Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/deepeval/deepeval.py:25
        self.litellm_environment = os.getenv("LITELM_ENVIRONMENT", "development")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #015c9e54c5100c03 Filesystem access.
pkgs/python/[email protected]/litellm/integrations/dotprompt/prompt_manager.py:151
        content = file_path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2b4bca439448dac4 Filesystem access.
pkgs/python/[email protected]/litellm/integrations/dotprompt/prompt_manager.py:308
        content = file_path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #50036f3965b6b994 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/dynamodb.py:19
        self.dynamodb: Any = boto3.resource("dynamodb", region_name=os.environ["AWS_REGION_NAME"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d072f77ab87a1ea2 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/email_alerting.py:79
    email_logo_url = os.getenv("SMTP_SENDER_LOGO", os.getenv("EMAIL_LOGO_URL", None))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c45eb980bb568f22 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/email_alerting.py:80
    email_support_contact = os.getenv("EMAIL_SUPPORT_CONTACT", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5d207681c80b9234 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/focus/destinations/factory.py:46
                "bucket_name": overrides.get("bucket_name") or os.getenv("FOCUS_S3_BUCKET_NAME"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c04057f8741c005d Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/focus/destinations/factory.py:47
                "region_name": overrides.get("region_name") or os.getenv("FOCUS_S3_REGION_NAME"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c50f76b0d56ff757 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/focus/destinations/factory.py:48
                "endpoint_url": overrides.get("endpoint_url") or os.getenv("FOCUS_S3_ENDPOINT_URL"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #efc1da1c9e24874c Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/focus/destinations/factory.py:49
                "aws_access_key_id": overrides.get("aws_access_key_id") or os.getenv("FOCUS_S3_ACCESS_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #79cb080080ce2463 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/focus/destinations/factory.py:50
                "aws_secret_access_key": overrides.get("aws_secret_access_key") or os.getenv("FOCUS_S3_SECRET_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fbb83a32891abf25 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/focus/destinations/factory.py:51
                "aws_session_token": overrides.get("aws_session_token") or os.getenv("FOCUS_S3_SESSION_TOKEN"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #efb029aebab96805 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/focus/destinations/factory.py:58
                "api_key": overrides.get("api_key") or os.getenv("VANTAGE_API_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6293ccc47fa4020a Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/focus/destinations/factory.py:59
                "integration_token": overrides.get("integration_token") or os.getenv("VANTAGE_INTEGRATION_TOKEN"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d81ca454b3f03df0 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/focus/destinations/factory.py:60
                "base_url": overrides.get("base_url") or os.getenv("VANTAGE_BASE_URL", "https://api.vantage.sh"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #aeb3755c6a8eeead Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/focus/destinations/factory.py:69
                "bucket_name": overrides.get("bucket_name") or os.getenv("FOCUS_GCS_BUCKET_NAME"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6ce453dff4dece4f Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/focus/destinations/factory.py:71
                or os.getenv("FOCUS_GCS_PATH_SERVICE_ACCOUNT"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #440bd4b44740596f Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/focus/destinations/factory.py:78
                "api_key": overrides.get("api_key") or os.getenv("MAVVRIK_API_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c11778dc47eb51f0 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/focus/destinations/factory.py:79
                "api_endpoint": overrides.get("api_endpoint") or os.getenv("MAVVRIK_API_ENDPOINT"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #785ca90f49c1bdc0 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/focus/destinations/factory.py:80
                "connection_id": overrides.get("connection_id") or os.getenv("MAVVRIK_CONNECTION_ID"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #ae6ca27d5b5e898a Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/integrations/focus/destinations/vantage_destination.py:154
        await client.post(
            url,
            headers=headers,
            files={"csv": (filename, csv_bytes, "text/csv")},
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #26cdb6cdcdac422a Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/focus/focus_logger.py:41
        self.provider = (provider or os.getenv("FOCUS_PROVIDER") or "s3").lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #446d1078b8f6288e Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/focus/focus_logger.py:42
        self.export_format = (export_format or os.getenv("FOCUS_FORMAT") or "parquet").lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b5769ae4bd01c2f2 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/focus/focus_logger.py:43
        self.frequency = (frequency or os.getenv("FOCUS_FREQUENCY") or "hourly").lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8a0db358f4897e1e Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/focus/focus_logger.py:45
            cron_offset_minute if cron_offset_minute is not None else int(os.getenv("FOCUS_CRON_OFFSET", "5"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ea034dd048fea5c7 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/focus/focus_logger.py:47
        raw_interval = interval_seconds if interval_seconds is not None else os.getenv("FOCUS_INTERVAL_SECONDS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2081226fa8c77fa7 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/focus/focus_logger.py:57
        env_prefix = os.getenv("FOCUS_PREFIX")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0513a236f52d0fc1 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/galileo.py:64
        self.api_key = os.getenv("GALILEO_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ceac56526c08af61 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/galileo.py:65
        self.project_id = os.getenv("GALILEO_PROJECT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cd6b7f8ad99f1e31 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/galileo.py:66
        self.log_stream_id = os.getenv("GALILEO_LOG_STREAM_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ced9031e64090f44 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/galileo.py:67
        self.username = os.getenv("GALILEO_USERNAME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ac354069dbb23bf3 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/galileo.py:68
        self.password = os.getenv("GALILEO_PASSWORD")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5de825f01d20895d Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/galileo.py:69
        self.base_url = self._normalize_base_url(os.getenv("GALILEO_BASE_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6096967b49164223 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/gcs_bucket/gcs_bucket.py:34
        self.batch_size = int(os.getenv("GCS_BATCH_SIZE", GCS_DEFAULT_BATCH_SIZE))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #349e294a92e27817 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/gcs_bucket/gcs_bucket.py:35
        self.flush_interval = int(os.getenv("GCS_FLUSH_INTERVAL", GCS_DEFAULT_FLUSH_INTERVAL_SECONDS))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #72d80f598755739f Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/gcs_bucket/gcs_bucket.py:37
            os.getenv("GCS_USE_BATCHED_LOGGING", str(GCS_DEFAULT_USE_BATCHED_LOGGING).lower()).lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c3f39356854c66dc Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/gcs_bucket/gcs_bucket_base.py:41
        _path_service_account = os.getenv("GCS_PATH_SERVICE_ACCOUNT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7069ea0902af041a Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/gcs_bucket/gcs_bucket_base.py:42
        _bucket_name = bucket_name or os.getenv("GCS_BUCKET_NAME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #47b6a00f18666a2d Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/gcs_bucket/gcs_bucket_base.py:92
        project_id = os.getenv("GOOGLE_SECRET_MANAGER_PROJECT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6b7332029dfb79e2 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/gcs_pubsub/pub_sub.py:53
        self.project_id = project_id or os.getenv("GCS_PUBSUB_PROJECT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d22fbe46cbb797cc Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/gcs_pubsub/pub_sub.py:54
        self.topic_id = topic_id or os.getenv("GCS_PUBSUB_TOPIC_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3ff0831c8d4458ad Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/gcs_pubsub/pub_sub.py:55
        self.path_service_account_json = credentials_path or os.getenv("GCS_PATH_SERVICE_ACCOUNT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fe4f7b8ab5ae0a25 Filesystem access.
pkgs/python/[email protected]/litellm/integrations/generic_api/generic_api_callback.py:41
        with open(json_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b4095ccdbd2bdeff Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/generic_api/generic_api_callback.py:90
        return os.getenv(env_var_name, "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #028bb339f8359dd2 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/generic_api/generic_api_callback.py:154
        endpoint = endpoint or os.getenv("GENERIC_LOGGER_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4c9d490c0217f80d Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/generic_api/generic_api_callback.py:206
        env_headers = os.getenv("GENERIC_LOGGER_HEADERS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #e0ac4ef65c9b047b Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/integrations/generic_api/generic_api_callback.py:256
                return await self.async_httpx_client.post(**post_kwargs)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #5e3bb106a295d849 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/integrations/generic_prompt_management/generic_prompt_manager.py:119
            response = http_client.get(
                url,
                params=params,
                headers=self._get_headers(),
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #640288b701cc717d Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/integrations/generic_prompt_management/generic_prompt_manager.py:156
            response = await http_client.get(
                url,
                params=params,
                headers=self._get_headers(),
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #48fb7d115b9f9def Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/greenscale.py:12
        self.greenscale_api_key = os.getenv("GREENSCALE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9f7551fbda925854 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/greenscale.py:17
        self.greenscale_logging_url = os.getenv("GREENSCALE_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #74821d831810a3a3 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/integrations/greenscale.py:49
            response = litellm.module_level_client.post(
                self.greenscale_logging_url,
                headers=self.headers,
                data=json.dumps(data, default=str),
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #4f5c17781dae674e Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/helicone.py:37
        self.key = os.getenv("HELICONE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5abc54409ae49544 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/helicone.py:38
        self.api_base = os.getenv("HELICONE_API_BASE") or "https://api.hconeai.com"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #1c591c0e2336e067 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/integrations/helicone.py:191
            response = litellm.module_level_client.post(url, headers=headers, json=data)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #8df830b17ea4aa6d Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/lago.py:51
        if os.getenv("LAGO_API_KEY", None) is None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6c294578a3536dfb Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/lago.py:54
        if os.getenv("LAGO_API_BASE", None) is None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #17cc2bc3f78e93db Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/lago.py:57
        if os.getenv("LAGO_API_EVENT_CODE", None) is None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #69067d43de7f8995 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/lago.py:89
        if os.getenv("LAGO_API_CHARGE_BY", None) is not None and isinstance(os.environ["LAGO_API_CHARGE_BY"], str):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c770ae13f6810f2e Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/lago.py:90
            if os.environ["LAGO_API_CHARGE_BY"] in [

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #79cd380d54561a7d Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/lago.py:95
                charge_by = os.environ["LAGO_API_CHARGE_BY"]  # type: ignore

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bf71f874c2555a65 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/lago.py:117
                "code": os.getenv("LAGO_API_EVENT_CODE"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6cdd909983596030 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/lago.py:126
        _url = os.getenv("LAGO_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d4ca1e5c167a5afd Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/lago.py:135
        api_key = os.getenv("LAGO_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ba35d8621c1c6111 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/lago.py:160
            _url = os.getenv("LAGO_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #29e691503ff7c91d Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/lago.py:169
            api_key = os.getenv("LAGO_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ee9d1d048cfb2c65 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/langfuse/langfuse.py:98
        secret_key = langfuse_secret or langfuse_secret_key or os.getenv("LANGFUSE_SECRET_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4d1b417c299ff154 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/langfuse/langfuse.py:99
        public_key = langfuse_public_key or os.getenv("LANGFUSE_PUBLIC_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #992722680f9e4de6 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/langfuse/langfuse.py:101
    resolved_host = langfuse_host or os.getenv("LANGFUSE_HOST", "https://cloud.langfuse.com")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2e8ac0c71cdffecc Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/langfuse/langfuse.py:132
        self.langfuse_release = os.getenv("LANGFUSE_RELEASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #95589e5a20b5fbfe Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/langfuse/langfuse.py:133
        self.langfuse_debug = os.getenv("LANGFUSE_DEBUG")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #45b75b21ab6f6774 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/langfuse/langfuse.py:162
            os.environ["LANGFUSE_PROJECT_ID"] = "mock-project-id"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f3fc24dcc2c42ca5 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/langfuse/langfuse.py:167
                os.environ["LANGFUSE_PROJECT_ID"] = project_id

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #944b0fd9c16c0213 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/langfuse/langfuse.py:171
        if os.getenv("UPSTREAM_LANGFUSE_SECRET_KEY") is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #337a126bf55cb040 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/langfuse/langfuse.py:172
            upstream_langfuse_debug_env = os.getenv("UPSTREAM_LANGFUSE_DEBUG")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #951779e1c98bcfc2 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/langfuse/langfuse.py:176
            self.upstream_langfuse_secret_key = os.getenv("UPSTREAM_LANGFUSE_SECRET_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2479ec30a74119a7 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/langfuse/langfuse.py:177
            self.upstream_langfuse_public_key = os.getenv("UPSTREAM_LANGFUSE_PUBLIC_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9daff3b4d0c0b1dd Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/langfuse/langfuse.py:178
            self.upstream_langfuse_host = os.getenv("UPSTREAM_LANGFUSE_HOST")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dd22a62cf7c929f9 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/langfuse/langfuse.py:179
            self.upstream_langfuse_release = os.getenv("UPSTREAM_LANGFUSE_RELEASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #785458af2ecd4836 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/langfuse/langfuse.py:649
                proxy_base_url = os.environ.get("PROXY_BASE_URL", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b05f9c4d41493dd1 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/langfuse/langfuse.py:931
        return int(os.getenv("LANGFUSE_FLUSH_INTERVAL") or flush_interval)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7079d8008b40486e Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/langfuse/langfuse_otel.py:224
        langfuse_environment = os.environ.get("LANGFUSE_TRACING_ENVIRONMENT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bc04a3b1cbec5573 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/langfuse/langfuse_otel.py:254
        return os.environ.get("LANGFUSE_OTEL_HOST") or os.environ.get("LANGFUSE_HOST")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #04cc9a144a48ef3a Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/langfuse/langfuse_otel.py:263
        public_key = os.environ.get("LANGFUSE_PUBLIC_KEY", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bd649560d3e43f34 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/langfuse/langfuse_otel.py:264
        secret_key = os.environ.get("LANGFUSE_SECRET_KEY", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4b120796cb744cd5 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/langfuse/langfuse_otel.py:311
        public_key = os.environ.get("LANGFUSE_PUBLIC_KEY", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fe4069c8a9ee2bca Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/langfuse/langfuse_otel.py:312
        secret_key = os.environ.get("LANGFUSE_SECRET_KEY", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7ff1b56d4d5e7ac3 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/langfuse/langfuse_prompt_management.py:86
    langfuse_release = os.getenv("LANGFUSE_RELEASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f9ff02bd11ab027d Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/langfuse/langfuse_prompt_management.py:87
    langfuse_debug = os.getenv("LANGFUSE_DEBUG")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1fe6fafb4d1333ba Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/langfuse/langfuse_prompt_management.py:110
            cert=os.getenv("SSL_CERTIFICATE", litellm.ssl_certificate),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #14c57fd4a12b657e Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/langsmith.py:66
            langsmith_sampling_rate or float(os.getenv("LANGSMITH_SAMPLING_RATE"))  # type: ignore

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #20e8a1c83f332055 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/langsmith.py:67
            if os.getenv("LANGSMITH_SAMPLING_RATE") is not None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b2aa7f2519ea02d4 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/langsmith.py:68
            and os.getenv("LANGSMITH_SAMPLING_RATE").strip().isdigit()  # type: ignore

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d3a691f10ca8e4a3 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/langsmith.py:71
        self.langsmith_default_run_name = os.getenv("LANGSMITH_DEFAULT_RUN_NAME", "LLMRun")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #47b30c604ce9c270 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/langsmith.py:73
        _batch_size = os.getenv("LANGSMITH_BATCH_SIZE", None) or litellm.langsmith_batch_size

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7d7f0a8c37ee2e51 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/langsmith.py:111
            _credentials_api_key = langsmith_api_key or os.getenv("LANGSMITH_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #61951ebf85367600 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/langsmith.py:112
            _credentials_project = langsmith_project or os.getenv("LANGSMITH_PROJECT") or "litellm-completion"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #07242d250e00e2b1 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/langsmith.py:114
                langsmith_base_url or os.getenv("LANGSMITH_BASE_URL") or "https://api.smith.langchain.com"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4a6b37069dcbb68b Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/langsmith.py:116
            _credentials_tenant_id = langsmith_tenant_id or os.getenv("LANGSMITH_TENANT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6634982af3ded92e Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/levo/levo.py:52
        api_key = os.environ.get("LEVOAI_API_KEY", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e329103118dfaf97 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/levo/levo.py:53
        org_id = os.environ.get("LEVOAI_ORG_ID", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3ae690a80b324402 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/levo/levo.py:54
        workspace_id = os.environ.get("LEVOAI_WORKSPACE_ID", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #aae24dc3d9f8bb50 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/levo/levo.py:55
        collector_url = os.environ.get("LEVOAI_COLLECTOR_URL", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ff6e4605782163f8 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/literal_ai.py:28
        self.literalai_api_url = os.getenv("LITERAL_API_URL") or literalai_api_url

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fa65571a67bf6ee9 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/literal_ai.py:31
            "x-api-key": literalai_api_key or os.getenv("LITERAL_API_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #153f33ef7ca184de Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/literal_ai.py:38
        batch_size = os.getenv("LITERAL_BATCH_SIZE", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #733084393434503a Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/logfire_logger.py:36
                logfire.configure(token=os.getenv("LOGFIRE_TOKEN"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ebd96d830b4d7644 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/mavvrik_focus/mavvrik_focus_logger.py:87
        frequency = os.getenv("MAVVRIK_FOCUS_FREQUENCY", "daily").lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fa6f7ee8a599b5b3 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/mavvrik_focus/mavvrik_focus_logger.py:101
                "api_key": os.getenv("MAVVRIK_API_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8f21d87c9d9b1726 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/mavvrik_focus/mavvrik_focus_logger.py:102
                "api_endpoint": os.getenv("MAVVRIK_API_ENDPOINT"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #05ea570f180e74b3 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/mavvrik_focus/mavvrik_focus_logger.py:103
                "connection_id": os.getenv("MAVVRIK_CONNECTION_ID"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1f033423f372e95b Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/mavvrik_focus/mavvrik_focus_logger.py:107
        raw = os.getenv("MAVVRIK_FOCUS_MAX_ROWS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #46e43ca08a53e912 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/mock_client_factory.py:123
    _MOCK_LATENCY_SECONDS = float(os.getenv(latency_env, str(config.default_latency_ms))) / 1000.0

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #45caba6e68f46d54 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/mock_client_factory.py:270
        mock_mode = os.getenv(config.env_var, "false")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2ba613f7b674b1c5 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/newrelic/newrelic.py:96
        self.license_key = os.getenv("NEW_RELIC_LICENSE_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #67be9c54528e7745 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/newrelic/newrelic.py:97
        self.app_name = os.getenv("NEW_RELIC_APP_NAME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a34c4ead54cf6f23 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/newrelic/newrelic.py:164
        raw = os.getenv(var_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a97134e2f76f0775 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/openmeter.py:44
        if os.getenv("OPENMETER_API_KEY", None) is None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9a165f665b5a6724 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/openmeter.py:70
        trust_request_user = os.getenv("OPENMETER_TRUST_REQUEST_USER", "true").lower() != "false"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f7c4e09eb4155511 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/openmeter.py:90
            "type": os.getenv("OPENMETER_EVENT_TYPE", "litellm_tokens"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #540c458a4ac4cc8e Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/openmeter.py:99
        _url = os.getenv("OPENMETER_API_ENDPOINT", "https://openmeter.cloud")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #83069fac3df29e9a Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/openmeter.py:105
        api_key = os.getenv("OPENMETER_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ae8ad882e878dbdd Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/openmeter.py:125
        _url = os.getenv("OPENMETER_API_ENDPOINT", "https://openmeter.cloud")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fdfb0ec210fd9f45 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/openmeter.py:131
        api_key = os.getenv("OPENMETER_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d0e01cf46d0401f7 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:69
LITELLM_TRACER_NAME = os.getenv("OTEL_TRACER_NAME", "litellm")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #016842e04ffcb75c Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:70
LITELLM_METER_NAME = os.getenv("LITELLM_METER_NAME", "litellm")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #63003243b79aa924 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:71
LITELLM_LOGGER_NAME = os.getenv("LITELLM_LOGGER_NAME", "litellm")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #443d6ef1fa0c71a1 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:250
            self.service_name = os.getenv("OTEL_SERVICE_NAME", "litellm")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ea2d0a561a56f135 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:252
            self.deployment_environment = os.getenv("OTEL_ENVIRONMENT_NAME", "production")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #999797b848101342 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:254
            self.model_id = os.getenv("OTEL_MODEL_ID", self.service_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bf1950bf475ba45e Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:256
            self.ignore_context_propagation = str_to_bool(os.getenv("OTEL_IGNORE_CONTEXT_PROPAGATION"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a4bada85e8e8fc4f Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:259
        self.semconv_stability_opt_in |= parse_semconv_opt_in(os.getenv(OTEL_SEMCONV_STABILITY_OPT_IN_ENV))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2981e91c498d4528 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:262
        ) or _normalize_team_metadata_keys(os.getenv("LITELLM_OTEL_BAGGAGE_TEAM_METADATA_KEYS"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8c77137199f0c7b4 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:277
        exporter = os.getenv("OTEL_EXPORTER_OTLP_PROTOCOL", os.getenv("OTEL_EXPORTER", "console"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b037b623ad6cdb26 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:278
        endpoint = os.getenv("OTEL_EXPORTER_OTLP_ENDPOINT", os.getenv("OTEL_ENDPOINT"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #804018ba83882ba8 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:279
        headers = os.getenv(
            "OTEL_EXPORTER_OTLP_HEADERS", os.getenv("OTEL_HEADERS")
        )  # example: OTEL_HEADERS=x-honeycomb-team=B85YgLm96***"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0dddfd4e2759f38d Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:280
            "OTEL_EXPORTER_OTLP_HEADERS", os.getenv("OTEL_HEADERS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #26940661d5d7670d Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:282
        enable_metrics: bool = os.getenv("LITELLM_OTEL_INTEGRATION_ENABLE_METRICS", "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f42bf239221e1845 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:283
        enable_events: bool = os.getenv("LITELLM_OTEL_INTEGRATION_ENABLE_EVENTS", "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #83454e4e7fa16559 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:284
        service_name = os.getenv("OTEL_SERVICE_NAME", "litellm")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4c4af41fdc072b9f Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:285
        deployment_environment = os.getenv("OTEL_ENVIRONMENT_NAME", "production")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #db99b7fa0cd7aa77 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:286
        model_id = os.getenv("OTEL_MODEL_ID", service_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #07145c8184cfd505 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:339
        _debug_otel = str(os.getenv("DEBUG_OTEL", "False")).lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9cda69e7ccb2cde1 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:495
        explicit = self.config.capture_message_content or os.getenv(
            "OTEL_INSTRUMENTATION_GENAI_CAPTURE_MESSAGE_CONTENT"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d4a3f62ca1701455 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/opentelemetry.py:2866
        otel_logs_exporter = os.getenv("OTEL_LOGS_EXPORTER")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #74fca2dc763e214f Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/opik/utils.py:56
    return os.getenv((env_prefix + key).upper(), None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3bf9d840bc850037 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/otel/mount.py:116
            os.environ.get("OTEL_PYTHON_FASTAPI_EXCLUDED_URLS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b52eddd04f56a0d3 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/otel/mount.py:117
            if "OTEL_PYTHON_FASTAPI_EXCLUDED_URLS" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0844a469a4198866 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/posthog.py:54
            if os.getenv("POSTHOG_API_KEY", None) is None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4c19bae4b6ce0652 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/posthog.py:60
            self.POSTHOG_API_KEY = os.getenv("POSTHOG_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2ae5bacb855cf8e4 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/posthog.py:61
            posthog_api_url = os.getenv("POSTHOG_API_URL", "https://us.i.posthog.com")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1eafd8a94ffcf4e3 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/prometheus.py:73
    raw = os.getenv("PROMETHEUS_BUDGET_METRICS_PER_REQUEST_TIMEOUT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3d2cbbc046682794 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/prometheus.py:3813
        if "PROMETHEUS_MULTIPROC_DIR" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a1de62acb0c454d1 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/prompt_layer.py:15
        self.key = os.getenv("PROMPTLAYER_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #e61423f725494e21 Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/integrations/prompt_layer.py:46
            request_response = litellm.module_level_client.post(
                "https://api.promptlayer.com/rest/track-request",
                json={
                    "function_name": "openai.ChatCompletion.create",
                    "kwargs": new_kwargs,
                    "tags": tags,
                    "request_response": dict(response_obj),
                    "request_start_time": int(start_time.timestamp()),
                    "request_end_time": int(end_time.timestamp()),
                    "api_key": self.key,
                    # Optional params for PromptLayer
                    # "prompt_id": "<PROMPT ID>",
                    # "prompt_input_variables": "<Dictionary of variables for prompt>",
                    # "prompt_version":1,
                },
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #b1a60e7982d14d20 Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/integrations/prompt_layer.py:71
                    response = litellm.module_level_client.post(
                        "https://api.promptlayer.com/rest/track-metadata",
                        json={
                            "request_id": response_json["request_id"],
                            "api_key": self.key,
                            "metadata": metadata,
                        },
                    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #4440c03551219aee Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/rubrik.py:80
        rbrk_sampling_rate = os.getenv("RUBRIK_SAMPLING_RATE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #65850f2e3fccaee0 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/rubrik.py:90
        self.key = api_key or os.getenv("RUBRIK_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d1e9686f55202fb8 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/rubrik.py:93
        _batch_size = os.getenv("RUBRIK_BATCH_SIZE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0aab48e55e89cb9c Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/rubrik.py:109
        _webhook_url = api_base or os.getenv("RUBRIK_WEBHOOK_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #8d4b0f59e2fb80e7 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/integrations/rubrik.py:504
        http_response = await self.tool_blocking_client.post(
            self.tool_blocking_endpoint,
            json=envelope,
            headers=self._headers,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #c12537840a9bb8e8 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/integrations/s3_v2.py:366
                response = await self.async_httpx_client.put(request_url, data=json_string, headers=signed_headers)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #97bdcb15a32a31e7 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/integrations/s3_v2.py:544
                response = httpx_client.put(request_url, data=json_string, headers=signed_headers)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #eaa5e06bc11803e0 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/integrations/s3_v2.py:632
            response = await self.async_httpx_client.get(request_url, headers=signed_headers)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #ccc35061790392bf Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/integrations/sqs.py:303
            response = await self.async_httpx_client.post(
                self.sqs_queue_url,
                data=body,
                headers=signed_headers,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #4afb96c5ffd060c3 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/supabase.py:18
        self.supabase_url = os.getenv("SUPABASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #41dbcca6875a71fb Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/supabase.py:19
        self.supabase_key = os.getenv("SUPABASE_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ac015d70a160dde2 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/vantage/vantage_logger.py:46
        resolved_api_key = api_key or os.getenv("VANTAGE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cf5326b652208687 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/vantage/vantage_logger.py:47
        resolved_token = integration_token or os.getenv("VANTAGE_INTEGRATION_TOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5d68a14bbcfce6f8 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/vantage/vantage_logger.py:48
        resolved_base_url = base_url or os.getenv("VANTAGE_BASE_URL", "https://api.vantage.sh")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c4f4b98a7104ffd1 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/vantage/vantage_logger.py:49
        resolved_frequency = (frequency or os.getenv("VANTAGE_EXPORT_FREQUENCY") or "hourly").lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #29b478a426a5851a Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/vantage/vantage_logger.py:51
        raw_interval = interval_seconds or os.getenv("VANTAGE_EXPORT_INTERVAL_SECONDS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5c547856262c250d Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/weave/weave_otel.py:134
    api_key = os.getenv("WANDB_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e57f516bff91f943 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/weave/weave_otel.py:135
    project_id = os.getenv("WANDB_PROJECT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cb9f8213df4e9e1f Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/weave/weave_otel.py:136
    host = os.getenv("WANDB_HOST")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #52599eb0fc7e9738 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/weave/weave_otel.py:161
    os.environ["OTEL_EXPORTER_OTLP_ENDPOINT"] = endpoint

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #324a0e7781b349c3 Environment-variable access.
pkgs/python/[email protected]/litellm/integrations/weave/weave_otel.py:162
    os.environ["OTEL_EXPORTER_OTLP_HEADERS"] = otlp_auth_headers

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4fb5edb61b0740dc Filesystem access.
pkgs/python/[email protected]/litellm/litellm_core_utils/audio_utils/utils.py:70
        with open(file_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #46af8be8abef68e3 Filesystem access.
pkgs/python/[email protected]/litellm/litellm_core_utils/audio_utils/utils.py:88
                with open(str(content), "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7af4394cf992b7fd Filesystem access.
pkgs/python/[email protected]/litellm/litellm_core_utils/audio_utils/utils.py:174
                with open(str(file_content_obj), "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cc067ed2c280c862 Filesystem access.
pkgs/python/[email protected]/litellm/litellm_core_utils/audio_utils/utils.py:220
    return open(file_path, "rb")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2f77c7414e43e2ff Filesystem access.
pkgs/python/[email protected]/litellm/litellm_core_utils/audio_utils/utils.py:257
            with open(str(file), "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e713038d8eb2d78c Filesystem access.
pkgs/python/[email protected]/litellm/litellm_core_utils/cli_token_utils.py:28
        with open(token_file, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b455fa59f2c25bdc Environment-variable access.
pkgs/python/[email protected]/litellm/litellm_core_utils/default_encoding.py:19
custom_cache_dir = os.getenv("CUSTOM_TIKTOKEN_CACHE_DIR")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5af2c7baa4c3038e Environment-variable access.
pkgs/python/[email protected]/litellm/litellm_core_utils/default_encoding.py:27
os.environ["TIKTOKEN_CACHE_DIR"] = (

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6e6d2713df0835ef Environment-variable access.
pkgs/python/[email protected]/litellm/litellm_core_utils/env_utils.py:14
    raw = os.getenv(env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c03c8601d5ccd1bd Filesystem access.
pkgs/python/[email protected]/litellm/litellm_core_utils/get_blog_posts.py:54
        content = json.loads(files("litellm").joinpath("blog_posts.json").read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #e516b8d1f00d6517 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/litellm_core_utils/get_blog_posts.py:64
        response = httpx.get(url, timeout=timeout)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #355299a6f44efa5b Environment-variable access.
pkgs/python/[email protected]/litellm/litellm_core_utils/get_blog_posts.py:131
        if os.getenv("LITELLM_LOCAL_BLOG_POSTS", "").lower() == "true":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #47bc6892435c2bc7 Filesystem access.
pkgs/python/[email protected]/litellm/litellm_core_utils/get_model_cost_map.py:54
            files("litellm").joinpath("model_prices_and_context_window_backup.json").read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #5dd9d1b703126c93 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/litellm_core_utils/get_model_cost_map.py:160
        response = httpx.get(url, timeout=timeout)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #770a7b4df5139ac1 Environment-variable access.
pkgs/python/[email protected]/litellm/litellm_core_utils/get_model_cost_map.py:277
    if os.getenv("LITELLM_LOCAL_MODEL_COST_MAP", "").lower() == "true":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #74e1bc3e42d19f2c Environment-variable access.
pkgs/python/[email protected]/litellm/litellm_core_utils/litellm_logging.py:3432
                    os.environ.get("SENTRY_API_TRACE_RATE") if "SENTRY_API_TRACE_RATE" in os.environ else "1.0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0527e37fa8c6160a Environment-variable access.
pkgs/python/[email protected]/litellm/litellm_core_utils/litellm_logging.py:3435
                    os.environ.get("SENTRY_API_SAMPLE_RATE") if "SENTRY_API_SAMPLE_RATE" in os.environ else "1.0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8e16876bc03c894e Environment-variable access.
pkgs/python/[email protected]/litellm/litellm_core_utils/litellm_logging.py:3438
                    dsn=os.environ.get("SENTRY_DSN"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8cef63bc7fd82566 Environment-variable access.
pkgs/python/[email protected]/litellm/litellm_core_utils/litellm_logging.py:3443
                    environment=os.environ.get("SENTRY_ENVIRONMENT", "production"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #81d77cbbabca19c9 Environment-variable access.
pkgs/python/[email protected]/litellm/litellm_core_utils/litellm_logging.py:3455
                    token=os.environ.get("SLACK_API_TOKEN"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #928641ccfc0623ba Environment-variable access.
pkgs/python/[email protected]/litellm/litellm_core_utils/litellm_logging.py:3456
                    signing_secret=os.environ.get("SLACK_API_SECRET"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #44bf4326c79db52a Environment-variable access.
pkgs/python/[email protected]/litellm/litellm_core_utils/litellm_logging.py:3458
                alerts_channel = os.environ["SLACK_API_CHANNEL"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #020d6e57104511ba Environment-variable access.
pkgs/python/[email protected]/litellm/litellm_core_utils/litellm_logging.py:3704
            os.environ["OTEL_EXPORTER_OTLP_TRACES_HEADERS"] = (

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d969f48a94978b27 Environment-variable access.
pkgs/python/[email protected]/litellm/litellm_core_utils/litellm_logging.py:3731
                os.environ["OTEL_EXPORTER_OTLP_TRACES_HEADERS"] = arize_phoenix_config.otlp_auth_headers

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5a90ce08ce24a70f Environment-variable access.
pkgs/python/[email protected]/litellm/litellm_core_utils/litellm_logging.py:3857
            if "LOGFIRE_TOKEN" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4c25ef7de291bdae Environment-variable access.
pkgs/python/[email protected]/litellm/litellm_core_utils/litellm_logging.py:3864
            logfire_base_url = os.getenv("LOGFIRE_BASE_URL", "https://logfire-api.pydantic.dev")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #14444608fb626d2a Environment-variable access.
pkgs/python/[email protected]/litellm/litellm_core_utils/litellm_logging.py:3868
                headers=f"Authorization={os.getenv('LOGFIRE_TOKEN')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f1d7770ac29cd03c Environment-variable access.
pkgs/python/[email protected]/litellm/litellm_core_utils/litellm_logging.py:3918
            if "LANGTRACE_API_KEY" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #aa00e27afdf26509 Environment-variable access.
pkgs/python/[email protected]/litellm/litellm_core_utils/litellm_logging.py:3933
            os.environ["OTEL_EXPORTER_OTLP_TRACES_HEADERS"] = f"api_key={os.getenv('LANGTRACE_API_KEY')}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #649182e46fd47a75 Environment-variable access.
pkgs/python/[email protected]/litellm/litellm_core_utils/litellm_logging.py:4163
    if not any(os.environ.get(v) for v in phoenix_env_vars):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a3b5b2bdd9196054 Environment-variable access.
pkgs/python/[email protected]/litellm/litellm_core_utils/litellm_logging.py:4309
            if "ARIZE_API_KEY" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c84f3791509ff9dc Environment-variable access.
pkgs/python/[email protected]/litellm/litellm_core_utils/litellm_logging.py:4315
            if "LOGFIRE_TOKEN" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #319252e9ae081d23 Environment-variable access.
pkgs/python/[email protected]/litellm/litellm_core_utils/litellm_logging.py:4344
            if "LANGTRACE_API_KEY" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8b16cc0428108984 Environment-variable access.
pkgs/python/[email protected]/litellm/litellm_core_utils/litellm_logging.py:5396
    if os.getenv("LITELLM_PRINT_STANDARD_LOGGING_PAYLOAD"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8921d514685a0e28 Filesystem access.
pkgs/python/[email protected]/litellm/litellm_core_utils/prompt_templates/common_utils.py:800
        with open(file_content, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #cfcf3a0e9fd0288e Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/litellm_core_utils/prompt_templates/factory.py:653
        response = client.get("https://api.together.xyz/models/info", headers=headers)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #c5ba0e46363e667f Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/litellm_core_utils/url_utils.py:389
        return client.get(url, **kwargs)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #0e0f1e95b2e333ca Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/litellm_core_utils/url_utils.py:394
        response = client.get(
            validated_url,
            headers={**caller_headers, "Host": original_host},
            follow_redirects=False,
            **kwargs,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #2702b8d322c3bc02 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/litellm_core_utils/url_utils.py:412
        return await client.get(url, **kwargs)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #2afde75002e77a61 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/litellm_core_utils/url_utils.py:417
        response = await client.get(
            validated_url,
            headers={**caller_headers, "Host": original_host},
            follow_redirects=False,
            **kwargs,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #489273ddca4f7e7a Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/anthropic/chat/handler.py:91
        response = await client.post(
            api_base,
            headers=headers,
            data=data,
            stream=True,
            timeout=timeout,
            logging_obj=logging_obj,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #8a006488923732aa Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/anthropic/chat/handler.py:151
        response = client.post(
            api_base,
            headers=headers,
            data=data,
            stream=True,
            timeout=timeout,
            logging_obj=logging_obj,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #2ea7ecc68f010973 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/anthropic/chat/handler.py:485
                    response = client.post(
                        api_base,
                        headers=headers,
                        data=json.dumps(data),
                        timeout=timeout,
                        logging_obj=logging_obj,
                    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #0b226724b2d8ce87 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/anthropic/count_tokens/handler.py:83
            response = await async_client.post(
                endpoint_url,
                headers=headers,
                json=request_body,
                timeout=request_timeout,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #1406cec3cd60c8b9 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/anthropic/count_tokens/token_counter.py:60
            api_key = os.getenv("ANTHROPIC_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0a732b9729e22d05 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/anthropic/experimental_pass_through/utils.py:10
    return litellm.reasoning_auto_summary or os.getenv("LITELLM_REASONING_AUTO_SUMMARY", "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dfe9e6360b5f104c Environment-variable access.
pkgs/python/[email protected]/litellm/llms/azure/common_utils.py:173
    azure_authority_host = os.getenv("AZURE_AUTHORITY_HOST", "https://login.microsoftonline.com")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d188173acf9140da Environment-variable access.
pkgs/python/[email protected]/litellm/llms/azure/common_utils.py:174
    azure_client_id = azure_client_id or os.getenv("AZURE_CLIENT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d6ddd811504db2e6 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/azure/common_utils.py:175
    azure_tenant_id = azure_tenant_id or os.getenv("AZURE_TENANT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #92ddb0f9a16abf4d Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/azure/common_utils.py:205
    req_token = client.post(
        f"{azure_authority_host}/{azure_tenant_id}/oauth2/v2.0/token",
        data={
            "client_id": azure_client_id,
            "grant_type": "client_credentials",
            "scope": scope,
            "client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
            "client_assertion": oidc_token,
        },
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #007d15bcefcac6f6 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/azure/common_utils.py:284
    tenant_id = litellm_params.get("tenant_id") or os.getenv("AZURE_TENANT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a653570d5542e9b4 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/azure/common_utils.py:285
    client_id = litellm_params.get("client_id") or os.getenv("AZURE_CLIENT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #076272756620f5b4 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/azure/common_utils.py:286
    client_secret = litellm_params.get("client_secret") or os.getenv("AZURE_CLIENT_SECRET")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9c234baeb8baa442 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/azure/common_utils.py:287
    azure_username = litellm_params.get("azure_username") or os.getenv("AZURE_USERNAME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e5396c89a27e841e Environment-variable access.
pkgs/python/[email protected]/litellm/llms/azure/common_utils.py:288
    azure_password = litellm_params.get("azure_password") or os.getenv("AZURE_PASSWORD")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #30a7ab4cfa890e0f Environment-variable access.
pkgs/python/[email protected]/litellm/llms/azure/common_utils.py:289
    scope = litellm_params.get("azure_scope") or os.getenv(
        "AZURE_SCOPE", "https://cognitiveservices.azure.com/.default"
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1b942b975301820c Environment-variable access.
pkgs/python/[email protected]/litellm/llms/azure/common_utils.py:575
            api_version = os.getenv("AZURE_API_VERSION", litellm.AZURE_DEFAULT_API_VERSION)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b9639d0582ac5a94 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/azure/common_utils.py:626
        tenant_id = litellm_params.get("tenant_id", os.getenv("AZURE_TENANT_ID"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d03195cbcf09614c Environment-variable access.
pkgs/python/[email protected]/litellm/llms/azure/common_utils.py:627
        client_id = litellm_params.get("client_id", os.getenv("AZURE_CLIENT_ID"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #10ea8813cd177da2 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/azure/common_utils.py:630
            os.getenv("AZURE_SCOPE", "https://cognitiveservices.azure.com/.default"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1ca27d8ca4022b09 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/azure/common_utils.py:761
        return os.getenv(env_var_key)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #4d301899f0b85989 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/azure_ai/anthropic/count_tokens/handler.py:88
            response = await async_client.post(
                endpoint_url,
                headers=headers,
                json=request_body,
                timeout=request_timeout,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #1aef26a8b69943e4 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/azure_ai/anthropic/count_tokens/token_counter.py:62
            api_key = os.getenv("AZURE_AI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #52b605349f237df0 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/azure_ai/anthropic/count_tokens/token_counter.py:67
            api_base = os.getenv("AZURE_AI_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #81d63fe633426e9a Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/azure_ai/anthropic/handler.py:188
                    response = client.post(
                        api_base,
                        headers=headers,
                        data=json.dumps(data),
                        timeout=timeout,
                    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #74cd37dd48654ff0 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/base_llm/files/azure_blob_storage_backend.py:291
        response = await async_client.get(blob_url, headers=headers)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #19d6f0cb5d9cd03e Environment-variable access.
pkgs/python/[email protected]/litellm/llms/bedrock/base_aws_llm.py:219
            value if value is not None else os.getenv(env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a45c0e1fc83ca46f Environment-variable access.
pkgs/python/[email protected]/litellm/llms/bedrock/base_aws_llm.py:624
            or os.getenv("AWS_REGION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a0d3e48b1b39ba03 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/bedrock/base_aws_llm.py:625
            or os.getenv("AWS_DEFAULT_REGION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #00c0ef8b9ba0f665 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/bedrock/base_aws_llm.py:735
        current_role_arn = os.getenv("AWS_ROLE_ARN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #47d754673b0161ef Environment-variable access.
pkgs/python/[email protected]/litellm/llms/bedrock/base_aws_llm.py:736
        web_identity_token_file = os.getenv("AWS_WEB_IDENTITY_TOKEN_FILE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fd299920ea4f56b3 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/bedrock/base_aws_llm.py:812
        if aws_web_identity_token.startswith("os.environ/") or aws_web_identity_token in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3a4eed526dd85d8e Filesystem access.
pkgs/python/[email protected]/litellm/llms/bedrock/base_aws_llm.py:936
        with open(web_identity_token_file, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0372cc5c87106c15 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/bedrock/base_aws_llm.py:1067
        web_identity_token_file = os.getenv("AWS_WEB_IDENTITY_TOKEN_FILE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c786dda7892c971a Environment-variable access.
pkgs/python/[email protected]/litellm/llms/bedrock/base_aws_llm.py:1068
        irsa_role_arn = os.getenv("AWS_ROLE_ARN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #272aff1a507ba391 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/bedrock/batches/transformation.py:107
        output_bucket = litellm_params.get("s3_output_bucket_name") or os.getenv("AWS_S3_OUTPUT_BUCKET_NAME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0da00bbe691b83bb Environment-variable access.
pkgs/python/[email protected]/litellm/llms/bedrock/batches/transformation.py:116
            or os.getenv("AWS_BATCH_ROLE_ARN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #ff754e9d4c28b512 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/bedrock/chat/agentcore/transformation.py:657
        response = client.post(
            api_base,
            headers=headers,
            data=signed_json_body if signed_json_body else json.dumps(data),
            stream=True,
            logging_obj=logging_obj,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #ba5be044cd65dbfe Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/bedrock/chat/agentcore/transformation.py:870
        response = await client.post(
            api_base,
            headers=headers,
            data=signed_json_body if signed_json_body else json.dumps(data),
            stream=True,
            logging_obj=logging_obj,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #abe5bcba30c86796 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/bedrock/chat/converse_handler.py:40
    response = client.post(
        api_base,
        headers=headers,
        data=data,
        stream=not fake_stream,
        logging_obj=logging_obj,
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #b0558b1781ecaff8 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/bedrock/chat/invoke_handler.py:210
        response = await client.post(
            api_base,
            headers=headers,
            data=data,
            stream=not fake_stream,
            logging_obj=logging_obj,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #353b941ce2886c06 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/bedrock/chat/invoke_handler.py:294
        response = client.post(
            api_base,
            headers=headers,
            data=signed_json_body if signed_json_body is not None else data,
            stream=not fake_stream,
            logging_obj=logging_obj,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #21420aa0ad0958e1 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/bedrock/chat/invoke_handler.py:1189
            response = await client.post(
                api_base,
                headers=headers,
                data=data,
                timeout=timeout,
                logging_obj=logging_obj,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #7c95a0542015ec97 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/bedrock/common_utils.py:1512
            litellm_params.get("s3_bucket_name") or optional_params.get("s3_bucket_name") or os.getenv(bucket_env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #2801923e69e5e22d Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/bedrock/count_tokens/handler.py:90
            response = await async_client.post(
                endpoint_url,
                headers=signed_headers,
                data=signed_body,
                timeout=30.0,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #3ced99476c2a6c2e Environment-variable access.
pkgs/python/[email protected]/litellm/llms/bedrock/files/transformation.py:128
    bucket_name = bucket_name or os.getenv("AWS_S3_BUCKET_NAME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #68d8793e42aa7380 Filesystem access.
pkgs/python/[email protected]/litellm/llms/bedrock/files/transformation.py:199
            with open(str(file_content), "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9e4a35df97905276 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/bedrock/files/transformation.py:268
        bucket_name = litellm_params.get("s3_bucket_name") or os.getenv("AWS_S3_BUCKET_NAME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ffc9fb001ca42690 Filesystem access.
pkgs/python/[email protected]/litellm/llms/bedrock/files/transformation.py:1141
            with open(str(file_content), "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e5ccc081173f8746 Filesystem access.
pkgs/python/[email protected]/litellm/llms/bedrock/image_edit/amazon_nova_canvas_image_edit_transformation.py:145
        with open(image, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #56615cdd8e00ec67 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/bytez/chat/transformation.py:265
            response = client.post(
                api_base,
                headers=headers,
                data=json.dumps(data),
                stream=True,
                logging_obj=logging_obj,
                timeout=STREAMING_TIMEOUT,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #18d29288c3ce1571 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/bytez/chat/transformation.py:307
            response = await client.post(
                api_base,
                headers=headers,
                data=json.dumps(data),
                stream=True,
                logging_obj=logging_obj,
                timeout=STREAMING_TIMEOUT,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #ccd8f2072a80d3b6 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/chatgpt/authenticator.py:33
        self.token_dir = os.getenv(
            "CHATGPT_TOKEN_DIR",
            os.path.expanduser("~/.config/litellm/chatgpt"),
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e2a4b7493794b60b Environment-variable access.
pkgs/python/[email protected]/litellm/llms/chatgpt/authenticator.py:37
        self.auth_file = os.path.join(self.token_dir, os.getenv("CHATGPT_AUTH_FILE", "auth.json"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3fe32419570d2ece Environment-variable access.
pkgs/python/[email protected]/litellm/llms/chatgpt/authenticator.py:41
        return os.getenv("CHATGPT_API_BASE") or os.getenv("OPENAI_CHATGPT_API_BASE") or CHATGPT_API_BASE

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #762e8a99bb3d7d2a Filesystem access.
pkgs/python/[email protected]/litellm/llms/chatgpt/authenticator.py:87
            with open(self.auth_file, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7025267a82273e41 Filesystem access.
pkgs/python/[email protected]/litellm/llms/chatgpt/authenticator.py:97
            with open(self.auth_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #236536f2ce4656a1 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/chatgpt/authenticator.py:168
            resp = client.post(
                CHATGPT_DEVICE_CODE_URL,
                json={"client_id": CHATGPT_CLIENT_ID},
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #fc6b7e7ff62ecf46 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/chatgpt/authenticator.py:205
                resp = client.post(
                    CHATGPT_DEVICE_TOKEN_URL,
                    json={
                        "device_auth_id": device_code["device_auth_id"],
                        "user_code": device_code["user_code"],
                    },
                )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #069e7dc0a5d292e8 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/chatgpt/authenticator.py:259
            resp = client.post(
                CHATGPT_OAUTH_TOKEN_URL,
                headers={"Content-Type": "application/x-www-form-urlencoded"},
                content=body,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #26bd8eeb43521183 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/chatgpt/authenticator.py:291
            resp = client.post(
                CHATGPT_OAUTH_TOKEN_URL,
                json={
                    "client_id": CHATGPT_CLIENT_ID,
                    "grant_type": "refresh_token",
                    "refresh_token": refresh_token,
                    "scope": "openid profile email",
                },
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #3a3960ae1cf84f04 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/chatgpt/common_utils.py:153
    term_program = os.getenv("TERM_PROGRAM")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e34a474105478d18 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/chatgpt/common_utils.py:155
        version = os.getenv("TERM_PROGRAM_VERSION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9a124196e8386b81 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/chatgpt/common_utils.py:159
    wezterm_version = os.getenv("WEZTERM_VERSION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #edbba5113c4e166f Environment-variable access.
pkgs/python/[email protected]/litellm/llms/chatgpt/common_utils.py:164
    if os.getenv("ITERM_SESSION_ID") or os.getenv("ITERM_PROFILE") or os.getenv("ITERM_PROFILE_NAME"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6a29f45624f56ac3 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/chatgpt/common_utils.py:167
    if os.getenv("TERM_SESSION_ID"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a9640c88dd6bbfb5 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/chatgpt/common_utils.py:170
    if os.getenv("KITTY_WINDOW_ID") or "kitty" in (os.getenv("TERM") or ""):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #261f106dbba924d8 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/chatgpt/common_utils.py:173
    if os.getenv("ALACRITTY_SOCKET") or os.getenv("TERM") == "alacritty":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0e3926d7328e3023 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/chatgpt/common_utils.py:176
    konsole_version = os.getenv("KONSOLE_VERSION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d0b078e904187e4f Environment-variable access.
pkgs/python/[email protected]/litellm/llms/chatgpt/common_utils.py:181
    if os.getenv("GNOME_TERMINAL_SCREEN"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d6f76a4cc350a0aa Environment-variable access.
pkgs/python/[email protected]/litellm/llms/chatgpt/common_utils.py:184
    vte_version = os.getenv("VTE_VERSION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #10b03720f1d55aa5 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/chatgpt/common_utils.py:189
    if os.getenv("WT_SESSION"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #22711138503893a6 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/chatgpt/common_utils.py:192
    term = os.getenv("TERM")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d9ae5a8c9ea765cb Environment-variable access.
pkgs/python/[email protected]/litellm/llms/chatgpt/common_utils.py:209
    originator = os.getenv("CHATGPT_ORIGINATOR") or DEFAULT_ORIGINATOR

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6a2646d78f8d857b Environment-variable access.
pkgs/python/[email protected]/litellm/llms/chatgpt/common_utils.py:214
    override = os.getenv("CHATGPT_USER_AGENT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #91a622e942d3e8cf Environment-variable access.
pkgs/python/[email protected]/litellm/llms/chatgpt/common_utils.py:222
    suffix = os.getenv("CHATGPT_USER_AGENT_SUFFIX", "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3121815ad45cc675 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/chatgpt/common_utils.py:250
    return os.getenv("CHATGPT_DEFAULT_INSTRUCTIONS") or CHATGPT_DEFAULT_INSTRUCTIONS

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #3386b6f33a3edf90 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/codestral/completion/handler.py:58
    response = await client.post(api_base, headers=headers, data=data, stream=True)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #a0a2d38bc96a5c28 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/codestral/completion/handler.py:293
            response = litellm.module_level_client.post(
                completion_url,
                headers=headers,
                data=json.dumps(data),
                stream=stream,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #89657082292f775c Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/cohere/embed/handler.py:82
        response = await client.post(api_base, headers=headers, data=json.dumps(data))

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #f066cbf05f273b29 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/cohere/embed/handler.py:166
    response = client.post(embed_url, headers=headers, data=json.dumps(data))

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #2601edd4dad8f4f9 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/custom_httpx/aiohttp_transport.py:352
        if not (litellm.disable_aiohttp_trust_env or str_to_bool(os.getenv("DISABLE_AIOHTTP_TRUST_ENV", "False"))):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6d055d62eb272ea5 Filesystem access.
pkgs/python/[email protected]/litellm/llms/custom_httpx/container_handler.py:45
    with open(config_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #18d6e6e9e2bf5e9f Environment-variable access.
pkgs/python/[email protected]/litellm/llms/custom_httpx/http_handler.py:115
    user_agent = os.environ.get("LITELLM_USER_AGENT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4f57ed35b1cefe90 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/custom_httpx/http_handler.py:258
        ssl_verify = os.getenv("SSL_VERIFY", litellm.ssl_verify)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cbc28afdd767bc6f Environment-variable access.
pkgs/python/[email protected]/litellm/llms/custom_httpx/http_handler.py:273
        ssl_cert_file = os.getenv("SSL_CERT_FILE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #558dce31067ca55a Environment-variable access.
pkgs/python/[email protected]/litellm/llms/custom_httpx/http_handler.py:315
    ssl_security_level = os.getenv("SSL_SECURITY_LEVEL", litellm.ssl_security_level)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f76840942d874f8d Environment-variable access.
pkgs/python/[email protected]/litellm/llms/custom_httpx/http_handler.py:316
    ssl_ecdh_curve = os.getenv("SSL_ECDH_CURVE", litellm.ssl_ecdh_curve)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #734e5dcf13bd41fa Environment-variable access.
pkgs/python/[email protected]/litellm/llms/custom_httpx/http_handler.py:322
        ssl_cert_file = os.getenv("SSL_CERT_FILE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a1fead09f1a37b97 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/custom_httpx/http_handler.py:541
        cert = os.getenv("SSL_CERTIFICATE", litellm.ssl_certificate)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #9bf2638abd839772 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/custom_httpx/http_handler.py:591
        response = await self.client.get(
            url,
            params=params,
            headers=headers,  # type: ignore
            follow_redirects=_follow_redirects,  # type: ignore
            timeout=timeout if timeout is not None else USE_CLIENT_DEFAULT,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #9ef9c673ddefed65 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/custom_httpx/http_handler.py:941
            or str_to_bool(os.getenv("DISABLE_AIOHTTP_TRANSPORT", "False")) is True

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e25299d7db836c2e Environment-variable access.
pkgs/python/[email protected]/litellm/llms/custom_httpx/http_handler.py:1001
        if str_to_bool(os.getenv("AIOHTTP_TRUST_ENV", "False")) is True:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9bddefed55884013 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/custom_httpx/http_handler.py:1085
        cert = os.getenv("SSL_CERTIFICATE", litellm.ssl_certificate)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #42bda45fe0f2871f Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/custom_httpx/http_handler.py:1122
        response = self.client.get(
            url,
            params=params,
            headers=headers,
            follow_redirects=_follow_redirects,
            timeout=timeout if timeout is not None else USE_CLIENT_DEFAULT,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #ab6ff78617b02927 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/custom_httpx/httpx_handler.py:19
    user_agent = os.environ.get("LITELLM_USER_AGENT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #9cfe0ff976a1899b Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/custom_httpx/httpx_handler.py:43
        response = await self.client.get(url, params=params, headers=headers)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #6a8a65cca4c8e5cd Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/custom_httpx/httpx_handler.py:54
            response = await self.client.post(
                url,
                data=data,
                params=params,
                headers=headers,  # type: ignore
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #e7b59bc65b4cb46f Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/custom_httpx/llm_http_handler.py:3556
        resp = client.client.post(url, **kwargs)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #6db3d3061155d779 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/custom_httpx/llm_http_handler.py:3590
        resp = await client.client.post(url, **kwargs)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #7c2bc8f20e09e0ae Environment-variable access.
pkgs/python/[email protected]/litellm/llms/databricks/chat/transformation.py:226
            or os.getenv("LITELLM_USER_AGENT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0659250b265a9bce Environment-variable access.
pkgs/python/[email protected]/litellm/llms/databricks/chat/transformation.py:227
            or os.getenv("DATABRICKS_USER_AGENT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #7e4e95ddd2313c7f Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/databricks/common_utils.py:235
            response = requests.post(
                token_url,
                data={
                    "grant_type": "client_credentials",
                    "scope": "all-apis",
                },
                auth=(client_id, client_secret),
                headers={"Content-Type": "application/x-www-form-urlencoded"},
                timeout=30,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #b6a3f70cd59e72a7 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/databricks/common_utils.py:335
        client_id = os.getenv("DATABRICKS_CLIENT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2df02fba15891c27 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/databricks/common_utils.py:336
        client_secret = os.getenv("DATABRICKS_CLIENT_SECRET")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #65b045e9fc771a53 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/databricks/common_utils.py:340
            api_base = os.getenv("DATABRICKS_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dae35467bafd0d31 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/databricks/embed/handler.py:36
            or os.getenv("LITELLM_USER_AGENT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ad5142782d321f50 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/databricks/embed/handler.py:37
            or os.getenv("DATABRICKS_USER_AGENT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #49b7134ff17010ca Environment-variable access.
pkgs/python/[email protected]/litellm/llms/databricks/responses/transformation.py:48
        api_key = litellm_params.api_key or os.getenv("DATABRICKS_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1f33267ec1f376ff Environment-variable access.
pkgs/python/[email protected]/litellm/llms/databricks/responses/transformation.py:49
        api_base = litellm_params.api_base or os.getenv("DATABRICKS_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #05b85b532c2c3b90 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/databricks/responses/transformation.py:71
        api_base = api_base or os.getenv("DATABRICKS_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #c7934d7e204e0cd9 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/deprecated_providers/aleph_alpha.py:232
    response = litellm.module_level_client.post(
        completion_url,
        headers=headers,
        data=json.dumps(data),
        stream=optional_params["stream"] if "stream" in optional_params else False,
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #e48caded6d7256d1 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/gdc/chat/transformation.py:127
        _env_val = os.getenv(env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #6edda2c8e421ff3c Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/gigachat/authenticator.py:172
        response = client.post(auth_url, headers=headers, data=data, timeout=30)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #5a3939e5ffd4379d Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/gigachat/authenticator.py:207
        response = await client.post(auth_url, headers=headers, data=data, timeout=30)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #4464a90ab26d2f1f Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/gigachat/file_handler.py:57
    response = client.get(url)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #301b55a1e1c38f89 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/gigachat/file_handler.py:72
    response = await client.get(url)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #83218e909d58e6ca Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/gigachat/file_handler.py:124
        response = client.post(
            upload_url,
            headers={"Authorization": f"Bearer {access_token}"},
            files={"file": (filename, content_bytes, content_type)},
            data={"purpose": "general"},
            timeout=60,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #dd09fe6465274c68 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/gigachat/file_handler.py:192
        response = await client.post(
            upload_url,
            headers={"Authorization": f"Bearer {access_token}"},
            files={"file": (filename, content_bytes, content_type)},
            data={"purpose": "general"},
            timeout=60,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #0446a3b715719868 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/github_copilot/authenticator.py:31
        self.token_dir = os.getenv(
            "GITHUB_COPILOT_TOKEN_DIR",
            os.path.expanduser("~/.config/litellm/github_copilot"),
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7b9a7c0e0adc6ab6 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/github_copilot/authenticator.py:37
            os.getenv("GITHUB_COPILOT_ACCESS_TOKEN_FILE", "access-token"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6ca12d8bbf759618 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/github_copilot/authenticator.py:39
        self.api_key_file = os.path.join(self.token_dir, os.getenv("GITHUB_COPILOT_API_KEY_FILE", "api-key.json"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #30d95d39fee4729b Filesystem access.
pkgs/python/[email protected]/litellm/llms/github_copilot/authenticator.py:53
            with open(self.access_token_file, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6b1c2cae724935f1 Filesystem access.
pkgs/python/[email protected]/litellm/llms/github_copilot/authenticator.py:65
                    with open(self.access_token_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1b9e9dd3542ace18 Filesystem access.
pkgs/python/[email protected]/litellm/llms/github_copilot/authenticator.py:90
            with open(self.api_key_file, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ef6d173962c16d14 Filesystem access.
pkgs/python/[email protected]/litellm/llms/github_copilot/authenticator.py:109
            with open(self.api_key_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2690f4a9a99ace44 Filesystem access.
pkgs/python/[email protected]/litellm/llms/github_copilot/authenticator.py:139
            with open(self.api_key_file, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #36173f8397548567 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/github_copilot/authenticator.py:160
        api_key_url = os.getenv("GITHUB_COPILOT_API_KEY_URL", DEFAULT_GITHUB_API_KEY_URL)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #214bf87f9d0bd718 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/github_copilot/authenticator.py:166
                response = sync_client.get(api_key_url, headers=headers)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #529a7d64d9915290 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/github_copilot/authenticator.py:228
            device_code_url = os.getenv("GITHUB_COPILOT_DEVICE_CODE_URL", DEFAULT_GITHUB_DEVICE_CODE_URL)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d291c906da6e448e Environment-variable access.
pkgs/python/[email protected]/litellm/llms/github_copilot/authenticator.py:229
            client_id = os.getenv("GITHUB_COPILOT_CLIENT_ID", DEFAULT_GITHUB_CLIENT_ID)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #f1fa5c054d96312b Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/github_copilot/authenticator.py:230
            resp = sync_client.post(
                device_code_url,
                headers=self._get_github_headers(),
                json={"client_id": client_id, "scope": "read:user"},
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #adb4b6b83390292e Environment-variable access.
pkgs/python/[email protected]/litellm/llms/github_copilot/authenticator.py:282
        access_token_url = os.getenv("GITHUB_COPILOT_ACCESS_TOKEN_URL", DEFAULT_GITHUB_ACCESS_TOKEN_URL)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #001bea89605b1045 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/github_copilot/authenticator.py:283
        client_id = os.getenv("GITHUB_COPILOT_CLIENT_ID", DEFAULT_GITHUB_CLIENT_ID)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #53c64f932b923c6d Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/github_copilot/authenticator.py:287
                resp = sync_client.post(
                    access_token_url,
                    headers=self._get_github_headers(),
                    json={
                        "client_id": client_id,
                        "device_code": device_code,
                        "grant_type": "urn:ietf:params:oauth:grant-type:device_code",
                    },
                )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #cd58d89d495d61e3 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/github_copilot/chat/transformation.py:42
            or os.getenv("GITHUB_COPILOT_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b0c481402a13b941 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/github_copilot/embedding/transformation.py:106
            or os.getenv("GITHUB_COPILOT_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #697a463120ded5f1 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/github_copilot/responses/transformation.py:256
            or os.getenv("GITHUB_COPILOT_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #97002962adaaed09 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/heroku/chat/transformation.py:52
        api_base = api_base or os.getenv("HEROKU_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1604624354624a5e Environment-variable access.
pkgs/python/[email protected]/litellm/llms/heroku/chat/transformation.py:53
        api_key = api_key or os.getenv("HEROKU_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f3200362c72c3d16 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/huggingface/chat/transformation.py:80
            base_url = os.getenv("HF_API_BASE") or os.getenv("HUGGINGFACE_API_BASE", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #90a22e25ee728f9a Environment-variable access.
pkgs/python/[email protected]/litellm/llms/huggingface/chat/transformation.py:100
        elif os.getenv("HF_API_BASE") or os.getenv("HUGGINGFACE_API_BASE"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a91d06225fe30975 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/huggingface/chat/transformation.py:101
            complete_url = str(os.getenv("HF_API_BASE")) or str(os.getenv("HUGGINGFACE_API_BASE"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ad6d74eb15554181 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/huggingface/common_utils.py:76
    if os.getenv("HUGGINGFACE_API_KEY"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #44c03cac6daccfe1 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/huggingface/common_utils.py:77
        headers["Authorization"] = f"Bearer {os.getenv('HUGGINGFACE_API_KEY')}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #79e93efb3f199bfc Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/huggingface/common_utils.py:83
        response = httpx.get(path, headers=headers, params=params)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #0aff0f5e8b3c15a3 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/huggingface/embedding/handler.py:272
        response = await client.post(api_base, headers=headers, data=json.dumps(data))

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #141fccc00fed1178 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/huggingface/embedding/handler.py:329
        elif "HF_API_BASE" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4e79867e1a60ff2d Environment-variable access.
pkgs/python/[email protected]/litellm/llms/huggingface/embedding/handler.py:330
            embed_url = os.getenv("HF_API_BASE", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f8e59de7115e9142 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/huggingface/embedding/handler.py:331
        elif "HUGGINGFACE_API_BASE" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ef47f989cc669577 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/huggingface/embedding/handler.py:332
            embed_url = os.getenv("HUGGINGFACE_API_BASE", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #d6ffa564fcd99961 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/huggingface/embedding/handler.py:375
        response = client.post(embed_url, headers=headers, data=json.dumps(data))

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #70b3fb93b592042c Filesystem access.
pkgs/python/[email protected]/litellm/llms/huggingface/embedding/transformation.py:160
            with open(file_path, "r") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d4f3e5eeba55fa94 Filesystem access.
pkgs/python/[email protected]/litellm/llms/huggingface/embedding/transformation.py:174
            with open(file_path, "r") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #080d98cdd9f47510 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/huggingface/embedding/transformation.py:329
        elif "HF_API_BASE" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2a70a0b0b01a0b15 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/huggingface/embedding/transformation.py:330
            completion_url = os.getenv("HF_API_BASE", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4754bf4e949981e8 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/huggingface/embedding/transformation.py:331
        elif "HUGGINGFACE_API_BASE" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bf6ec42fefe8c4d1 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/huggingface/embedding/transformation.py:332
            completion_url = os.getenv("HUGGINGFACE_API_BASE", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #eb9bca2cb06871c9 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/huggingface/rerank/transformation.py:56
        elif os.getenv("HF_API_BASE") is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5e92db5dcd4c2e08 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/huggingface/rerank/transformation.py:57
            return os.getenv("HF_API_BASE", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #18a31ea8a8de7a99 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/huggingface/rerank/transformation.py:58
        elif os.getenv("HUGGINGFACE_API_BASE") is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9a83f6fa49c986d3 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/huggingface/rerank/transformation.py:59
            return os.getenv("HUGGINGFACE_API_BASE", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #7f3aff1cd1346f3b Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/langgraph/chat/transformation.py:305
        response = client.post(
            api_base,
            headers=headers,
            data=json.dumps(data),
            stream=True,
            logging_obj=logging_obj,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #bd6ee45d4eca277f Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/langgraph/chat/transformation.py:364
        response = await client.post(
            api_base,
            headers=headers,
            data=json.dumps(data),
            stream=True,
            logging_obj=logging_obj,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #20779693b4fa1707 Filesystem access.
pkgs/python/[email protected]/litellm/llms/litellm_proxy/skills/sandbox_executor.py:102
                        with open(local_path, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0be78153543a1e18 Filesystem access.
pkgs/python/[email protected]/litellm/llms/litellm_proxy/skills/sandbox_executor.py:260
                        with open(tmp_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #2192bdb573a6bbd0 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/nlp_cloud/chat/handler.py:77
    response = client.post(
        completion_url,
        headers=headers,
        data=json.dumps(data),
        stream=optional_params["stream"] if "stream" in optional_params else False,
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #2b21d295adc394af Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/nvidia_riva/common_utils.py:84
    http_status = _GRPC_STATUS_CODE_TO_HTTP.get(status_name or "", 500)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #f77e5587db6c3eee Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/oci/chat/transformation.py:660
            response = client.post(
                api_base,
                headers=headers,
                data=(signed_json_body if signed_json_body is not None else json.dumps(data)),
                stream=True,
                logging_obj=logging_obj,
                timeout=STREAMING_TIMEOUT,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #1c14c8818741707c Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/oci/chat/transformation.py:699
            response = await client.post(
                api_base,
                headers=headers,
                data=(signed_json_body if signed_json_body is not None else json.dumps(data)),
                stream=True,
                logging_obj=logging_obj,
                timeout=STREAMING_TIMEOUT,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #6876ac50216d834d Filesystem access.
pkgs/python/[email protected]/litellm/llms/oci/common_utils.py:130
        with open(file_path, "r", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cfb2d11804bee4f4 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/oci/common_utils.py:166
        "oci_region": optional_params.get("oci_region") or os.environ.get(_OCI_REGION_ENV) or "us-ashburn-1",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #955c76b94ae34cbd Environment-variable access.
pkgs/python/[email protected]/litellm/llms/oci/common_utils.py:167
        "oci_user": optional_params.get("oci_user") or os.environ.get(_OCI_USER_ENV),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1472d2abdfc3cc9a Environment-variable access.
pkgs/python/[email protected]/litellm/llms/oci/common_utils.py:168
        "oci_fingerprint": optional_params.get("oci_fingerprint") or os.environ.get(_OCI_FINGERPRINT_ENV),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5771d26403403045 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/oci/common_utils.py:169
        "oci_tenancy": optional_params.get("oci_tenancy") or os.environ.get(_OCI_TENANCY_ENV),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #013f0f7db8f1356b Environment-variable access.
pkgs/python/[email protected]/litellm/llms/oci/common_utils.py:170
        "oci_key": optional_params.get("oci_key") or os.environ.get(_OCI_KEY_ENV),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e18961d4cc67bc45 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/oci/common_utils.py:171
        "oci_key_file": optional_params.get("oci_key_file") or os.environ.get(_OCI_KEY_FILE_ENV),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #97beb05218b102a4 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/oci/common_utils.py:172
        "oci_compartment_id": optional_params.get("oci_compartment_id") or os.environ.get(_OCI_COMPARTMENT_ID_ENV),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #419d5d45da543410 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/ollama/common_utils.py:65
            or os.environ.get("OLLAMA_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #4c9adf38f665a8f1 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/ollama/common_utils.py:105
            resp = httpx.get(f"{base}/api/tags", headers=headers)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #45662377a79db60c Environment-variable access.
pkgs/python/[email protected]/litellm/llms/ollama/completion/transformation.py:216
            os.environ.get("OLLAMA_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #f1996ff3a3c0527e Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/oobabooga/chat/oobabooga.py:65
    response = client.post(
        completion_url,
        headers=headers,
        data=json.dumps(data),
        stream=optional_params["stream"] if "stream" in optional_params else False,
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #781b2d2c9044d313 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/oobabooga/chat/oobabooga.py:127
    response = litellm.module_level_client.post(embeddings_url, headers=headers, json=data)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #6276d4c9b634ee31 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/openai/chat/gpt_transformation.py:416
        resolved_api_base = api_base or litellm.api_base or os.getenv("OPENAI_BASE_URL") or os.getenv("OPENAI_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a7c47f51b3b89766 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/openai/common_utils.py:259
        or os.getenv("OPENAI_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #77cda0dfc8fd3bc9 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/openai/common_utils.py:260
        or os.getenv("OPENAI_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c8613ab13e656c02 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/openai/common_utils.py:263
    resolved_organization = organization or litellm.organization or os.getenv("OPENAI_ORGANIZATION", None) or None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #56b0508464005e13 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/openai/common_utils.py:264
    resolved_api_key = api_key or litellm.api_key or litellm.openai_key or os.getenv("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #3fd86d0c3e56369a Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/openai/responses/count_tokens/handler.py:67
            response = await async_client.post(
                endpoint_url,
                headers=headers,
                json=request_body,
                timeout=request_timeout,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #533847de1f94cde6 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/openai/responses/count_tokens/token_counter.py:54
            api_key = os.getenv("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #d1ad53671018d524 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/openai_like/chat/handler.py:40
    response = await client.post(api_base, headers=headers, data=data, stream=not fake_stream)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #02e7de60a7cdc0ec Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/openai_like/chat/handler.py:75
    response = client.post(api_base, headers=headers, data=data, stream=not fake_stream, timeout=timeout)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #5b616b9c8b884ee4 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/openai_like/chat/handler.py:175
            response = await client.post(api_base, headers=headers, data=json.dumps(data), timeout=timeout)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #9a29bc03cf8aef70 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/openai_like/embedding/handler.py:47
                response = await async_client.post(
                    api_base,
                    headers=headers,
                    data=json.dumps(data),
                )  # type: ignore

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #9125375d2a074fb1 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/openai_like/embedding/handler.py:135
            response = self.client.post(
                api_base,
                headers=headers,
                data=json.dumps(data),
            )  # type: ignore

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #b40e06d7a8b3f8ff Filesystem access.
pkgs/python/[email protected]/litellm/llms/openai_like/json_loader.py:47
            with open(json_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #3de39ad39e1d20f6 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/petals/completion/handler.py:69
        response = client.post(api_base, data=data)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #177531b318a24a6f Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/predibase/chat/handler.py:30
    response = await client.post(api_base, headers=headers, data=data, stream=True, timeout=timeout)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #d7dc33cbb7e982a1 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/predibase/chat/handler.py:156
            response = litellm.module_level_client.post(
                completion_url,
                headers=headers,
                data=json.dumps(data),
                stream=stream,
                timeout=timeout,  # type: ignore
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #ecdc633d12364310 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/predibase/chat/transformation.py:324
        elif "PREDIBASE_API_BASE" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c4e4c70587aba52f Environment-variable access.
pkgs/python/[email protected]/litellm/llms/predibase/chat/transformation.py:325
            base_url = os.getenv("PREDIBASE_API_BASE", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #8a33f70e4c70449b Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/replicate/chat/handler.py:34
        response = http_client.get(prediction_url, headers=headers)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #f82fa430791d6199 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/replicate/chat/handler.py:80
        response = await http_client.get(prediction_url, headers=headers)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #485c6500a918ac78 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/runwayml/videos/transformation.py:381
        video_response = httpx_client.get(video_url)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #607e9dcc4c5e8ad3 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/runwayml/videos/transformation.py:412
        video_response = await async_httpx_client.get(video_url)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #6e37822ae08974a4 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/sagemaker/chat/transformation.py:132
            response = client.post(
                api_base,
                headers=headers,
                data=signed_json_body if signed_json_body is not None else data,
                stream=True,
                logging_obj=logging_obj,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #34d85bdd402085c1 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/sagemaker/chat/transformation.py:178
            response = await client.post(
                api_base,
                headers=headers,
                data=signed_json_body if signed_json_body is not None else data,
                stream=True,
                logging_obj=logging_obj,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #d60695fbf91ef0d3 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/sagemaker/completion/handler.py:350
            response = await client.post(
                api_base,
                headers=headers,
                data=data,
                stream=True,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #1c31d80859fb4133 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/sap/chat/transformation.py:183
        deployments = client.get(f"{self.base_url}/lm/deployments", headers=self.headers).json()

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #7292cc9e774f525c Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/sap/chat/transformation.py:187
                cfg = client.get(
                    f"{self.base_url}/lm/configurations/{dep['configurationId']}",
                    headers=self.headers,
                ).json()

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #bfdcee25057c49a2 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/sap/credentials.py:30
    return os.getenv(HOME_PATH_ENV_VAR, DEFAULT_HOME_PATH)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #05ddc92e58312d4e Environment-variable access.
pkgs/python/[email protected]/litellm/llms/sap/credentials.py:55
    raw = os.environ.get(var_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c6d7b80589f1b058 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/sap/credentials.py:132
    profile = profile or os.environ.get(PROFILE_ENV_VAR)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #79657adbd8d0df74 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/sap/credentials.py:133
    cfg_env = os.getenv(CONFIG_FILE_ENV_VAR)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4a449efe31b4e326 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/sap/credentials.py:250
    service_key = _parse_service_key_once(service_key or litellm.sap_service_key or os.environ.get(SERVICE_KEY_ENV_VAR))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #19d29e123145ee1d Environment-variable access.
pkgs/python/[email protected]/litellm/llms/sap/credentials.py:261
            lambda cv: _str_or_none(os.environ.get(f"AICORE_{cv.name.upper()}")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d73f6ed594613fce Filesystem access.
pkgs/python/[email protected]/litellm/llms/sap/credentials.py:448
                with open(cert_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f3a95427453036f4 Filesystem access.
pkgs/python/[email protected]/litellm/llms/sap/credentials.py:450
                with open(key_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #8f4a7481e2554fa5 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/sap/embed/transformation.py:103
            deployments = client.get(self.base_url + "/lm/deployments", headers=self.headers).json()

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #b3dd41389decfab6 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/sap/embed/transformation.py:106
                    config_details = client.get(
                        self.base_url + f"/lm/configurations/{deployment['configurationId']}",
                        headers=self.headers,
                    ).json()

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #22d7b625c115b096 Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/together_ai/rerank/handler.py:51
        response = client.post(
            "https://api.together.xyz/v1/rerank",
            headers={
                "accept": "application/json",
                "content-type": "application/json",
                "authorization": f"Bearer {api_key}",
            },
            json=request_data_dict,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #bf6fef07586ecd98 Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/together_ai/rerank/handler.py:75
        response = await client.post(
            "https://api.together.xyz/v1/rerank",
            headers={
                "accept": "application/json",
                "content-type": "application/json",
                "authorization": f"Bearer {api_key}",
            },
            json=request_data_dict,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #09f9203a5c47c43c Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/vertex_ai/agent_engine/transformation.py:383
        response = client.post(
            api_base,
            headers=headers,
            data=json.dumps(data),
            stream=True,
            logging_obj=logging_obj,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #5b8d79397d9112a2 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/vertex_ai/agent_engine/transformation.py:441
        response = await client.post(
            api_base,
            headers=headers,
            data=json.dumps(data),
            stream=True,
            logging_obj=logging_obj,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #cf17e68a9258d875 Filesystem access.
pkgs/python/[email protected]/litellm/llms/vertex_ai/files/transformation.py:223
        with open(str(content), "rb") as handle:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2703038d49779b90 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/vertex_ai/files/transformation.py:357
            litellm_params.get("gcs_bucket_name") or litellm_params.get("bucket_name") or os.getenv("GCS_BUCKET_NAME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #b3065d113c006a0a Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/vertex_ai/gemini/vertex_and_google_ai_studio_gemini.py:2575
        response = await client.post(api_base, headers=headers, data=data, stream=True, logging_obj=logging_obj)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #e3c14481d3228534 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/vertex_ai/gemini/vertex_and_google_ai_studio_gemini.py:2624
    response = client.post(api_base, headers=headers, data=data, stream=True, logging_obj=logging_obj)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #fc7e249a589dd255 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/vertex_ai/gemini/vertex_and_google_ai_studio_gemini.py:2837
            response = await client.post(
                api_base,
                headers=headers,
                json=cast(dict, request_body),
                logging_obj=logging_obj,
            )  # type: ignore

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #b493cee165b8582d Environment-variable access.
pkgs/python/[email protected]/litellm/llms/vertex_ai/image_edit/vertex_gemini_transformation.py:65
            or os.environ.get("VERTEXAI_PROJECT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b855626d21c672a5 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/vertex_ai/image_edit/vertex_gemini_transformation.py:73
            or os.environ.get("VERTEXAI_LOCATION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #954505a0ace1dd47 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/vertex_ai/image_edit/vertex_gemini_transformation.py:74
            or os.environ.get("VERTEX_LOCATION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #45a8394442c67686 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/vertex_ai/image_edit/vertex_gemini_transformation.py:83
            or os.environ.get("VERTEXAI_CREDENTIALS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #436023ac6e2dc767 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/vertex_ai/image_edit/vertex_gemini_transformation.py:85
            or os.environ.get("GOOGLE_APPLICATION_CREDENTIALS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8f32f9c907370056 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/vertex_ai/image_edit/vertex_imagen_transformation.py:73
            or os.environ.get("VERTEXAI_PROJECT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8b5672a072f222a2 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/vertex_ai/image_edit/vertex_imagen_transformation.py:81
            or os.environ.get("VERTEXAI_LOCATION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0bf747949b0eb976 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/vertex_ai/image_edit/vertex_imagen_transformation.py:82
            or os.environ.get("VERTEX_LOCATION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #de8e1e0e5cbeb0bf Environment-variable access.
pkgs/python/[email protected]/litellm/llms/vertex_ai/image_edit/vertex_imagen_transformation.py:91
            or os.environ.get("VERTEXAI_CREDENTIALS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f44e2f2076799cb9 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/vertex_ai/image_edit/vertex_imagen_transformation.py:93
            or os.environ.get("GOOGLE_APPLICATION_CREDENTIALS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a02e0a7ed699f419 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/vertex_ai/image_generation/vertex_gemini_transformation.py:116
            or os.environ.get("VERTEXAI_PROJECT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9639196e7b5c8223 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/vertex_ai/image_generation/vertex_gemini_transformation.py:124
            or os.environ.get("VERTEXAI_LOCATION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1c9316734c794233 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/vertex_ai/image_generation/vertex_gemini_transformation.py:125
            or os.environ.get("VERTEX_LOCATION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5dbc180cfc536dc2 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/vertex_ai/image_generation/vertex_gemini_transformation.py:134
            or os.environ.get("VERTEXAI_CREDENTIALS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1ac3f194372a7816 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/vertex_ai/image_generation/vertex_gemini_transformation.py:136
            or os.environ.get("GOOGLE_APPLICATION_CREDENTIALS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #13f1d155813e59ca Environment-variable access.
pkgs/python/[email protected]/litellm/llms/vertex_ai/image_generation/vertex_imagen_transformation.py:88
            or os.environ.get("VERTEXAI_PROJECT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #29b0fa9acea53d90 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/vertex_ai/image_generation/vertex_imagen_transformation.py:96
            or os.environ.get("VERTEXAI_LOCATION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #09297100108d7328 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/vertex_ai/image_generation/vertex_imagen_transformation.py:97
            or os.environ.get("VERTEX_LOCATION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #403e7a9389ff2bdf Environment-variable access.
pkgs/python/[email protected]/litellm/llms/vertex_ai/image_generation/vertex_imagen_transformation.py:106
            or os.environ.get("VERTEXAI_CREDENTIALS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #57ac298052ac2ec4 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/vertex_ai/image_generation/vertex_imagen_transformation.py:108
            or os.environ.get("GOOGLE_APPLICATION_CREDENTIALS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #3f1f6d01b7e39377 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/vertex_ai/multimodal_embeddings/embedding_handler.py:171
            response = await client.post(api_base, headers=headers, json=data)  # type: ignore

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #da67294cab650cef Environment-variable access.
pkgs/python/[email protected]/litellm/llms/vertex_ai/rag_engine/ingestion.py:89
        self.gcs_bucket = self.vector_store_config.get("gcs_bucket") or os.environ.get("GCS_BUCKET_NAME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d2b64c1fb963e4e1 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/vertex_ai/rag_engine/ingestion.py:127
        original_bucket = os.environ.get("GCS_BUCKET_NAME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #832533923fefa697 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/vertex_ai/rag_engine/ingestion.py:129
            os.environ["GCS_BUCKET_NAME"] = self.gcs_bucket

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cc6fe188f416e513 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/vertex_ai/rag_engine/ingestion.py:157
                os.environ["GCS_BUCKET_NAME"] = original_bucket

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9d91c13a72388b1e Environment-variable access.
pkgs/python/[email protected]/litellm/llms/vertex_ai/rag_engine/ingestion.py:158
            elif "GCS_BUCKET_NAME" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bc3db3083286ab48 Environment-variable access.
pkgs/python/[email protected]/litellm/llms/vertex_ai/rag_engine/ingestion.py:159
                del os.environ["GCS_BUCKET_NAME"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0378a9cbb28f33aa Environment-variable access.
pkgs/python/[email protected]/litellm/llms/vertex_ai/vertex_ai_non_gemini.py:145
                f"VERTEX AI: creds={creds}; google application credentials: {os.getenv('GOOGLE_APPLICATION_CREDENTIALS')}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #0025414f8cf24dd2 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/vertex_ai/vertex_ai_partner_models/count_tokens/handler.py:176
        response = await async_client.post(
            endpoint_url,
            headers=headers,
            json=request_data,
            timeout=30.0,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #3403609cab180fcc Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/vertex_ai/vertex_embeddings/embedding_handler.py:215
            response = await client.post(api_base, headers=headers, json=vertex_request)  # type: ignore

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #cf7745ce5087c357 Filesystem access.
pkgs/python/[email protected]/litellm/llms/vertex_ai/vertex_llm_base.py:114
                        with open(credentials) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #233ec8bf7d326228 Filesystem access.
pkgs/python/[email protected]/litellm/llms/xai/oauth.py:182
            with open(self.auth_file, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #e01f6d84dd8c36e2 Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/xai/oauth.py:230
            response = self._client().get(XAI_OAUTH_DISCOVERY_URL, headers={"Accept": "application/json"})

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #21dcb0b797ff4de0 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/llms/xai/oauth.py:309
            response = self._client().post(
                token_endpoint,
                headers={
                    "Accept": "application/json",
                    "Content-Type": "application/x-www-form-urlencoded",
                },
                data=data,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #9ea3e656e68f9e6a Environment-variable access.
pkgs/python/[email protected]/litellm/main.py:2536
    api_key = api_key or litellm.anthropic_key or litellm.api_key or os.environ.get("ANTHROPIC_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f9d4c8c47024704f Environment-variable access.
pkgs/python/[email protected]/litellm/main.py:2590
    api_key = api_key or litellm.anthropic_key or litellm.api_key or os.environ.get("ANTHROPIC_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #eb8d805e1cc2d804 Environment-variable access.
pkgs/python/[email protected]/litellm/main.py:2891
        or os.environ.get("HF_TOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e318fc9e89e0de9d Environment-variable access.
pkgs/python/[email protected]/litellm/main.py:2892
        or os.environ.get("HUGGINGFACE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ae362ddce58bbfc2 Environment-variable access.
pkgs/python/[email protected]/litellm/main.py:3044
        or os.getenv("DATABRICKS_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #097a2d53f4521079 Environment-variable access.
pkgs/python/[email protected]/litellm/main.py:4114
    api_key = api_key or litellm.ollama_key or os.environ.get("OLLAMA_API_KEY") or litellm.api_key

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #e3f52f16eb0193ad Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/main.py:4546
    resp = litellm.module_level_client.post(
        url,
        headers=headers,
        json={
            "model": model,
            "params": {
                "prompt": [prompt],
                "max_tokens": max_tokens,
                "temperature": temperature,
                "top_p": top_p,
                "top_k": kwargs.get("top_k"),
            },
            **kwargs.get("extra_body", {}),
        },
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #8f06cb73123375b3 Filesystem access.
pkgs/python/[email protected]/litellm/ocr/main.py:515
        with open(file_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #b94039c3547c576e Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/_experimental/mcp_server/auth/token_exchange.py:145
            response = await client.post(endpoint, **post_kwargs)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #bd36e29e4d62ce5e Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/_experimental/mcp_server/db.py:1049
        response = await async_client.post(
            token_url,
            headers={"Accept": "application/json", **client_auth.headers},
            data=token_data,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #e6d5951366f36fd4 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/_experimental/mcp_server/discoverable_endpoints.py:549
    response = await async_client.post(
        mcp_server.token_url,
        headers={"Accept": "application/json", **client_auth.headers},
        data=token_data,
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #e4b39d2677286c0f Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/_experimental/mcp_server/discoverable_endpoints.py:833
    response = await async_client.post(
        mcp_server.registration_url,
        headers=headers,
        json=register_data,
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #2faaf536e060a2fe Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/_experimental/mcp_server/discoverable_endpoints.py:1149
                response = await async_client.get(
                    candidate,
                    headers={"Accept": "application/json"},
                )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #93625d921f91c374 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/_experimental/mcp_server/discoverable_endpoints.py:1341
    env_issuer = os.getenv("JWT_ISSUER")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #8140eed6d0f71e99 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/_experimental/mcp_server/mcp_server_manager.py:2587
            return await client.get(url, follow_redirects=False)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #2725ab4259e7eb21 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/_experimental/mcp_server/mcp_server_manager.py:2607
            response = await client.get(server_url)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #64fde7b93ee7bb44 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/_experimental/mcp_server/oauth2_token_cache.py:128
            response = await client.post(server.token_url, **post_kwargs)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #93c622df2e647014 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/_experimental/mcp_server/oauth_utils.py:75
    configured = os.environ.get("PROXY_BASE_URL", "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b3dc1b6af3b94cad Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/_experimental/mcp_server/oauth_utils.py:214
    raw = os.environ.get(_TRUSTED_REDIRECT_ORIGINS_ENV, "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0964962710937ffa Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/_experimental/mcp_server/oauth_utils.py:272
    raw = os.environ.get(_TRUSTED_NATIVE_REDIRECT_URIS_ENV, "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cf731c26739128d8 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/_experimental/mcp_server/oauth_utils.py:470
        os.environ.get("PROXY_BASE_URL"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #15ea059ba32dc6d1 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/_experimental/mcp_server/oauth_utils.py:475
        os.environ.get(_TRUSTED_REDIRECT_ORIGINS_ENV),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b988e78d423f7bdc Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/_experimental/mcp_server/oauth_utils.py:476
        os.environ.get(_TRUSTED_NATIVE_REDIRECT_URIS_ENV),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e7ad71be5a8df826 Filesystem access.
pkgs/python/[email protected]/litellm/proxy/_experimental/mcp_server/openapi_to_mcp_generator.py:114
    with open(filepath, "r", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #62c342e36ae220a5 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/_experimental/mcp_server/openapi_to_mcp_generator.py:416
            response = await client.get(url, params=params, headers=effective_headers)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #3b3a63e9c4e99a78 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/_experimental/mcp_server/openapi_to_mcp_generator.py:418
            response = await client.post(url, params=params, json=json_body, headers=effective_headers)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #ad2530f155618baf Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/_experimental/mcp_server/openapi_to_mcp_generator.py:420
            response = await client.put(url, params=params, json=json_body, headers=effective_headers)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #4819592d158820e4 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/_experimental/mcp_server/outbound_credentials/per_user_oauth_store.py:108
        response = await client.post(url, headers=request_headers, data=form)  # pyright: ignore

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #8193bac2d7bada48 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/_experimental/mcp_server/outbound_credentials/token_exchange_provider.py:69
        response = await client.post(url, headers=headers, data=form)  # pyright: ignore

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #b67594cb177df7bd Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/_experimental/mcp_server/utils.py:33
LITELLM_MCP_SERVER_NAME = os.environ.get("LITELLM_MCP_SERVER_NAME", "litellm-mcp-server")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #49d07a3808089507 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/_experimental/mcp_server/utils.py:35
LITELLM_MCP_SERVER_DESCRIPTION = os.environ.get("LITELLM_MCP_SERVER_DESCRIPTION", "MCP Server for LiteLLM")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6bee514b3ff67da5 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/_experimental/mcp_server/utils.py:36
MCP_TOOL_PREFIX_SEPARATOR = os.environ.get("MCP_TOOL_PREFIX_SEPARATOR", "-")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4efc19e69985a7a2 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/_experimental/mcp_server/utils.py:86
    raw = os.environ.get("LITELLM_USE_SHORT_MCP_TOOL_PREFIX", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f1c5ed0b2d2647bf Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/_experimental/mcp_server/utils.py:529
    base = os.environ.get("PROXY_BASE_URL", "").rstrip("/")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #db6d03ab90f02edb Filesystem access.
pkgs/python/[email protected]/litellm/proxy/_lazy_openapi_snapshot.py:131
    SNAPSHOT_FILE.write_text(json.dumps(fragments, indent=2, sort_keys=True) + "\n")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3fd958f6c07f2009 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/_logging.py:11
log_level = os.getenv("LITELLM_LOG", "INFO")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #c83c11c439f7d049 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/agent_endpoints/databricks_oauth.py:177
            response = await client.post(
                config.token_url,
                data={
                    "grant_type": "client_credentials",
                    "scope": config.scope,
                },
                headers={
                    "Authorization": f"Basic {basic_auth}",
                    "Content-Type": "application/x-www-form-urlencoded",
                },
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #4ea7656af8552693 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/agent_endpoints/endpoints.py:154
AGENT_HEALTH_CHECK_TIMEOUT_SECONDS = float(os.environ.get("LITELLM_AGENT_HEALTH_CHECK_TIMEOUT", "5.0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #55ba2b6036828159 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/agent_endpoints/endpoints.py:155
AGENT_HEALTH_CHECK_GATHER_TIMEOUT_SECONDS = float(os.environ.get("LITELLM_AGENT_HEALTH_CHECK_GATHER_TIMEOUT", "30.0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #996d553e36440ad3 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/agent_endpoints/endpoints.py:176
        response = await client.get(url)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #5be0493097d47470 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/auth/auth_utils.py:1051
    microsoft_client_id = os.getenv("MICROSOFT_CLIENT_ID", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f1eac47c3173fc2d Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/auth/auth_utils.py:1052
    google_client_id = os.getenv("GOOGLE_CLIENT_ID", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #547f5b9b35aac37d Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/auth/auth_utils.py:1053
    generic_client_id = os.getenv("GENERIC_CLIENT_ID", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a40a530aa14ae770 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/auth/handle_jwt.py:679
        keys_url = os.getenv("JWT_PUBLIC_KEY_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #875bb5173f2eb264 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/auth/handle_jwt.py:798
        audience = os.getenv("JWT_AUDIENCE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bf8303f25869cbcb Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/auth/handle_jwt.py:799
        issuer = os.getenv("JWT_ISSUER")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #37d69e13ae48d8a5 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/auth/litellm_license.py:28
        self.license_str = os.getenv("LITELLM_LICENSE", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #82816e3d9992fcd0 Filesystem access.
pkgs/python/[email protected]/litellm/proxy/auth/litellm_license.py:46
                with open(_path_to_public_key, "rb") as key_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9286d02f815adf4d Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/auth/litellm_license.py:109
                self.license_str = os.getenv("LITELLM_LICENSE", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #390ac82683f00ed2 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/auth/login_utils.py:68
    ui_username = os.getenv("UI_USERNAME", "admin")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c8b37fbbd29c25e0 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/auth/login_utils.py:69
    ui_password = os.getenv("UI_PASSWORD", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dafafa2c4fc0b494 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/auth/login_utils.py:175
            os.getenv("PROXY_ADMIN_ID", None) is not None and os.environ["PROXY_ADMIN_ID"] == user_id

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #57f3608dfbef9068 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/auth/login_utils.py:178
            key_user_id = os.getenv("PROXY_ADMIN_ID", LITELLM_PROXY_ADMIN_NAME)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a0402d9fec8bfc8f Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/auth/login_utils.py:193
        if os.getenv("DATABASE_URL") is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f866ad0bc8d09ec7 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/auth/login_utils.py:268
            if os.getenv("DATABASE_URL") is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #132531146f5b491e Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/auth/oauth2_check.py:139
        token_info_endpoint = os.getenv("OAUTH_TOKEN_INFO_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d2d41110089a0a47 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/auth/oauth2_check.py:140
        user_id_field_name = os.environ.get("OAUTH_USER_ID_FIELD_NAME", "sub")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #db8243bee3556e53 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/auth/oauth2_check.py:141
        user_role_field_name = os.environ.get("OAUTH_USER_ROLE_FIELD_NAME", "role")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #764a6839e4650f29 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/auth/oauth2_check.py:142
        user_team_id_field_name = os.environ.get("OAUTH_USER_TEAM_ID_FIELD_NAME", "team_id")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7340ce0d81bb12f5 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/auth/oauth2_check.py:145
        oauth_client_id = os.environ.get("OAUTH_CLIENT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b14baf8bb3b1f95c Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/auth/oauth2_check.py:146
        oauth_client_secret = os.environ.get("OAUTH_CLIENT_SECRET")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #ecfc9591d29a145a Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/auth/oauth2_check.py:171
                response = await client.post(token_info_endpoint, headers=headers, data=data)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #85bb5b64e803a095 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/auth/oauth2_check.py:176
                response = await client.get(token_info_endpoint, headers=headers)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #85f5c293e77dd1d3 Filesystem access.
pkgs/python/[email protected]/litellm/proxy/auth/rds_iam_token.py:76
            oidc_token = open(aws_web_identity_token).read()  # check if filepath

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8bd0a7406de431d6 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/auth/rds_iam_token.py:161
            aws_region_name=os.getenv("AWS_REGION_NAME"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a811b542054b8607 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/auth/rds_iam_token.py:162
            aws_access_key_id=os.getenv("AWS_ACCESS_KEY_ID"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a8bebf98df2fe4d1 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/auth/rds_iam_token.py:163
            aws_secret_access_key=os.getenv("AWS_SECRET_ACCESS_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #47e55c267f4e8e88 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/auth/rds_iam_token.py:164
            aws_session_name=os.getenv("AWS_SESSION_NAME"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ea7d4d4fd098f272 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/auth/rds_iam_token.py:165
            aws_profile_name=os.getenv("AWS_PROFILE_NAME"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f845132268395719 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/auth/rds_iam_token.py:166
            aws_role_name=os.getenv("AWS_ROLE_NAME", os.getenv("AWS_ROLE_ARN")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c6d9167748ebb811 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/auth/rds_iam_token.py:167
            aws_web_identity_token=os.getenv("AWS_WEB_IDENTITY_TOKEN", os.getenv("AWS_WEB_IDENTITY_TOKEN_FILE")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #edf19c044854148e Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/client/chat.py:163
            response = session.post(url, headers=self._get_headers(), json=data, stream=True)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #b8ec4f1a8e62cf88 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/client/cli/commands/agents.py:200
        base_env if base_env is not None else os.environ,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cf124055262021c8 Filesystem access.
pkgs/python/[email protected]/litellm/proxy/client/cli/commands/auth.py:30
    with open(token_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #878b97db991afd9e Filesystem access.
pkgs/python/[email protected]/litellm/proxy/client/cli/commands/auth.py:43
        with open(token_file, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #e2ae5ecbaed635f0 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/client/cli/commands/auth.py:299
            response = requests.get(url, **request_kwargs)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #eacf9101feb60fdd Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/client/cli/commands/auth.py:344
    response = requests.post(f"{base_url}/sso/cli/start", timeout=10)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #32300b72434c21c8 Filesystem access.
pkgs/python/[email protected]/litellm/proxy/client/cli/commands/chat.py:275
        with open(filename, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b4d7665a46385b33 Filesystem access.
pkgs/python/[email protected]/litellm/proxy/client/cli/commands/chat.py:294
        with open(filename, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #0f4330eba037646c Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/client/cli/commands/credentials.py:115
    response = client.get(credential_name)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #be8956fe6068aa0a Filesystem access.
pkgs/python/[email protected]/litellm/proxy/client/cli/commands/models.py:368
    with open(yaml_file, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #b620897a9b3c8650 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/client/teams.py:62
        response = requests.get(url, headers=self._get_headers(), params=params)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #4c4a57469de53974 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/client/teams.py:119
        response = requests.get(url, headers=self._get_headers(), params=params)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #480719de7761c03a Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/client/teams.py:140
        response = requests.get(url, headers=self._get_headers())

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #345da0d284c9f090 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/client/users.py:20
        response = requests.get(url, headers=self._get_headers(), params=params)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #9aa750ec01cc7bf2 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/client/users.py:30
        response = requests.get(url, headers=self._get_headers(), params=params)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #8720335ef7ad781c Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/client/users.py:42
        response = requests.get(url, headers=self._get_headers(), params=params)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #cd6d2274559a1675 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/client/users.py:53
        response = requests.post(url, headers=self._get_headers(), json=user_data)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #f75dadc94ab15f09 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/client/users.py:62
        response = requests.post(url, headers=self._get_headers(), json={"user_ids": user_ids})

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #e4e866ff50f28f94 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/common_utils/debug_utils.py:85
if os.environ.get("LITELLM_PROFILE", "false").lower() == "true":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9ee50acc61daaec4 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/common_utils/debug_utils.py:759
            litellm_log_setting = os.environ.get("LITELLM_LOG", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #665ace29788361e2 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/common_utils/encrypt_decrypt_utils.py:26
    salt_key = os.getenv("LITELLM_SALT_KEY", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2eaf0b1bbec458ea Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/common_utils/html_forms/ui_login.py:5
url_to_redirect_to = os.getenv("PROXY_BASE_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cae5d7aeae4270cd Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/common_utils/html_forms/ui_login.py:6
server_root_path = os.getenv("SERVER_ROOT_PATH", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8ccf87b138b7e730 Filesystem access.
pkgs/python/[email protected]/litellm/proxy/common_utils/load_config_utils.py:108
        with open(local_file_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e08a1d01aecc2cc1 Filesystem access.
pkgs/python/[email protected]/litellm/proxy/common_utils/load_config_utils.py:155
        with open(local_file_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #88cf2acc07256a41 Filesystem access.
pkgs/python/[email protected]/litellm/proxy/common_utils/static_asset_utils.py:38
        with open(resolved, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d7268decffb395d8 Filesystem access.
pkgs/python/[email protected]/litellm/proxy/container_endpoints/handler_factory.py:31
    with open(config_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #678098ea9d8f8c94 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/db/check_migration.py:95
        db_url = os.getenv("DATABASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b8e33f83e54924e2 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/db/db_spend_update_writer.py:725
        spend_logs_url: Optional[str] = os.getenv("SPEND_LOGS_URL"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2d49adec19f297cd Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/db/db_url_settings.py:285
            os.environ["DATABASE_URL"] = writer_url

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #518e7d6f5655d073 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/db/db_url_settings.py:289
                os.environ[_IAM_ENV_KEY] = "True"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9042a1947b81b97a Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/db/db_url_settings.py:294
            os.environ["DATABASE_URL_READ_REPLICA"] = reader_url

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e92c2e9024193f18 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/db/dynamo_db.py:68
        os.environ["AWS_ACCESS_KEY_ID"] = aws_access_key_id

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #46e8cc29f01f8837 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/db/dynamo_db.py:69
        os.environ["AWS_SECRET_ACCESS_KEY"] = aws_secret_access_key

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3f693a16b7985a11 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/db/dynamo_db.py:70
        os.environ["AWS_SESSION_TOKEN"] = aws_session_token

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9d04413b7a515321 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/db/prisma_client.py:250
        db_url = os.getenv(self._db_url_env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #40c0948a83a70ee0 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/db/prisma_client.py:305
            db_host = os.getenv("DATABASE_HOST")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9c135ef522749621 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/db/prisma_client.py:309
            db_port = os.getenv("DATABASE_PORT", "5432")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7e5eb21205e58a8f Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/db/prisma_client.py:310
            db_user = os.getenv("DATABASE_USER")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #be05e0a3f6615962 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/db/prisma_client.py:311
            db_name = os.getenv("DATABASE_NAME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b41dfe3a192b486a Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/db/prisma_client.py:312
            db_schema = os.getenv("DATABASE_SCHEMA")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7b0f9898a97ee53d Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/db/prisma_client.py:320
        os.environ[self._db_url_env_var] = _db_url

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b49fa3ccfb2caee7 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/db/prisma_client.py:514
            if self._token_refresh_not_needed(os.getenv(self._db_url_env_var)):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #be30732e4a9229c1 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/db/prisma_client.py:577
            db_url = os.getenv(self._db_url_env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0f967c64ec978c6a Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/db/prisma_client.py:705
        disable_updates = os.getenv("DISABLE_SCHEMA_UPDATE", "false")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f02f81476ee6e9c4 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/db/routing_prisma_wrapper.py:249
        reader_url = os.getenv("DATABASE_URL_READ_REPLICA", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #de81bb15585af711 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/discovery_endpoints/ui_discovery_endpoints.py:22
        os.getenv("AUTO_REDIRECT_UI_LOGIN_TO_SSO", "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dda62a00c79691f6 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/discovery_endpoints/ui_discovery_endpoints.py:25
    admin_ui_disabled = os.getenv("DISABLE_ADMIN_UI", "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #215a4f33cf90c1ca Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/discovery_endpoints/ui_discovery_endpoints.py:27
        os.getenv("LITELLM_HIDE_DEFAULT_CREDENTIALS_HINT", "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4d4621087a6622e4 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/example_config_yaml/custom_auth.py:10
        modified_master_key = f"{os.getenv('LITELLM_MASTER_KEY')}-1234"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #61736a513e194740 Filesystem access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_endpoints.py:1371
        with open(category_file_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2487ac625173d05d Filesystem access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_endpoints.py:1406
        with open(airlines_path, "r", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fec7be3fce1f0abd Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/aim/aim.py:53
        self.api_key = api_key or os.environ.get("AIM_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fd11085d3763b1ee Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/aim/aim.py:60
        self.api_base = api_base or os.environ.get("AIM_API_BASE") or "https://api.aim.security"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4e1374fe42ae368d Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/akto/akto.py:80
        self.akto_base_url = (akto_base_url or os.environ.get("AKTO_GUARDRAIL_API_BASE", "")).rstrip("/")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ef04dea496210ecd Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/akto/akto.py:84
        self.akto_api_key = akto_api_key or os.environ.get("AKTO_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f047e9831a6bb318 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/akto/akto.py:90
        self.akto_account_id = akto_account_id or os.environ.get("AKTO_ACCOUNT_ID", "1000000")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #96e42dcc428be02a Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/akto/akto.py:91
        self.akto_vxlan_id = akto_vxlan_id or os.environ.get("AKTO_VXLAN_ID", "0")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #62af420e738cffa7 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/aporia_ai/aporia_ai.py:42
        self.aporia_api_key = api_key or os.environ["APORIO_API_KEY"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0221220a4c07df0f Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/aporia_ai/aporia_ai.py:43
        self.aporia_api_base = api_base or os.environ["APORIO_API_BASE"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7eacdb4fd09322e7 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/cato_networks/cato_networks.py:58
        self.api_key = api_key or os.environ.get("CATO_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4e99e02de5f1ac9d Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/cato_networks/cato_networks.py:65
        self.api_base = api_base or os.environ.get("CATO_API_BASE") or "https://api.aisec.catonetworks.com"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #89fd7a8d2787bb14 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/cisco_ai_defense/cisco_ai_defense.py:159
        resolved_api_key = api_key or os.environ.get("CISCO_AI_DEFENSE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a3692841f375b764 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/cisco_ai_defense/cisco_ai_defense.py:168
        self.api_base: str = (api_base or os.environ.get("CISCO_AI_DEFENSE_API_BASE") or CISCO_DEFAULT_API_BASE).rstrip(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f671d611d8b620f4 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/cisco_ai_defense/cisco_ai_defense.py:220
            env_timeout = os.environ.get("CISCO_AI_DEFENSE_TIMEOUT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #70dfa7e5d717df61 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/cisco_ai_defense/cisco_ai_defense.py:269
        candidate = value if value is not None else os.environ.get(env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3ec43fb98bc90422 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/crowdstrike_aidr/crowdstrike_aidr.py:136
        self.api_key = api_key or os.environ.get("CS_AIDR_TOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #08a25a76398b94af Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/crowdstrike_aidr/crowdstrike_aidr.py:142
        self.api_base = api_base or os.environ.get("CS_AIDR_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3c6649ffc20a5cd4 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/dynamoai/dynamoai.py:54
        self.api_key = api_key or os.getenv("DYNAMOAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6d31bc63984c6c4a Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/dynamoai/dynamoai.py:60
        self.api_base = api_base or os.getenv("DYNAMOAI_API_BASE", "https://api.dynamo.ai")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #793e406fa16628b5 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/dynamoai/dynamoai.py:64
        self.model_id = model_id or os.getenv("DYNAMOAI_MODEL_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4d8d38be09ab22e7 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/dynamoai/dynamoai.py:67
        env_policy_ids = os.getenv("DYNAMOAI_POLICY_IDS", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7fc12b8f10fe765f Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/enkryptai/enkryptai.py:65
        self.api_key = api_key or os.getenv("ENKRYPTAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7d53f1833607a2d6 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/enkryptai/enkryptai.py:71
        self.api_base = api_base or os.getenv("ENKRYPTAI_API_BASE", "https://api.enkryptai.com")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2c8c12b5752152ae Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/generic_guardrail_api/generic_guardrail_api.py:194
        base_url = api_base or os.environ.get("GENERIC_GUARDRAIL_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #700d81dd88eae918 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/grayswan/grayswan.py:82
        api_key_value = api_key or os.getenv("GRAYSWAN_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6373d01528bed45d Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/grayswan/grayswan.py:89
        base = api_base or os.getenv("GRAYSWAN_API_BASE") or self.BASE_API_URL

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7b7bc62a79db9b01 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/grayswan/grayswan.py:607
        env_val = os.getenv("GRAYSWAN_VIOLATION_THRESHOLD")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c01e3d4182cbfc04 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/grayswan/grayswan.py:618
        env_val = os.getenv("GRAYSWAN_REASONING_MODE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ce660177ac34733f Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/guardrails_ai/guardrails_ai.py:73
        self.guardrails_ai_api_base = api_base or os.getenv("GUARDRAILS_AI_API_BASE") or "http://0.0.0.0:8000"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #0e31d5072c5a9e67 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/hiddenlayer/hiddenlayer.py:48
    resp = requests.post(token_url, auth=HTTPBasicAuth(api_id, api_key))

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #11d3a7ba9ff8f52c Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/hiddenlayer/hiddenlayer.py:74
        self.hiddenlayer_client_id = api_id or os.getenv("HIDDENLAYER_CLIENT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #65f77327bbfc2137 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/hiddenlayer/hiddenlayer.py:75
        self.hiddenlayer_client_secret = api_key or os.getenv("HIDDENLAYER_CLIENT_SECRET")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #97c3637b8ad431e6 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/hiddenlayer/hiddenlayer.py:76
        self.api_base = api_base or os.getenv("HIDDENLAYER_API_BASE") or "https://api.hiddenlayer.ai"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9a08ad88c3df2d26 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/hiddenlayer/hiddenlayer.py:79
        auth_url = auth_url or os.getenv("HIDDENLAYER_AUTH_URL") or "https://auth.hiddenlayer.ai"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #b6fa6959676d55c5 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/hiddenlayer/hiddenlayer.py:223
            response = await self._http_client.post(
                f"{self.api_base}/detection/v1/interactions",
                json=data,
                headers=headers,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #d8ee93f9341c3802 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/hiddenlayer/hiddenlayer.py:244
                response = await self._http_client.post(
                    f"{self.api_base}/detection/v1/interactions",
                    json=data,
                    headers=headers,
                )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #66874ba02ee04c8d Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/hiddenlayer/hiddenlayer.py:278
        self.hiddenlayer_client_id = api_id or os.getenv("HIDDENLAYER_CLIENT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #416d17c59aba353a Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/hiddenlayer/hiddenlayer.py:279
        self.hiddenlayer_client_secret = api_key or os.getenv("HIDDENLAYER_CLIENT_SECRET")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #87c294981694e4d9 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/hiddenlayer/hiddenlayer.py:280
        self.api_base = api_base or os.getenv("HIDDENLAYER_API_BASE") or "https://api.hiddenlayer.ai"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2a60822d4c524f8f Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/hiddenlayer/hiddenlayer.py:283
        auth_url = auth_url or os.getenv("HIDDENLAYER_AUTH_URL") or "https://auth.hiddenlayer.ai"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #00cb2c2512fc7619 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/hiddenlayer/hiddenlayer.py:421
            response = await self._http_client.post(
                f"{self.api_base}/{path}",
                json=payload,
                headers=headers,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #c6c9dae493a35980 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/hiddenlayer/hiddenlayer.py:441
                response = await self._http_client.post(
                    f"{self.api_base}/{path}",
                    json=payload,
                    headers=headers,
                )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #e8ef7c4e86ae66da Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/ibm_guardrails/ibm_detector.py:55
        self.auth_token = auth_token or os.getenv("IBM_GUARDRAILS_AUTH_TOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bc3bde708993fe28 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/lakera_ai.py:58
        self.lakera_api_key = api_key or os.environ.get("LAKERA_API_KEY") or ""

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #46f98f2478442422 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/lakera_ai_v2.py:63
        self.lakera_api_key = api_key or os.environ.get("LAKERA_API_KEY") or ""

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #28a039051d19ae4a Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/lasso/lasso.py:107
        self.lasso_api_key = lasso_api_key or api_key or os.environ.get("LASSO_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8132830bc5643233 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/lasso/lasso.py:108
        self.user_id = user_id or os.environ.get("LASSO_USER_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a44dc06b63feffef Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/lasso/lasso.py:109
        self.conversation_id = conversation_id or os.environ.get("LASSO_CONVERSATION_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bb2dbc33cc7263ea Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/lasso/lasso.py:118
        self.api_base = api_base or os.getenv("LASSO_API_BASE") or "https://server.lasso.security/gateway/v3"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #02ff3154a7faebed Filesystem access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/litellm_content_filter/competitor_intent/airline.py:126
        with open(_MAJOR_AIRLINES_PATH, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #61189e6d4491cd77 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/litellm_content_filter/content_filter.py:357
        allow_external = os.environ.get("LITELLM_CONTENT_FILTER_ALLOW_EXTERNAL_PATHS", "").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #34b390348f812d23 Filesystem access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/litellm_content_filter/content_filter.py:613
        with open(file_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fbafa77d407d4a39 Filesystem access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/litellm_content_filter/content_filter.py:639
        with open(file_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #25f90a55b10e2cbe Filesystem access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/litellm_content_filter/content_filter.py:739
            with open(file_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fb21e3f28a726922 Filesystem access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/litellm_content_filter/guardrail_benchmarks/test_eval.py:40
    with open(path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2a41bbc9dd2ea54d Filesystem access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/litellm_content_filter/guardrail_benchmarks/test_eval.py:147
    with open(result_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c07491252af9e09b Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/litellm_content_filter/guardrail_benchmarks/test_eval.py:556
    not os.environ.get("OPENAI_API_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a49254659dde2f1a Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/litellm_content_filter/guardrail_benchmarks/test_eval.py:575
    not os.environ.get("ANTHROPIC_API_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a600256771ac0256 Filesystem access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/litellm_content_filter/patterns.py:18
    with open(json_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8e677ef66e903fbb Filesystem access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/litellm_content_filter/patterns.py:151
                with open(category_file_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #953591070dbb3013 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/mcp_jwt_signer/mcp_jwt_signer.py:109
    key_material = os.environ.get(env_var, "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4b5545f2095b74ac Filesystem access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/mcp_jwt_signer/mcp_jwt_signer.py:114
        with open(path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #faccaf46f505db94 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/mcp_jwt_signer/mcp_jwt_signer.py:163
    resp = await client.get(jwks_uri, headers={"Accept": "application/json"})

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #7d7c1a43d94a0d91 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/mcp_jwt_signer/mcp_jwt_signer.py:178
    resp = await client.get(discovery_uri, headers={"Accept": "application/json"})

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #977de8d4461fede5 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/mcp_jwt_signer/mcp_jwt_signer.py:246
        key_material = os.environ.get(self.SIGNING_KEY_ENV)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0de0d9575a2de33d Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/mcp_jwt_signer/mcp_jwt_signer.py:264
            issuer or os.environ.get("MCP_JWT_ISSUER") or os.environ.get("LITELLM_EXTERNAL_URL") or "litellm"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #afca5a20b2996da6 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/mcp_jwt_signer/mcp_jwt_signer.py:266
        self.audience: str = audience or os.environ.get("MCP_JWT_AUDIENCE") or self.DEFAULT_AUDIENCE

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6422d5ed2f7d8fe1 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/mcp_jwt_signer/mcp_jwt_signer.py:268
            ttl_seconds if ttl_seconds is not None else os.environ.get("MCP_JWT_TTL_SECONDS", str(self.DEFAULT_TTL))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #ed2e07fe960d854f Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/mcp_jwt_signer/mcp_jwt_signer.py:474
        resp = await client.post(
            self.token_introspection_endpoint,
            data={"token": token},
            headers={"Accept": "application/json"},
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #dd5d248e77815f95 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/noma/noma.py:130
        self.api_key = api_key or os.environ.get("NOMA_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #42f2dbc6288990da Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/noma/noma.py:131
        self.api_base = api_base or os.environ.get("NOMA_API_BASE", NomaGuardrail._DEFAULT_API_BASE)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7d53fedb69cd1b9d Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/noma/noma.py:132
        self.application_id = application_id or os.environ.get("NOMA_APPLICATION_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d8a188e946f2e92f Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/noma/noma.py:136
            self.monitor_mode = os.environ.get("NOMA_MONITOR_MODE", "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5ca5fa7570e4c3ba Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/noma/noma.py:141
            self.block_failures = os.environ.get("NOMA_BLOCK_FAILURES", "true").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4de6a25703edef47 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/noma/noma.py:146
            self.anonymize_input = os.environ.get("NOMA_ANONYMIZE_INPUT", "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d45cd131ad840e69 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/noma/noma_v2.py:58
        self.api_key = api_key or os.environ.get("NOMA_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3882ee592ea2621b Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/noma/noma_v2.py:59
        self.api_base = (api_base or os.environ.get("NOMA_API_BASE") or _DEFAULT_API_BASE).rstrip("/")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4cd4ea917ff4a9e3 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/noma/noma_v2.py:60
        self.application_id = application_id or os.environ.get("NOMA_APPLICATION_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #aebbc4acaf64f4e2 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/noma/noma_v2.py:62
            self.monitor_mode = os.environ.get("NOMA_MONITOR_MODE", "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b1a5d27018891501 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/noma/noma_v2.py:67
            self.block_failures = os.environ.get("NOMA_BLOCK_FAILURES", "true").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2e9c9a52f0f48a2a Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/onyx/onyx.py:38
        timeout = timeout or int(os.getenv("ONYX_TIMEOUT", 10.0))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #eaed2d4ffc8fea6c Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/onyx/onyx.py:43
        self.api_base = api_base or os.getenv(
            "ONYX_API_BASE",
            "https://ai-guard.onyx.security",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e4714cfdb1078d0a Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/onyx/onyx.py:47
        self.api_key = api_key or os.getenv("ONYX_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #83518869bd6562e7 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/openai/moderations.py:112
            os.environ.get("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4758d64798ca26fd Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/ovalix/ovalix.py:78
        self._tracker_api_base = tracker_api_base or os.environ.get("OVALIX_TRACKER_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5defcb6c16373c76 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/ovalix/ovalix.py:79
        self._tracker_api_key = tracker_api_key or os.environ.get("OVALIX_TRACKER_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b4b1174a4141adee Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/ovalix/ovalix.py:80
        self._application_id = application_id or os.environ.get("OVALIX_APPLICATION_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7cab5d5c591d6010 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/ovalix/ovalix.py:81
        self._pre_checkpoint_id = pre_checkpoint_id or os.environ.get("OVALIX_PRE_CHECKPOINT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #da0104d727712253 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/ovalix/ovalix.py:82
        self._post_checkpoint_id = post_checkpoint_id or os.environ.get("OVALIX_POST_CHECKPOINT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f792c1221cf58f2d Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/pangea/pangea.py:81
        self.api_key = api_key or os.environ.get("PANGEA_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c9e44e2225920292 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/pangea/pangea.py:88
        self.api_base = api_base or os.environ.get("PANGEA_API_BASE") or "https://ai-guard.aws.us.pangea.cloud"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ba54845a9ea60ff2 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/panw_prisma_airs/panw_prisma_airs.py:112
        self.api_key = api_key or os.getenv("PANW_PRISMA_AIRS_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #323d107df6935789 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/panw_prisma_airs/panw_prisma_airs.py:114
            api_base or os.getenv("PANW_PRISMA_AIRS_API_BASE") or "https://service.api.aisecurity.paloaltonetworks.com"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #86d6f598ba3eea4a Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/panw_prisma_airs/panw_prisma_airs.py:354
            response = await async_client.client.post(  # type: ignore[attr-defined]
                f"{self.api_base}/v1/scan/sync/request",
                headers=headers,
                json=payload,
                timeout=self.timeout,
                follow_redirects=False,  # Prevent redirect attacks
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #360bf69d2fa3947a Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/pillar/pillar.py:199
        self.api_key = api_key or os.environ.get("PILLAR_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a4cd4e5d41dc5bf4 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/pillar/pillar.py:208
        self.api_base = api_base or os.getenv("PILLAR_API_BASE") or self.BASE_API_URL

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #88eb6c3b86d93f40 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/pillar/pillar.py:211
        action = on_flagged_action or os.environ.get("PILLAR_ON_FLAGGED_ACTION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e693e4654d013230 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/pillar/pillar.py:247
        action = fallback_on_error or os.environ.get("PILLAR_FALLBACK_ON_ERROR")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c8610fce709696fc Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/pillar/pillar.py:264
                self.timeout = float(os.environ.get("PILLAR_TIMEOUT", str(self.DEFAULT_TIMEOUT)))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1598ce07d4d66b36 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/pillar/pillar.py:267
                    f"Pillar Guardrail: Invalid PILLAR_TIMEOUT value '{os.environ.get('PILLAR_TIMEOUT')}', "

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #76269e24786317d3 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/pillar/pillar.py:585
            env_value = os.getenv(env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #37af8ecb05e6a124 Filesystem access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/presidio.py:129
                with open(ad_hoc_recognizers, "r") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #90cc6d2c9cbab8a2 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/presidio.py:311
                async with session.post(
                    analyze_url,
                    json=analyze_payload,
                    headers={"Accept": "application/json"},
                ) as response:

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #dd8b53402999405e Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/presidio.py:397
            async with session.post(
                anonymize_url,
                json=anonymize_payload,
                headers={"Accept": "application/json"},
            ) as response:

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #ff4a5a234505bcd3 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/prompt_security/prompt_security.py:39
        self.api_key = api_key or os.environ.get("PROMPT_SECURITY_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c4a1cbfe640f7895 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/prompt_security/prompt_security.py:40
        self.api_base = api_base or os.environ.get("PROMPT_SECURITY_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #63e6f0e8bb5fdc26 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/prompt_security/prompt_security.py:41
        self.user = user or os.environ.get("PROMPT_SECURITY_USER")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d9514b048c8a6280 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/prompt_security/prompt_security.py:42
        self.system_prompt = system_prompt or os.environ.get("PROMPT_SECURITY_SYSTEM_PROMPT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e3a1f380df84105a Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/prompt_security/prompt_security.py:48
            check_tool_results_env = os.environ.get("PROMPT_SECURITY_CHECK_TOOL_RESULTS", "false").lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #17b41e94ed3dbff9 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/promptguard/promptguard.py:57
        self.api_key = api_key or os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d2bcf61b25d44128 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/promptguard/promptguard.py:57
        self.api_key = api_key or os.environ.get(
            "PROMPTGUARD_API_KEY",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c6781e29b4c5fde1 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/promptguard/promptguard.py:68
        self.api_base = (api_base or os.environ.get("PROMPTGUARD_API_BASE") or _DEFAULT_API_BASE).rstrip("/")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c340acb87603f87a Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/promptguard/promptguard.py:71
            env = os.environ.get("PROMPTGUARD_BLOCK_ON_ERROR", "true")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1724d7a93aeb8696 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/qohash/qohash.py:29
        api_base = api_base or os.environ.get("QOSTODIAN_NEXUS_API_BASE", "http://nexus:8800")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d98b79729a8f320f Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/qualifire/qualifire.py:65
        self.qualifire_api_key = api_key or get_secret_str("QUALIFIRE_API_KEY") or os.environ.get("QUALIFIRE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a8abe67cd640a7bd Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/qualifire/qualifire.py:69
            or os.environ.get("QUALIFIRE_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #001a456db9561764 Filesystem access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/semantic_guard/route_loader.py:38
        with open(file_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fb8354692fbdea65 Filesystem access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/semantic_guard/route_loader.py:56
        with open(file_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6149af68e58321e4 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/xecguard/xecguard.py:92
        self.api_key = api_key or os.environ.get("XECGUARD_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f51dfc13d11d2294 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/xecguard/xecguard.py:101
        self.api_base = (api_base or os.environ.get("XECGUARD_API_BASE") or _DEFAULT_API_BASE).rstrip("/")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0c94068054d662e8 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/xecguard/xecguard.py:107
            env = os.environ.get("XECGUARD_BLOCK_ON_ERROR", "true")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b54679be8ccdfdec Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/zscaler_ai_guard/zscaler_ai_guard.py:41
        self.zscaler_ai_guard_url = api_base or os.getenv(
            "ZSCALER_AI_GUARD_URL",
            "https://api.us1.zseclipse.net/v1/detection/execute-policy",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f9dbe5aacef5aff6 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/zscaler_ai_guard/zscaler_ai_guard.py:45
        self.policy_id = policy_id if policy_id is not None else int(os.getenv("ZSCALER_AI_GUARD_POLICY_ID", -1))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #842930e3ec1d6068 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/zscaler_ai_guard/zscaler_ai_guard.py:46
        self.api_key = api_key or os.getenv("ZSCALER_AI_GUARD_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #40ffcfd51f6ec76a Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/zscaler_ai_guard/zscaler_ai_guard.py:50
            else os.getenv("SEND_USER_API_KEY_ALIAS", "False").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f3aee55ad649364c Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/zscaler_ai_guard/zscaler_ai_guard.py:55
            else os.getenv("SEND_USER_API_KEY_USER_ID", "False").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dd60aab6932f5b0e Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/zscaler_ai_guard/zscaler_ai_guard.py:60
            else os.getenv("SEND_USER_API_KEY_TEAM_ID", "False").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #7c6b382b8bda16f9 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/guardrails/guardrail_hooks/zscaler_ai_guard/zscaler_ai_guard.py:254
        response = await async_client.post(
            f"{url}",
            headers=headers,
            json=data,
            timeout=GUARDRAIL_TIMEOUT,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #2a06890352ba1755 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/health_endpoints/_health_endpoints.py:414
                user_email=os.getenv("TEST_EMAIL_ADDRESS"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4e9d12d706e0f3eb Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/health_endpoints/_health_endpoints.py:1504
    env_token = os.getenv("DRAIN_ENDPOINT_TOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #505a63cdc8a6c4eb Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/hooks/__init__.py:31
if os.getenv("LEGACY_MULTI_INSTANCE_RATE_LIMITING", "false").lower() == "true":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #328c5d0fed845f26 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/hooks/dynamic_rate_limiter.py:114
                if os.getenv("LITELLM_LICENSE", None) is None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3066bdd13cf5302b Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/hooks/dynamic_rate_limiter_v3.py:120
            if os.getenv("LITELLM_LICENSE", None) is None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0d630cacec2071ff Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/hooks/max_budget_per_session_limiter.py:71
            os.getenv(
                "LITELLM_MAX_BUDGET_PER_SESSION_TTL",
                DEFAULT_MAX_BUDGET_PER_SESSION_TTL,
            )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6f0a36c3b8984dda Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/hooks/max_iterations_limiter.py:73
        self.ttl = int(os.getenv("LITELLM_MAX_ITERATIONS_TTL", DEFAULT_MAX_ITERATIONS_TTL))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d73fbb970fe4cb49 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/hooks/parallel_request_limiter_v3.py:308
        self.window_size = int(os.getenv("LITELLM_RATE_LIMIT_WINDOW_SIZE", 60))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e0fee847ceeede1c Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/hooks/parallel_request_limiter_v3.py:314
        self.tpm_reservation_enabled = os.getenv("LITELLM_TPM_TOKEN_RESERVATION_ENABLED", "true").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #45459a8ee3de46d4 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/hooks/responses_id_security.py:166
        salt_key = os.getenv("LITELLM_SALT_KEY", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fc84de3697d7b89b Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/hooks/sensitive_data_routing.py:46
            os.getenv(
                "LITELLM_SENSITIVE_ROUTING_TTL",
                str(DEFAULT_SENSITIVE_ROUTING_TTL),
            )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d9df810075f9c7f3 Filesystem access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/callback_management_endpoints.py:52
    with open(config_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f0907ea6b2fca4f0 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/config_override_endpoints.py:153
        env_value = os.environ.get(env_var_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #59dc39cdcacc96bb Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/config_override_endpoints.py:195
            os.environ[env_var_name] = str(value)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4efb79695f371ae7 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/config_override_endpoints.py:197
            os.environ.pop(env_var_name, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #1096877311747d6e Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/config_override_endpoints.py:517
        response = await async_client.get(lookup_url, headers=headers)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #cefe0fe191db02f3 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/key_management_endpoints.py:4356
    grace_period_value = grace_period or os.getenv("LITELLM_KEY_ROTATION_GRACE_PERIOD", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d82bb99d05f01d19 Filesystem access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/mcp_management_endpoints.py:2382
            with open(_MCP_REGISTRY_PATH, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #65051096ec53ebba Filesystem access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/mcp_management_endpoints.py:2452
        with open(_OPENAPI_REGISTRY_PATH, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5349cbdd6cefc71c Filesystem access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/policy_endpoints/endpoints.py:616
    with open(path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #42b54023a6da3ad8 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/policy_endpoints/endpoints.py:636
    use_local = os.getenv("LITELLM_LOCAL_POLICY_TEMPLATES", "").strip().lower() in (

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #88fd45a5c319fb01 Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/policy_endpoints/endpoints.py:652
        response = await async_client.get(POLICY_TEMPLATES_GITHUB_URL)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #1a331cf77159b8eb Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/sso/custom_microsoft_sso.py:59
        custom_authorization_endpoint = os.getenv("MICROSOFT_AUTHORIZATION_ENDPOINT", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #41853dabbb00b960 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/sso/custom_microsoft_sso.py:60
        custom_token_endpoint = os.getenv("MICROSOFT_TOKEN_ENDPOINT", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #17534ee2633100b9 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/sso/custom_microsoft_sso.py:61
        custom_userinfo_endpoint = os.getenv("MICROSOFT_USERINFO_ENDPOINT", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b20020d399af5f91 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:803
                generic_user_role_attribute_name = os.getenv("GENERIC_USER_ROLE_ATTRIBUTE", "role")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #41326bc8cc0596ef Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:845
    microsoft_client_id = os.getenv("MICROSOFT_CLIENT_ID", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d55e661cc25588ed Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:846
    google_client_id = os.getenv("GOOGLE_CLIENT_ID", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #16683c0500684130 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:847
    generic_client_id = os.getenv("GENERIC_CLIENT_ID", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5a03df5911d56757 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:850
    _disable_ui_flag = os.getenv("DISABLE_ADMIN_UI")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #54fb01589f2ca2bc Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:945
        os.getenv("LITELLM_HIDE_DEFAULT_CREDENTIALS_HINT", "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6d2d62bd758b5283 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:964
    generic_user_id_attribute_name = os.getenv("GENERIC_USER_ID_ATTRIBUTE", "preferred_username")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #de5b73851ddd898b Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:965
    generic_user_display_name_attribute_name = os.getenv("GENERIC_USER_DISPLAY_NAME_ATTRIBUTE", "sub")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a392396f663210c4 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:966
    generic_user_email_attribute_name = os.getenv("GENERIC_USER_EMAIL_ATTRIBUTE", "email")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d42a1a72882beeb5 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:968
    generic_user_first_name_attribute_name = os.getenv("GENERIC_USER_FIRST_NAME_ATTRIBUTE", "first_name")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c819ac6e5a472a28 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:969
    generic_user_last_name_attribute_name = os.getenv("GENERIC_USER_LAST_NAME_ATTRIBUTE", "last_name")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7a4300a4a298dbe3 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:971
    generic_provider_attribute_name = os.getenv("GENERIC_USER_PROVIDER_ATTRIBUTE", "provider")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ee5bda6ca65165a8 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:973
    generic_user_role_attribute_name = os.getenv("GENERIC_USER_ROLE_ATTRIBUTE", "role")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6e0a164e0d44fc87 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:975
    generic_user_extra_attributes = os.getenv("GENERIC_USER_EXTRA_ATTRIBUTES", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0a496d3b78cc26a2 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:1072
    generic_client_secret = os.getenv("GENERIC_CLIENT_SECRET", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #588881afc22a5041 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:1073
    generic_scope = os.getenv("GENERIC_SCOPE", "openid email profile").split(" ")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9be866aabed7159e Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:1074
    generic_authorization_endpoint = os.getenv("GENERIC_AUTHORIZATION_ENDPOINT", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0790e7b7cbd89d4f Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:1075
    generic_token_endpoint = os.getenv("GENERIC_TOKEN_ENDPOINT", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f9819ea48fc8bf41 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:1076
    generic_userinfo_endpoint = os.getenv("GENERIC_USERINFO_ENDPOINT", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a5e692a1c2aca85e Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:1077
    generic_include_client_id = os.getenv("GENERIC_INCLUDE_CLIENT_ID", "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #607ac69b537db263 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:1187
    generic_role_mappings = os.getenv("GENERIC_ROLE_MAPPINGS_ROLES", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #134b5a1b2db2b48d Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:1188
    generic_role_mappings_group_claim = os.getenv("GENERIC_ROLE_MAPPINGS_GROUP_CLAIM", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9fc7bb84c59dd304 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:1189
    generic_role_mappings_default_role = os.getenv("GENERIC_ROLE_MAPPINGS_DEFAULT_ROLE", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a11e14879f3e5ec4 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:1220
    raw = os.getenv("GENERIC_SSO_HEADERS", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dd7e29ec01cf4868 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:1244
    pkce_configured = os.getenv("GENERIC_CLIENT_USE_PKCE", "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d814d75a3e704987 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:1728
    proxy_admin_id = os.getenv("PROXY_ADMIN_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #19655db928f80f84 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:1777
    microsoft_client_id = os.getenv("MICROSOFT_CLIENT_ID", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9d962b66d1467511 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:1778
    google_client_id = os.getenv("GOOGLE_CLIENT_ID", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5564d49a661340ad Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:1779
    generic_client_id = os.getenv("GENERIC_CLIENT_ID", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #514b6309587969cd Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:2010
            generic_client_id=os.getenv("GENERIC_CLIENT_ID", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9d94d4cf61eb22fc Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:2279
    _proxy_base_url = os.getenv("PROXY_BASE_URL", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3525a4c1bcfe9667 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:2280
    _logout_url = os.getenv("PROXY_LOGOUT_URL", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9f2d3fcd9b2e002f Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:2281
    _api_doc_base_url = os.getenv("LITELLM_UI_API_DOC_BASE_URL", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f4e73d36a4ffa4c6 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:2287
    if "PROXY_DEFAULT_TEAM_DISABLED" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #496f9783160451f3 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:2288
        if os.environ["PROXY_DEFAULT_TEAM_DISABLED"].lower() == "true":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #57aecc6ce461c13b Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:2312
    microsoft_client_id = os.getenv("MICROSOFT_CLIENT_ID", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9352ce945a6a624f Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:2313
    google_client_id = os.getenv("GOOGLE_CLIENT_ID", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e00a337b4c6e18cb Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:2314
    generic_client_id = os.getenv("GENERIC_CLIENT_ID", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d124077ccb600fd7 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:2337
        google_client_secret = os.getenv("GOOGLE_CLIENT_SECRET", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9338f72f3e45cb21 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:2342
        microsoft_client_secret = os.getenv("MICROSOFT_CLIENT_SECRET", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6486e2607615775a Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:2343
        microsoft_tenant = os.getenv("MICROSOFT_TENANT", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1e1dc48c187fda55 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:2350
        generic_client_secret = os.getenv("GENERIC_CLIENT_SECRET", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d214ceb167db95fc Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:2351
        generic_authorization_endpoint = os.getenv("GENERIC_AUTHORIZATION_ENDPOINT", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c344135dc8a73156 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:2352
        generic_token_endpoint = os.getenv("GENERIC_TOKEN_ENDPOINT", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #92e9912b1631fd03 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:2353
        generic_userinfo_endpoint = os.getenv("GENERIC_USERINFO_ENDPOINT", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8fe93c303aeff0c0 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:2448
            google_client_secret = os.getenv("GOOGLE_CLIENT_SECRET", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0fd5194d302a7dfd Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:2468
            microsoft_client_secret = os.getenv("MICROSOFT_CLIENT_SECRET", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fbbdd08f5a51474f Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:2469
            microsoft_tenant = os.getenv("MICROSOFT_TENANT", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6a861ea927f6ded9 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:2490
            generic_client_secret = os.getenv("GENERIC_CLIENT_SECRET", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #12a22949d57b2db8 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:2491
            generic_scope = os.getenv("GENERIC_SCOPE", "openid email profile").split(" ")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #622f95786bd8ebfb Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:2492
            generic_authorization_endpoint = os.getenv("GENERIC_AUTHORIZATION_ENDPOINT", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a3f55266ec468c51 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:2493
            generic_token_endpoint = os.getenv("GENERIC_TOKEN_ENDPOINT", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b5858ab5b507dd06 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:2494
            generic_userinfo_endpoint = os.getenv("GENERIC_USERINFO_ENDPOINT", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c51773c869f83c84 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:2697
            generic_client_state = os.getenv("GENERIC_CLIENT_STATE", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #11749d73a8e50d17 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:2705
        use_pkce = os.getenv("GENERIC_CLIENT_USE_PKCE", "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a59d2466e132fa0d Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:2962
        if user_email is not None and os.getenv("ALLOWED_EMAIL_DOMAINS") is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2a1c2f3b4c91e49b Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:2964
            allowed_domains = os.getenv("ALLOWED_EMAIL_DOMAINS").split(",")  # type: ignore

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8c29171fe1238900 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:2985
            generic_user_role_attribute_name = os.getenv("GENERIC_USER_ROLE_ATTRIBUTE", "role")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f9f6080bee450c46 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:3238
        use_pkce = os.getenv("GENERIC_CLIENT_USE_PKCE", "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4227d84bcb9d20e2 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:3326
        strict_cache_miss = os.getenv("PKCE_STRICT_CACHE_MISS", "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #297771ecaf14ad1a Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:3760
        microsoft_client_secret = os.getenv("MICROSOFT_CLIENT_SECRET", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bb1415200e527f71 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:3761
        microsoft_tenant = os.getenv("MICROSOFT_TENANT", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #41d91a661df0cc65 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:3903
            service_principal_id = os.getenv("MICROSOFT_SERVICE_PRINCIPAL_ID", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #7a4ed7c752bb0b5a Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:3954
        response = await async_client.get(url, headers=headers)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #113e346dc8903b37 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:4016
        response = await async_client.get(url, headers=headers)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #2112908e248fb890 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:4081
        google_client_secret = os.getenv("GOOGLE_CLIENT_SECRET", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6025d74d0a215023 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:4118
    microsoft_client_id = os.getenv("MICROSOFT_CLIENT_ID", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #58c08cc1e630441e Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:4119
    google_client_id = os.getenv("GOOGLE_CLIENT_ID", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7e66a73c7870ba4c Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:4120
    generic_client_id = os.getenv("GENERIC_CLIENT_ID", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #eb11d100f4dfc464 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:4187
    microsoft_client_id = os.getenv("MICROSOFT_CLIENT_ID", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cc06567a817c793f Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:4188
    google_client_id = os.getenv("GOOGLE_CLIENT_ID", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #86d9fb1ab606ffa2 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:4189
    generic_client_id = os.getenv("GENERIC_CLIENT_ID", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2b7694c478fc41a2 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/management_endpoints/ui_sso.py:4191
    redirect_url = os.getenv("PROXY_BASE_URL", str(request.base_url))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3f66c2eb9bfe044d Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/middleware/in_flight_requests_middleware.py:65
            if "PROMETHEUS_MULTIPROC_DIR" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bc1638ad31279428 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/middleware/security_headers_middleware.py:29
    return os.getenv("LITELLM_ENABLE_HSTS", "false").strip().lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9f99085ad4a558c6 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/pass_through_endpoints/llm_passthrough_endpoints.py:196
    base_target_url = os.getenv("GEMINI_API_BASE") or "https://generativelanguage.googleapis.com"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #00908a7dc63b5891 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/pass_through_endpoints/llm_passthrough_endpoints.py:259
    base_target_url = os.getenv("COHERE_API_BASE") or "https://api.cohere.com"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #920cd31e33ee3259 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/pass_through_endpoints/llm_passthrough_endpoints.py:382
    base_target_url = os.getenv("MISTRAL_API_BASE") or "https://api.mistral.ai"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #45616b420df39d42 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/pass_through_endpoints/llm_passthrough_endpoints.py:573
    base_target_url = os.getenv("ANTHROPIC_API_BASE") or os.getenv("ANTHROPIC_BASE_URL") or "https://api.anthropic.com"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #949d22cfbbe9f3c4 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/pass_through_endpoints/llm_passthrough_endpoints.py:1909
    base_target_url = os.getenv("OPENAI_API_BASE") or "https://api.openai.com/"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5ad094b924ea0ac2 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/pass_through_endpoints/llm_passthrough_endpoints.py:2061
    base_target_url = os.getenv("CURSOR_API_BASE") or "https://api.cursor.com"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #bc96ed4c9b9041ec Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy/pass_through_endpoints/llm_provider_handlers/assembly_passthrough_logging_handler.py:203
            response = httpx.get(url, headers=headers)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #7e88ac4f161b45b2 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/plugin_routes.py:133
    salt = os.getenv("LITELLM_SALT_KEY", "").encode()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5fb4145a774c870f Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/plugin_routes.py:232
    if not os.getenv("LITELLM_SALT_KEY"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #59fe0d8589500010 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/prometheus_cleanup.py:31
    if not os.environ.get("PROMETHEUS_MULTIPROC_DIR"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #708fe6722cda83ba Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_cli.py:29
litellm_mode = os.getenv("LITELLM_MODE", "DEV")  # "PRODUCTION", "DEV"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #935c7e3e441bd292 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_cli.py:298
        os.environ["LITELLM_DEV_ENV_HOT_RELOAD"] = "True"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #244afe5c9ca06b3a Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_cli.py:483
        if os.environ.get("PROMETHEUS_MULTIPROC_DIR"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f956a54f97630365 Filesystem access.
pkgs/python/[email protected]/litellm/proxy/proxy_cli.py:505
            with open(os.devnull, "w") as devnull:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5b9128f31783be93 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_cli.py:557
        multiproc_dir = os.environ.get("PROMETHEUS_MULTIPROC_DIR") or os.environ.get("prometheus_multiproc_dir")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5e36ea2bf14ce8f8 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_cli.py:562
            os.environ["PROMETHEUS_MULTIPROC_DIR"] = multiproc_dir

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ea7af1dcb6cac798 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_cli.py:984
            db_host = os.getenv("DATABASE_HOST")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b6deabf3882c4994 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_cli.py:990
            db_port = os.getenv("DATABASE_PORT", "5432")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d71a47ec2dab66cc Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_cli.py:991
            db_user = os.getenv("DATABASE_USER")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #00328eae58f0104c Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_cli.py:992
            db_name = os.getenv("DATABASE_NAME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0d5526cc1f5b6b6a Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_cli.py:993
            db_schema = os.getenv("DATABASE_SCHEMA")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4a7a49f36713a6d0 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_cli.py:1002
            os.environ["DATABASE_URL"] = _db_url

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4b5c4f9589103422 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_cli.py:1003
            os.environ["IAM_TOKEN_DB_AUTH"] = "True"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #44b5f2651909fa68 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_cli.py:1009
        if os.getenv("USE_AWS_KMS", None) is not None and os.getenv("USE_AWS_KMS") == "True":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c73bea881000b538 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_cli.py:1014
                os.environ[k] = v

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #62fe9ea1062abd91 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_cli.py:1062
            if database_url is None and os.getenv("DATABASE_URL") is None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #207587b094fd1737 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_cli.py:1068
                    os.environ["DATABASE_URL"] = database_url

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #168d877bc06bc827 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_cli.py:1100
                os.environ["DATABASE_URL"] = database_url

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #36118ee6d722fe78 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_cli.py:1103
        if config is None and os.getenv("DATABASE_URL") is None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #93e97e4fcd9a6c4a Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_cli.py:1109
                os.environ["DATABASE_URL"] = database_url

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7118cb73fd14b165 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_cli.py:1116
        if os.getenv("DATABASE_URL", None) is not None or os.getenv("DIRECT_URL", None) is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f9de8ada10b8762e Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_cli.py:1123
                _candidate_url = os.getenv(_db_env)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bca873906461f7de Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_cli.py:1145
                if os.getenv("DATABASE_URL", None) is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #13eb3568d8724205 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_cli.py:1151
                    os.environ["DATABASE_URL"] = modified_url

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #42cdbd8ac8e684d0 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_cli.py:1152
                if os.getenv("DIRECT_URL", None) is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d404864fe946cd18 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_cli.py:1153
                    database_url = os.getenv("DIRECT_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8672249fcb4cfde4 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_cli.py:1155
                    os.environ["DIRECT_URL"] = modified_url

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2ef5e1118dfb2269 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:638
global_max_parallel_request_retries_env: Optional[str] = os.getenv("LITELLM_GLOBAL_MAX_PARALLEL_REQUEST_RETRIES")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7357c55384162d12 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:683
global_max_parallel_request_retry_timeout_env: Optional[str] = os.getenv(
    "LITELLM_GLOBAL_MAX_PARALLEL_REQUEST_RETRY_TIMEOUT"
)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #76fe774874e1e9a4 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:704
_title = os.getenv("DOCS_TITLE", "LiteLLM API") if premium_user else "LiteLLM API"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9932bffa84e0fc48 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:706
    os.getenv(
        "DOCS_DESCRIPTION",
        f"Enterprise Edition \n\nProxy Server to call 100+ LLMs in the OpenAI format. {custom_swagger_message}\n\n{ui_message}",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #41985cfbeda2b340 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:839
    _startup_hooks_env = os.environ.get("LITELLM_WORKER_STARTUP_HOOKS", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ed137d30b362682b Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:894
        elif os.environ.get("LITELLM_CONFIG_BUCKET_NAME") is not None and isinstance(worker_config, str):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #74d47a5cc6be0fe6 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:1326
if os.getenv("DOCS_FILTERED", "False") == "True" and premium_user:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0e773cff8b370537 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:1427
    _origins_raw = cors_origins_env if cors_origins_env is not None else os.getenv("LITELLM_CORS_ORIGINS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f09e1e43522411b4 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:1440
        cors_credentials_env if cors_credentials_env is not None else os.getenv("LITELLM_CORS_ALLOW_CREDENTIALS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #adb5d8e7d218b888 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:1560
    is_non_root = os.getenv("LITELLM_NON_ROOT", "").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9064c19deed353cd Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:1569
    runtime_ui_path = os.getenv("LITELLM_UI_PATH", default_runtime_ui_path)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #60943003ed7470b5 Filesystem access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:1663
                        with open(file_path, "r", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4d28bd061db91448 Filesystem access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:1678
                        with open(file_path, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #30931d851168fc56 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:1858
root_redirect_url: Optional[str] = os.getenv("ROOT_REDIRECT_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3366cd71d7e0bb21 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:1990
        KVUri = os.getenv("AZURE_KEY_VAULT_URI", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8678480160cf8e78 Filesystem access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:2986
        with open(os.devnull, "w") as devnull:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #97d3fc1a9d7057cc Filesystem access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:3553
            with open(file_path, "r") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #21b569b1c5fd87ac Filesystem access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:3574
            with open(f"{file_path}", "r") as config_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bab6959d5a99725f Filesystem access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:3664
            with open(f"{user_config_file_path}", "w") as config_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5a3219cdcae62522 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:3807
        if os.environ.get("LITELLM_CONFIG_BUCKET_NAME") is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #99baebdc715c1d22 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:3808
            bucket_name = os.environ.get("LITELLM_CONFIG_BUCKET_NAME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9944d7e1c090dc77 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:3809
            object_key = os.environ.get("LITELLM_CONFIG_BUCKET_OBJECT_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0008cd1f145223d8 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:3810
            bucket_type = os.environ.get("LITELLM_CONFIG_BUCKET_TYPE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5f3caef03cfe1a4f Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:3964
                        os.environ[key] = resolved_secret_string

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2866744dfa71d9a3 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:3973
                    os.environ[key] = str(value)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #51bcddbe6faf75c8 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:3977
                _license_check.license_str = os.getenv("LITELLM_LICENSE", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fd564a30302c9016 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:4384
            use_pkce = os.getenv("GENERIC_CLIENT_USE_PKCE", "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a5734ead7afbd266 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:4561
                    v = os.getenv(_v)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9131c7eed5c0bee7 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:5189
                    os.environ[k] = decrypted_value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8396f151aaffe469 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:5602
                os.environ[upper_key] = value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9632d1f416e9d5a1 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:6444
    os.environ["WORKER_CONFIG"] = json.dumps(data)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bb83b3b1d70c9593 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:6486
    if os.getenv("LITELLM_DONT_SHOW_FEEDBACK_BOX", "").lower() != "true":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #71b4a513872afb7c Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:6517
        litellm_log_setting = os.environ.get("LITELLM_LOG", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8fc5355b10f217c6 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:6559
        os.environ["AZURE_API_VERSION"] = api_version  # set this for azure - litellm can read this from the env

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #86a45806a4af4e2b Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:7919
            if os.getenv("PROMETHEUS_URL"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #61de7131cdf1f25b Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:8031
            app_name = os.getenv("PYROSCOPE_APP_NAME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7dd93630d0ce24f1 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:8037
            server_address = os.getenv("PYROSCOPE_SERVER_ADDRESS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9a8ba82343840906 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:8044
            env_name = os.getenv("OTEL_ENVIRONMENT_NAME") or os.getenv(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e34ecd7d710ccda6 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:8044
            env_name = os.getenv("OTEL_ENVIRONMENT_NAME") or os.getenv(
                "LITELLM_DEPLOYMENT_ENVIRONMENT",
            )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d5c82ef55caef1f3 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:8049
            sample_rate_env = os.getenv("PYROSCOPE_SAMPLE_RATE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #926725726608c9aa Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:12970
        os.getenv("LITELLM_HIDE_DEFAULT_CREDENTIALS_HINT", "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dfffe3ed0c7cd270 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:13582
    logo_path = os.getenv("UI_LOGO_PATH", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #63475b558694786a Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:13596
    is_non_root = os.getenv("LITELLM_NON_ROOT", "").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #594c2c031d653400 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:13601
    assets_dir = os.getenv("LITELLM_ASSETS_PATH", default_assets_dir)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b06a6f6ca91b4c58 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:13620
    logo_path = os.getenv("UI_LOGO_PATH", default_logo)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9099b732fa89f1af Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:13661
    favicon_url = os.getenv("LITELLM_FAVICON_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ca18093e6c554055 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/proxy_server.py:14850
                _var: (value if (value := environment_variables.get(_var)) is not None else os.getenv(_var))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7a9564606f04320b Filesystem access.
pkgs/python/[email protected]/litellm/proxy/public_endpoints/public_endpoints.py:144
    raw = json.loads(files("litellm").joinpath("provider_endpoints_support_backup.json").read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #848e5bf69be517c2 Filesystem access.
pkgs/python/[email protected]/litellm/proxy/public_endpoints/public_endpoints.py:344
    with open(provider_create_fields_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2febd2b58f901611 Filesystem access.
pkgs/python/[email protected]/litellm/proxy/public_endpoints/public_endpoints.py:432
    with open(agent_create_fields_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #eb1d13427a68ff7a Filesystem access.
pkgs/python/[email protected]/litellm/proxy/public_endpoints/public_endpoints.py:435
    with open(provider_create_fields_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4e7ad323f81a25c8 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/shutdown/graceful_shutdown_manager.py:58
        raw = os.getenv("GRACEFUL_SHUTDOWN_TIMEOUT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1b1dc36205b97f83 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/spend_tracking/spend_log_error_logger.py:43
    return str_to_bool(os.getenv(SUPPRESS_SPEND_LOG_TRACEBACKS_ENV)) is True

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8e98c4830b68fabb Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/spend_tracking/spend_management_endpoints.py:2577
            db_url = os.getenv("DATABASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e5815799b72519b4 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/spend_tracking/spend_tracking_utils.py:49
    max_length_str = os.getenv("MAX_STRING_LENGTH_PROMPT_IN_DB")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #09fe42e3437672ed Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/ui_crud_endpoints/proxy_setting_endpoints.py:890
                os.environ[env_var_name] = value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1090b214addac08c Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/ui_crud_endpoints/proxy_setting_endpoints.py:893
                os.environ.pop(env_var_name, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a8807894965b9866 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/ui_crud_endpoints/proxy_setting_endpoints.py:1068
        os.environ["UI_LOGO_PATH"] = logo_url

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d85e6a3f0ab0759a Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/ui_crud_endpoints/proxy_setting_endpoints.py:1075
        if "UI_LOGO_PATH" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #92b9db49367a1775 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/ui_crud_endpoints/proxy_setting_endpoints.py:1076
            del os.environ["UI_LOGO_PATH"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #10fd3a60e8d3c587 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/ui_crud_endpoints/proxy_setting_endpoints.py:1087
        os.environ["LITELLM_FAVICON_URL"] = favicon_url

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c08c4d5f21ff2ede Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/ui_crud_endpoints/proxy_setting_endpoints.py:1094
        if "LITELLM_FAVICON_URL" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ae3a8d48279e23a0 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/ui_crud_endpoints/proxy_setting_endpoints.py:1095
            del os.environ["LITELLM_FAVICON_URL"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2787eaa6f508c959 Filesystem access.
pkgs/python/[email protected]/litellm/proxy/ui_crud_endpoints/proxy_setting_endpoints.py:1441
    with open(file_path, "wb") as buffer:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #941c93e5769d74fc Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/utils.py:211
    if SendGridEmailLogger is not None and os.getenv("SENDGRID_API_KEY"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #239e9c501ed79306 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/utils.py:215
    if ResendEmailLogger is not None and os.getenv("RESEND_API_KEY"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #08a9d507ebdeeb7b Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/utils.py:219
    if SMTPEmailLogger is not None and os.getenv("SMTP_HOST"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5284f60b7cdd9b15 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/utils.py:1897
        _proxy_base_url = os.getenv("PROXY_BASE_URL", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c50d224993ff09b3 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/utils.py:2704
LITELLM_CONFIG_CACHE_TTL_SECONDS: int = int(os.environ.get("LITELLM_CONFIG_PARAM_CACHE_TTL_SECONDS", "60"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e849bbd935f2c589 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/utils.py:2792
        self.iam_token_db_auth: Optional[bool] = str_to_bool(os.getenv("IAM_TOKEN_DB_AUTH"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #03f8322f1f319424 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/utils.py:2805
        read_replica_url = os.getenv("DATABASE_URL_READ_REPLICA")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4ce35b16b39ef5cb Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/utils.py:2852
                    os.environ["DATABASE_URL_READ_REPLICA"] = read_replica_url

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bda3da1de2fd1415 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/utils.py:2891
        self._db_reconnect_cooldown_seconds: int = max(1, int(os.getenv("PRISMA_RECONNECT_COOLDOWN_SECONDS", "15")))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #152805da26945cbf Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/utils.py:2893
            5, int(os.getenv("PRISMA_HEALTH_WATCHDOG_INTERVAL_SECONDS", "30"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8cd8d9c964dc6aed Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/utils.py:2896
            str_to_bool(os.getenv("PRISMA_HEALTH_WATCHDOG_ENABLED", "true")) is True

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b0327f19e940449e Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/utils.py:2900
            float(os.getenv("PRISMA_HEALTH_WATCHDOG_PROBE_TIMEOUT_SECONDS", "5.0")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d497ce5830a4055f Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/utils.py:2903
            1.0, float(os.getenv("PRISMA_WATCHDOG_RECONNECT_TIMEOUT_SECONDS", "30.0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0dbb752f6cae6408 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/utils.py:2906
            0.5, float(os.getenv("PRISMA_AUTH_RECONNECT_TIMEOUT_SECONDS", "2.0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #02e1c9bcc9487cf7 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/utils.py:2910
            float(os.getenv("PRISMA_AUTH_RECONNECT_LOCK_TIMEOUT_SECONDS", "0.1")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c27195d5ba9f3ece Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/utils.py:2913
        self._reconnect_escalation_threshold: int = max(1, int(os.getenv("PRISMA_RECONNECT_ESCALATION_THRESHOLD", "3")))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cf8a731d93a300e7 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/utils.py:3005
            pg_schema = os.getenv("DATABASE_SCHEMA", "public")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c2bd9bcf22a80415 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/utils.py:4487
                db_url = os.getenv("DATABASE_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #54578f6a160134cf Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/utils.py:4512
                db_url = os.getenv("DATABASE_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d867f54cf88107de Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/utils.py:4963
    return os.getenv("SMTP_USE_SSL", "False") == "True" or smtp_port == 465

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #441f7fb874584d01 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/utils.py:4987
    smtp_host = os.getenv("SMTP_HOST")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a50cd55987c793b1 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/utils.py:4988
    smtp_port = int(os.getenv("SMTP_PORT", "587"))  # default to port 587

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2643b0bb9d41872e Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/utils.py:4989
    smtp_username = os.getenv("SMTP_USERNAME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #41fbae26a22b52eb Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/utils.py:4990
    smtp_password = os.getenv("SMTP_PASSWORD")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a42754230ef16ba8 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/utils.py:4991
    sender_email = os.getenv("SMTP_SENDER_EMAIL", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #00f9683c94e6de96 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/utils.py:5020
            if not using_ssl and os.getenv("SMTP_TLS", "True") != "False":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ecfd19b67ac88f1a Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/utils.py:5187
                    base_url = os.getenv("SPEND_LOGS_URL", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c78a71ac207fcc52 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/utils.py:5734
    if redoc_url := os.getenv("REDOC_URL"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #16f7962e0fd57ce4 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/utils.py:5737
    if str_to_bool(os.getenv("NO_REDOC")) is True:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #06e14b16e8628f1a Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/utils.py:5751
    if docs_url := os.getenv("DOCS_URL"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6fd9618b2a6e3e37 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/utils.py:5754
    if str_to_bool(os.getenv("NO_DOCS")) is True:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3a27a07766f74042 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/utils.py:5768
    if openapi_url := os.getenv("OPENAPI_URL"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #658cefa62540e7f6 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/utils.py:5771
    if str_to_bool(os.getenv("NO_OPENAPI")) is True:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3e48730c9eb9fd0d Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/utils.py:5897
    return os.getenv("PROXY_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ec7a8cfee2104696 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/utils.py:5907
    return os.getenv("SERVER_ROOT_PATH", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bb83c847e8ab3949 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/utils.py:5959
    database_host = os.getenv("DATABASE_HOST")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3fd6bcbfcdbd7f71 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/utils.py:5960
    database_username = os.getenv("DATABASE_USERNAME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #37747d934a553da5 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/utils.py:5961
    database_password = os.getenv("DATABASE_PASSWORD")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2bfa094978f968c0 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/utils.py:5962
    database_name = os.getenv("DATABASE_NAME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9833ba3454ffb0c5 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/utils.py:5963
    database_schema = os.getenv("DATABASE_SCHEMA")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8d7d70ccb12cbe37 Environment-variable access.
pkgs/python/[email protected]/litellm/proxy/vertex_ai_endpoints/langfuse_endpoints.py:196
        dynamic_langfuse_host or os.getenv("LANGFUSE_HOST", _DEFAULT_LANGFUSE_HOST) or _DEFAULT_LANGFUSE_HOST

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #9ca13746cd7fab6b Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/proxy_auth/credentials.py:160
        response = httpx.post(
            self.token_url,
            data={
                "grant_type": "client_credentials",
                "client_id": self.client_id,
                "client_secret": self.client_secret,
                "scope": scope,
            },
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #8c9b508690a51387 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/rag/ingestion/gemini_ingestion.py:148
        response = await client.post(
            url,
            json=request_body,
            headers={
                "Content-Type": "application/json",
                "x-goog-api-key": api_key,
            },
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #3994f888e1f9eb40 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/rag/ingestion/gemini_ingestion.py:268
        response = await client.post(
            url,
            json=request_body,
            headers=headers,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #845ad4de3456784f Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/rag/ingestion/gemini_ingestion.py:310
        response = await client.put(
            upload_url,
            content=file_content,
            headers=headers,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #af64fcd70a4db5a0 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/rag/ingestion/s3_vectors_ingestion.py:227
            response = await self.async_httpx_client.put(url, data=data, headers=signed_headers)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #b00cd17de0dde072 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/rag/ingestion/s3_vectors_ingestion.py:229
            response = await self.async_httpx_client.post(url, data=data, headers=signed_headers)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #ab7debd2d53effa5 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/rag/ingestion/s3_vectors_ingestion.py:231
            response = await self.async_httpx_client.get(url, headers=signed_headers)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #1b3871739d2e70bb Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/rag/ingestion/vertex_ai_ingestion.py:180
        response = await client.post(
            url,
            json=request_body,
            headers={
                "Authorization": f"Bearer {access_token}",
                "Content-Type": "application/json",
            },
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #4e716f1d19f3637d Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/rag/ingestion/vertex_ai_ingestion.py:248
            response = await client.get(
                url,
                headers={
                    "Authorization": f"Bearer {access_token}",
                },
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #09ffcd4ec535ea66 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/rag/ingestion/vertex_ai_ingestion.py:362
        response = await client.post(
            url,
            files=files,
            headers={
                "Authorization": f"Bearer {access_token}",
                "X-Goog-Upload-Protocol": "multipart",
            },
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #6a6e5e474afe8668 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/rag/ingestion/vertex_ai_ingestion.py:444
        response = await client.post(
            url,
            json=request_body,
            headers={
                "Authorization": f"Bearer {access_token}",
                "Content-Type": "application/json",
            },
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #efd92fb63d02a935 Environment-variable access.
pkgs/python/[email protected]/litellm/realtime_api/main.py:368
            or os.environ.get("LITELLM_AZURE_REALTIME_PROTOCOL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #00684798940e8988 Environment-variable access.
pkgs/python/[email protected]/litellm/repositories/config_repository.py:152
                os.environ[env_key] = value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a5c7427d7af4ea1b Environment-variable access.
pkgs/python/[email protected]/litellm/router.py:7877
                    params[param_key] = os.environ.get(env_name, "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fa951b2277e8d75a Environment-variable access.
pkgs/python/[email protected]/litellm/rust_bridge/ocr.py:49
    return os.getenv("LITELLM_USE_RUST_OCR", "").strip().lower() in {

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #799cd6e81969e284 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/aws_secret_manager.py:22
    if "AWS_REGION_NAME" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cb808ba9241241b0 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/aws_secret_manager.py:35
        kms_client = boto3.client("kms", region_name=os.getenv("AWS_REGION_NAME"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2c4849250e85d7e9 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/aws_secret_manager.py:56
        if "AWS_REGION_NAME" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4c3528755f7ed26e Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/aws_secret_manager.py:62
        if os.getenv("LITELLM_LICENSE", None) is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ab58bd6067784f17 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/aws_secret_manager.py:64
        elif os.getenv("LITELLM_SECRET_AWS_KMS_LITELLM_LICENSE", None) is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a681c7c4b0650b1e Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/aws_secret_manager.py:80
            kms_client = boto3.client("kms", region_name=os.getenv("AWS_REGION_NAME"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7fde6f3391af5728 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/aws_secret_manager.py:89
        encrypted_value = os.getenv(secret_name, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e38f509fa0471a14 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/aws_secret_manager.py:130
    for k, v in os.environ.items():

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9bd301ae0b1a4eaf Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/aws_secret_manager_v2.py:68
            "AWS_REGION_NAME" not in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0020f247f4b93ea9 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/aws_secret_manager_v2.py:69
            and "AWS_REGION" not in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #71285d76cfa9be45 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/aws_secret_manager_v2.py:70
            and "AWS_DEFAULT_REGION" not in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2b8641cdfba9db26 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/aws_secret_manager_v2.py:178
            return os.getenv(secret_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c4e56d3f98c70b7e Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/cyberark_secret_manager.py:27
        self.conjur_addr = os.getenv("CYBERARK_API_BASE", "http://127.0.0.1:8080")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dbdd8f05757a1e49 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/cyberark_secret_manager.py:28
        self.conjur_account = os.getenv("CYBERARK_ACCOUNT", "default")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3bf2227e0d1c9144 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/cyberark_secret_manager.py:29
        self.conjur_username = os.getenv("CYBERARK_USERNAME", "admin")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #257333c176cc6f82 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/cyberark_secret_manager.py:30
        self.conjur_api_key = os.getenv("CYBERARK_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #659aa2ce69b23587 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/cyberark_secret_manager.py:33
        self.tls_cert_path = os.getenv("CYBERARK_CLIENT_CERT", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #24d401c4d044d997 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/cyberark_secret_manager.py:34
        self.tls_key_path = os.getenv("CYBERARK_CLIENT_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #52247331960f2669 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/cyberark_secret_manager.py:38
        ssl_verify_env = str_to_bool(os.getenv("CYBERARK_SSL_VERIFY"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b46521bfe84405ab Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/cyberark_secret_manager.py:51
        _refresh_interval = int(os.environ.get("CYBERARK_REFRESH_INTERVAL", "300"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #9cdb49839023f3b0 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/secret_managers/cyberark_secret_manager.py:88
                resp = http_client.post(auth_url, content=self.conjur_api_key)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #bf3d032075a6cdda Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/secret_managers/cyberark_secret_manager.py:92
                resp = http_handler.client.post(auth_url, content=self.conjur_api_key)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #b3ac147a815ee25d Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/secret_managers/cyberark_secret_manager.py:133
            resp = client.client.post(
                policy_url,
                headers={
                    **self._get_request_headers(),
                    "Content-Type": "application/x-yaml",
                },
                content=policy_yaml,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #a56f4c0e237572a6 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/secret_managers/cyberark_secret_manager.py:196
            response = await async_client.get(url, headers=self._get_request_headers())

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #79d38b62d5fddc1f Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/secret_managers/cyberark_secret_manager.py:239
            response = sync_client.client.get(url, headers=self._get_request_headers())

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #c25417c625bf2d4e Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/get_azure_ad_token_provider.py:12
        os.environ.get("AZURE_CLIENT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #43b2309cb38fb9a0 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/get_azure_ad_token_provider.py:13
        and os.environ.get("AZURE_CLIENT_SECRET")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f7388ff52198f63c Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/get_azure_ad_token_provider.py:14
        and os.environ.get("AZURE_TENANT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a8d6832dd97c4c0d Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/get_azure_ad_token_provider.py:17
    elif os.environ.get("AZURE_CLIENT_ID"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #97762fa2a8664e95 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/get_azure_ad_token_provider.py:20
        os.environ.get("AZURE_CLIENT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #846f14ac71217019 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/get_azure_ad_token_provider.py:21
        and os.environ.get("AZURE_TENANT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3c5f4649779bf9a9 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/get_azure_ad_token_provider.py:22
        and os.environ.get("AZURE_CERTIFICATE_PATH")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d9d82eddef4a892f Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/get_azure_ad_token_provider.py:23
        and os.environ.get("AZURE_CERTIFICATE_PASSWORD")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a52d5de71d4b1a94 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/get_azure_ad_token_provider.py:26
    elif os.environ.get("AZURE_CERTIFICATE_PASSWORD"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4fea77d2c7e5fdcd Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/get_azure_ad_token_provider.py:28
    elif os.environ.get("AZURE_CERTIFICATE_PATH"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #220530852669b107 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/get_azure_ad_token_provider.py:64
        azure_scope = os.environ.get("AZURE_SCOPE") or "https://cognitiveservices.azure.com/.default"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2e18ee48ef67923b Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/get_azure_ad_token_provider.py:69
        else None or os.environ.get("AZURE_CREDENTIAL") or infer_credential_type_from_environment()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0d8d766813cb28cc Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/get_azure_ad_token_provider.py:83
            client_id=os.environ["AZURE_CLIENT_ID"],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b13d8730597e3e7b Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/get_azure_ad_token_provider.py:84
            client_secret=os.environ["AZURE_CLIENT_SECRET"],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6fcef3eaae3b335c Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/get_azure_ad_token_provider.py:85
            tenant_id=os.environ["AZURE_TENANT_ID"],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0ba5e7aabfee1e45 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/get_azure_ad_token_provider.py:88
        credential = ManagedIdentityCredential(client_id=os.environ["AZURE_CLIENT_ID"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e699f35bb73a355f Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/get_azure_ad_token_provider.py:90
        if os.getenv("AZURE_CERTIFICATE_PASSWORD"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #774c7c3bcafcf0d6 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/get_azure_ad_token_provider.py:92
                client_id=os.environ["AZURE_CLIENT_ID"],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fbce8a21738cbaa5 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/get_azure_ad_token_provider.py:93
                tenant_id=os.environ["AZURE_TENANT_ID"],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dd06bdf01971cad8 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/get_azure_ad_token_provider.py:94
                certificate_path=os.environ["AZURE_CERTIFICATE_PATH"],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b8da3ab6739a0a53 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/get_azure_ad_token_provider.py:95
                password=os.environ["AZURE_CERTIFICATE_PASSWORD"],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9fbe0279273eafea Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/get_azure_ad_token_provider.py:99
                client_id=os.environ["AZURE_CLIENT_ID"],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #83bd6048777c2fc3 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/get_azure_ad_token_provider.py:100
                tenant_id=os.environ["AZURE_TENANT_ID"],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5dc661cfad8dedff Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/get_azure_ad_token_provider.py:101
                certificate_path=os.environ["AZURE_CERTIFICATE_PATH"],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0c27eb6311761443 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/google_kms.py:19
    if "GOOGLE_APPLICATION_CREDENTIALS" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #95d00ec49eb222e3 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/google_kms.py:21
    if "GOOGLE_KMS_RESOURCE_NAME" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4fdbe97cceff4be3 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/google_kms.py:37
        litellm._google_kms_resource_name = os.getenv("GOOGLE_KMS_RESOURCE_NAME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1540a0c75bdddc1f Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/google_secret_manager.py:32
        self.PROJECT_ID = os.environ.get("GOOGLE_SECRET_MANAGER_PROJECT_ID", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f171cb89d540f41e Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/google_secret_manager.py:40
        _refresh_interval = os.environ.get("GOOGLE_SECRET_MANAGER_REFRESH_INTERVAL", refresh_interval)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5a41b6da53c5843b Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/google_secret_manager.py:44
        _always_read_secret_manager = os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bd67b8d7542b0c62 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/google_secret_manager.py:44
        _always_read_secret_manager = os.environ.get(
            "GOOGLE_SECRET_MANAGER_ALWAYS_READ_SECRET_MANAGER",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #86a221579875499a Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/hashicorp_secret_manager.py:25
        self.vault_addr = os.getenv("HCP_VAULT_ADDR", "http://127.0.0.1:8200")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cfab9a253843a958 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/hashicorp_secret_manager.py:26
        self.vault_token = os.getenv("HCP_VAULT_TOKEN", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3ae3fe0047fdc820 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/hashicorp_secret_manager.py:28
        self.vault_namespace = os.getenv("HCP_VAULT_NAMESPACE", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4a32eb430276d172 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/hashicorp_secret_manager.py:31
        self.vault_mount_name = os.getenv("HCP_VAULT_MOUNT_NAME", "secret")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #61fceed5c648a395 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/hashicorp_secret_manager.py:33
        self.vault_path_prefix = os.getenv("HCP_VAULT_PATH_PREFIX", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cbc25477fa905ed0 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/hashicorp_secret_manager.py:36
        self.tls_cert_path = os.getenv("HCP_VAULT_CLIENT_CERT", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f2fbe1c3be7881cc Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/hashicorp_secret_manager.py:37
        self.tls_key_path = os.getenv("HCP_VAULT_CLIENT_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f018b85b3e5863bc Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/hashicorp_secret_manager.py:38
        self.vault_cert_role = os.getenv("HCP_VAULT_CERT_ROLE", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7786cf7d70ffaa74 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/hashicorp_secret_manager.py:41
        self.approle_role_id = os.getenv("HCP_VAULT_APPROLE_ROLE_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #44c2076008d67772 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/hashicorp_secret_manager.py:42
        self.approle_secret_id = os.getenv("HCP_VAULT_APPROLE_SECRET_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #63d307b45e49e7a9 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/hashicorp_secret_manager.py:43
        self.approle_mount_path = os.getenv("HCP_VAULT_APPROLE_MOUNT_PATH", "approle")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0c314fcade015f9f Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/hashicorp_secret_manager.py:54
        _refresh_interval = os.environ.get("HCP_VAULT_REFRESH_INTERVAL", SECRET_MANAGER_REFRESH_INTERVAL)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #e519c5fb540e4e7d Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/secret_managers/hashicorp_secret_manager.py:188
            resp = client.post(
                login_url,
                headers=headers,
                json=self._get_tls_cert_auth_body(),
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #4fcb9a97bb97146d Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/secret_managers/hashicorp_secret_manager.py:329
            response = await async_client.get(url, headers=self._get_request_headers())

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #8229f7ef78d0fc81 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/secret_managers/hashicorp_secret_manager.py:360
            response = sync_client.get(url, headers=self._get_request_headers())

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #1bddf2fbfa51e694 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/main.py:31
    override = os.getenv("LITELLM_OIDC_ALLOWED_CREDENTIAL_DIRS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #2b2e47c7249c3d10 Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/secret_managers/main.py:183
            response = oidc_client.get(
                "http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/default/identity",
                params={"audience": oidc_aud},
                headers={"Metadata-Flavor": "Google"},
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #41977018025d6e43 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/main.py:196
            env_secret = os.getenv("CIRCLE_OIDC_TOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f5842d770818310e Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/main.py:202
            env_secret = os.getenv("CIRCLE_OIDC_TOKEN_V2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #007c3f5821ac09f2 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/main.py:208
            actions_id_token_request_url = os.getenv("ACTIONS_ID_TOKEN_REQUEST_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0fc6e493bf97fe45 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/main.py:209
            actions_id_token_request_token = os.getenv("ACTIONS_ID_TOKEN_REQUEST_TOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #d56c17c1c0a3270a Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/secret_managers/main.py:220
            response = oidc_client.get(
                actions_id_token_request_url,
                params={"audience": oidc_aud},
                headers={
                    "Authorization": f"Bearer {actions_id_token_request_token}",
                    "Accept": "application/json; api-version=2.0",
                },
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #5757de9ba71973fb Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/main.py:236
            azure_federated_token_file = os.getenv("AZURE_FEDERATED_TOKEN_FILE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7ce8da443816b8df Filesystem access.
pkgs/python/[email protected]/litellm/secret_managers/main.py:251
            with open(azure_federated_token_file, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a2fbcabcf82ec467 Filesystem access.
pkgs/python/[email protected]/litellm/secret_managers/main.py:257
            with open(safe_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d6616206e9384bc1 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/main.py:262
            oidc_token = os.getenv(oidc_aud)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8c0ac12510d30db4 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/main.py:268
            token_file_path = os.getenv(oidc_aud)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #abd7c0fc566cd036 Filesystem access.
pkgs/python/[email protected]/litellm/secret_managers/main.py:271
            with open(token_file_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #00c43384598e8517 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/main.py:303
                secret = os.getenv(secret_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #310b339d79b41330 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/main.py:314
            secret = os.environ.get(secret_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #07d4dd972f5b6675 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/secret_manager_handler.py:59
        encrypted_secret: Any = os.getenv(secret_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2542378b8e7ed6f9 Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/secret_manager_handler.py:82
        encrypted_value = os.getenv(secret_name, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #23b1c995cf1f004f Environment-variable access.
pkgs/python/[email protected]/litellm/secret_managers/secret_manager_handler.py:160
        secret = os.getenv(secret_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9ae0a9f57a7d0a25 Environment-variable access.
pkgs/python/[email protected]/litellm/setup_wizard.py:136
    return sys.stdout.isatty() and os.environ.get("NO_COLOR") is None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5d6057dd92704389 Filesystem access.
pkgs/python/[email protected]/litellm/setup_wizard.py:242
            config_path.write_text(SetupWizard._build_config(providers, env_vars, master_key))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #84acd87d03b2e251 Filesystem access.
pkgs/python/[email protected]/litellm/setup_wizard.py:282
        with open("/dev/tty", "rb") as tty_fh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5ef69918131add2e Environment-variable access.
pkgs/python/[email protected]/litellm/types/integrations/slack_alerting.py:55
            os.getenv(
                "SLACK_DAILY_REPORT_FREQUENCY",
                int(SlackAlertingArgsEnum.daily_report_frequency.value),
            )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3decadaa90391fed Environment-variable access.
pkgs/python/[email protected]/litellm/types/proxy/guardrails/guardrail_hooks/zscaler_ai_guard.py:91
        api_base = self.api_base or os.getenv(
            "ZSCALER_AI_GUARD_URL",
            "https://api.us1.zseclipse.net/v1/detection/execute-policy",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d864822993f509c1 Environment-variable access.
pkgs/python/[email protected]/litellm/types/proxy/guardrails/guardrail_hooks/zscaler_ai_guard.py:99
            env_policy = os.getenv("ZSCALER_AI_GUARD_POLICY_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #c7ad0ac18e4dfd11 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/utils.py:4800
            response = litellm.module_level_client.get(config_url)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #59381277e257c1d7 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/litellm/utils.py:5148
        response = litellm.module_level_client.get(config_url)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #e7e535cd4f82be0f Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:5848
    no_proxy = os.getenv("NO_PROXY", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #86b460866c2dbc9b Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:5901
            if "OPENAI_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bf5cc3ce9a61a846 Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:5906
            if "AZURE_API_BASE" in os.environ and "AZURE_API_VERSION" in os.environ and "AZURE_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3429ffb6ea622cbf Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:5911
            if "ANTHROPIC_API_KEY" in os.environ or "ANTHROPIC_AUTH_TOKEN" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c711de813b9dcb56 Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:5916
            if "COHERE_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f107808c08c8b4b7 Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:5921
            if "REPLICATE_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ff8cda3fa4907580 Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:5926
            if "OPENROUTER_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4452b9fad71b893e Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:5931
            if "VERCEL_AI_GATEWAY_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cf46058a7d4c3c8e Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:5936
            if "DATAROBOT_API_TOKEN" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #18cd0c82813e5b57 Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:5941
            if "VERTEXAI_PROJECT" in os.environ and "VERTEXAI_LOCATION" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ca765133c8ebf997 Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:5946
            if "HUGGINGFACE_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bb84cfee8b20261f Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:5951
            if "AI21_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e92a189d5b22e412 Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:5956
            if "TOGETHERAI_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7c460b2cb1029e62 Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:5961
            if "ALEPH_ALPHA_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1f73f60d3d39912c Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:5966
            if "BASETEN_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #88c5af5154971b55 Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:5971
            if "NLP_CLOUD_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #daca234d42587c02 Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:5976
            if ("AWS_ACCESS_KEY_ID" in os.environ and "AWS_SECRET_ACCESS_KEY" in os.environ) or (

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3cb1cb72164363d3 Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:5978
                "AWS_ROLE_ARN" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #de1ace5491e3c966 Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:5979
                or "AWS_PROFILE" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b0eed36ca594bcfb Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:5980
                or "AWS_WEB_IDENTITY_TOKEN_FILE" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b3da166741e4ff3d Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:5981
                or "AWS_CONTAINER_CREDENTIALS_RELATIVE_URI" in os.environ  # ECS task role

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e4dda35b91f5559b Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:5982
                or "AWS_CONTAINER_CREDENTIALS_FULL_URI" in os.environ  # ECS/Fargate full URI credential delivery

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b76d278041decbb3 Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:5989
            if "OLLAMA_API_BASE" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #566cceb7314314ad Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:5994
            if "ANYSCALE_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e12f0fd3b8501a9f Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:5999
            if "DEEPINFRA_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b0680ce40926395e Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6004
            if "FEATHERLESS_AI_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ee2bc73e48932354 Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6009
            if ("GOOGLE_API_KEY" in os.environ) or ("GEMINI_API_KEY" in os.environ):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #75b81f264751c1e9 Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6015
            if "GROQ_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d37b2655eb5ac6b8 Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6020
            if "NVIDIA_NIM_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0298559a9386ff3c Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6025
            if "CEREBRAS_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b65fcf7b73ee4407 Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6030
            if "BASETEN_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f786c3a1084498e3 Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6035
            if "XAI_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f665e395b869ea44 Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6040
            if "AI21_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f5adb375ca1a5e65 Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6045
            if "VOLCENGINE_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #227a256131401cc7 Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6050
            if "CODESTRAL_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dab1930a1e5cbc5f Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6055
            if "INCEPTION_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #92c32a5da56faebe Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6060
            if "DEEPSEEK_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #73649175122c20cc Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6065
            if "TENCENT_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #06677a1a3a33b0b9 Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6070
            if "MISTRAL_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5f374e3813b1a93a Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6075
            if "PALM_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #81c0e536ad83160a Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6080
            if "PERPLEXITYAI_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d824996dedc364f9 Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6085
            if "VOYAGE_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9ab3f88ad654da93 Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6090
            if "INFINITY_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8c06319102601a5c Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6096
                "FIREWORKS_AI_API_KEY" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f92e0a0192bcaa4f Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6097
                or "FIREWORKS_API_KEY" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #db255e4d59bf8f8c Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6098
                or "FIREWORKSAI_API_KEY" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ab9d5ec968e43bc9 Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6099
                or "FIREWORKS_AI_TOKEN" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #478355d04e9bfac4 Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6105
            if "CLOUDFLARE_API_KEY" in os.environ and (

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #02777f7cd1cbe17d Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6106
                "CLOUDFLARE_ACCOUNT_ID" in os.environ or "CLOUDFLARE_API_BASE" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #372ad9f9804cdf7e Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6113
            if "NOVITA_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #197c966f63c657ed Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6118
            if "NEBIUS_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #15451b290fa7bc7e Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6123
            if "WANDB_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0cba5f6cd88fb711 Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6128
            if "DASHSCOPE_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #76f9e72b8b8e0fad Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6133
            if "MODELSCOPE_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #da4258508698e046 Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6138
            if "MOONSHOT_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #27a37ce17440e50a Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6151
            if "OPENAI_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4d7e446a9d0023d2 Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6157
            if "ANTHROPIC_API_KEY" in os.environ or "ANTHROPIC_AUTH_TOKEN" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #94b26dd1539491fc Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6163
            if "COHERE_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a6978d6131a10d3f Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6169
            if "REPLICATE_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ee75e631a4f0df22 Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6175
            if "OPENROUTER_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f8527bd6a0da3fb2 Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6181
            if "VERCEL_AI_GATEWAY_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e0c99bb0a72e011f Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6187
            if "DATAROBOT_API_TOKEN" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bf22b1db0e35c378 Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6197
            if "VERTEXAI_PROJECT" in os.environ and "VERTEXAI_LOCATION" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6d68be36c9f6b727 Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6203
            if "HUGGINGFACE_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #50da13c8b3e77d47 Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6209
            if "AI21_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f66de4724fdf8e37 Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6215
            if "TOGETHERAI_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6a4dea2fd5cf3fa9 Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6221
            if "ALEPH_ALPHA_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b739d14bf87dbecb Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6227
            if "BASETEN_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #23b31f3d8414b01e Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6233
            if "NLP_CLOUD_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7cbadea957b597ec Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6238
            if "NOVITA_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b5f37de440c2240e Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6243
            if "NEBIUS_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6db337284da54734 Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6248
            if "WANDB_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8a7cfa37c7ed0777 Filesystem access.
pkgs/python/[email protected]/litellm/utils.py:6617
        with open(config_path, "r") as config_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bcb1876ccf6efd80 Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6866
        env_vars = {k: v for k, v in os.environ.items() if k.startswith(("OPENAI", "ANTHROPIC", "AZURE", "AWS"))}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #eca66a1304ee6444 Environment-variable access.
pkgs/python/[email protected]/litellm/utils.py:6928
    environ_keys = os.environ.keys()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #328beeaf8215152c Filesystem access.
pkgs/python/[email protected]/litellm/utils.py:7545
        return json.loads(model_cost_path.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

opentelemetry-sdk

python dependency
medium telemetry dependency Excluded from app score #ad1a9c99fd3f9611 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:20
from opentelemetry._logs import set_logger_provider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #01fafebfb2e0247a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:21
from opentelemetry.environment_variables import (
    OTEL_LOGS_EXPORTER,
    OTEL_METRICS_EXPORTER,
    OTEL_PYTHON_ID_GENERATOR,
    OTEL_TRACES_EXPORTER,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9dbae959ccdc2658 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:27
from opentelemetry.metrics import set_meter_provider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d54aa780802c9c24 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:28
from opentelemetry.sdk._logs import (
    LoggerProvider,
    LoggingHandler,
    LogRecordProcessor,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #50ba118dee932097 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:33
from opentelemetry.sdk._logs._internal import _LoggerConfiguratorT

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e53a024f1370c72f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:34
from opentelemetry.sdk._logs.export import (
    BatchLogRecordProcessor,
    LogRecordExporter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #365c7ae52797363f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:38
from opentelemetry.sdk.environment_variables import (
    _OTEL_PYTHON_LOGGING_AUTO_INSTRUMENTATION_ENABLED,
    OTEL_CONFIG_FILE,
    OTEL_EXPORTER_OTLP_LOGS_PROTOCOL,
    OTEL_EXPORTER_OTLP_METRICS_PROTOCOL,
    OTEL_EXPORTER_OTLP_PROTOCOL,
    OTEL_EXPORTER_OTLP_TRACES_PROTOCOL,
    OTEL_PYTHON_LOGGER_CONFIGURATOR,
    OTEL_PYTHON_METER_CONFIGURATOR,
    OTEL_PYTHON_TRACER_CONFIGURATOR,
    OTEL_TRACES_SAMPLER,
    OTEL_TRACES_SAMPLER_ARG,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #853a23cfcd846e84 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:51
from opentelemetry.sdk.metrics import MeterProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0b3fdf626380b453 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:52
from opentelemetry.sdk.metrics._internal import _MeterConfiguratorT

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #025fabe56435abeb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:53
from opentelemetry.sdk.metrics.export import (
    MetricExporter,
    MetricReader,
    PeriodicExportingMetricReader,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #643266c9f9de68ea Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:58
from opentelemetry.sdk.resources import Attributes, Resource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #50532cb1f9eff1c7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:59
from opentelemetry.sdk.trace import (
    SpanProcessor,
    TracerProvider,
    _TracerConfiguratorT,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9c0defb11247aa27 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:64
from opentelemetry.sdk.trace.export import BatchSpanProcessor, SpanExporter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #bfb30db2f45157e0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:65
from opentelemetry.sdk.trace.id_generator import IdGenerator

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #52840a62901c90f3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:66
from opentelemetry.sdk.trace.sampling import Sampler

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5dddf8e713525590 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:67
from opentelemetry.semconv.resource import ResourceAttributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6c0cdcd0509f1f15 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:68
from opentelemetry.trace import set_tracer_provider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f72a936ea5005fd0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:69
from opentelemetry.util._importlib_metadata import entry_points

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0f7de7e38f3a2603 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:721
                from opentelemetry.configuration import (  # noqa: PLC0415
                    configure_sdk,
                    load_config_file,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #16d3986ee425c5f2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/__init__.py:4
from opentelemetry.sdk._logs._internal import (
    ConcurrentMultiLogRecordProcessor,
    LogDroppedAttributesWarning,
    Logger,
    LoggerProvider,
    LoggingHandler,
    LogLimits,
    LogRecordDroppedAttributesWarning,
    LogRecordLimits,
    LogRecordProcessor,
    ReadableLogRecord,
    ReadWriteLogRecord,
    SynchronousMultiLogRecordProcessor,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9031a91dc69a7c23 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:29
from opentelemetry._logs import Logger as APILogger

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2376fee1e1b788d5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:30
from opentelemetry._logs import LoggerProvider as APILoggerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ce1627ec78cccb9d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:31
from opentelemetry._logs import (
    LogRecord,
    NoOpLogger,
    SeverityNumber,
    get_logger,
    get_logger_provider,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4705d869345a8af3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:38
from opentelemetry.attributes import _VALID_ANY_VALUE_TYPES, BoundedAttributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #09fc4ee241c5e263 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:39
from opentelemetry.context import get_current

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cd8400885ddf7175 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:40
from opentelemetry.context.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #727470f2b5aadf2b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:41
from opentelemetry.metrics import MeterProvider, get_meter_provider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b5109a8bedbb9aa0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:42
from opentelemetry.sdk._logs._internal._exceptions import (
    _copy_log_record_with_exception,
    _create_log_record_with_exception,
    _set_log_record_exception_attributes,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #63086307515f2ddf Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:47
from opentelemetry.sdk._logs._internal._logger_metrics import (
    LoggerMetricsT,
    create_logger_metrics,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #28185ef75feb4e90 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:51
from opentelemetry.sdk.environment_variables import (
    OTEL_ATTRIBUTE_COUNT_LIMIT,
    OTEL_ATTRIBUTE_VALUE_LENGTH_LIMIT,
    OTEL_LOGRECORD_ATTRIBUTE_COUNT_LIMIT,
    OTEL_LOGRECORD_ATTRIBUTE_VALUE_LENGTH_LIMIT,
    OTEL_PYTHON_SDK_INTERNAL_METRICS_ENABLED,
    OTEL_SDK_DISABLED,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6643ef6c6da9f1c2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:59
from opentelemetry.sdk.environment_variables._internal import (
    parse_boolean_environment_variable,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4e89017feead089a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:62
from opentelemetry.sdk.resources import (
    Resource,
    _get_process_dependent_resource,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #df4af843c08be1b4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:66
from opentelemetry.sdk.util import ns_to_iso_str

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1159bd70fcd03372 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:67
from opentelemetry.sdk.util._configurator import RuleBasedConfigurator

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #95c5e9ed8d2aaf02 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:68
from opentelemetry.sdk.util.instrumentation import (
    InstrumentationScope,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #172a7cb0c488e1f8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:71
from opentelemetry.semconv._incubating.attributes import code_attributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fdaed338987cc333 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:72
from opentelemetry.semconv.attributes import exception_attributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #568bf3cd6fc4a175 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:73
from opentelemetry.trace import (
    format_span_id,
    format_trace_id,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #12da7f2b30ebb5c0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:77
from opentelemetry.util.types import AnyValue, _ExtendedAttributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3e616b24816cd157 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/_exceptions.py:7
from opentelemetry._logs import LogRecord

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #766ab35875ad89b1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/_exceptions.py:8
from opentelemetry.attributes import BoundedAttributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ed63f6640dcbe42d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/_exceptions.py:9
from opentelemetry.semconv.attributes import exception_attributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1ec1896035b13881 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/_exceptions.py:10
from opentelemetry.util.types import AnyValue, _ExtendedAttributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4ec5ddc89e1f30a3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/_logger_metrics.py:6
from opentelemetry import metrics as metrics_api

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #35904986545b80cd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/_logger_metrics.py:7
from opentelemetry.semconv._incubating.metrics.otel_metrics import (
    create_otel_sdk_log_created,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #030d9eb58a6e57ba Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/export/__init__.py:16
from opentelemetry.context import (
    _ON_EMIT_RECURSION_COUNT_KEY,
    _SUPPRESS_INSTRUMENTATION_KEY,
    Context,
    attach,
    detach,
    get_value,
    set_value,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #682abd5198c732cf Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/export/__init__.py:25
from opentelemetry.metrics import MeterProvider, get_meter_provider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6f992e2d9e5944ed Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/export/__init__.py:26
from opentelemetry.sdk._logs import (
    LogRecordProcessor,
    ReadableLogRecord,
    ReadWriteLogRecord,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2198a9acc156e3c0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/export/__init__.py:31
from opentelemetry.sdk._shared_internal import (
    BatchProcessor,
    DuplicateFilter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #926b51cec35343f9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/export/__init__.py:35
from opentelemetry.sdk._shared_internal._processor_metrics import (
    create_processor_metrics,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d31a945def18219d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/export/__init__.py:38
from opentelemetry.sdk.environment_variables import (
    OTEL_BLRP_EXPORT_TIMEOUT,
    OTEL_BLRP_MAX_EXPORT_BATCH_SIZE,
    OTEL_BLRP_MAX_QUEUE_SIZE,
    OTEL_BLRP_SCHEDULE_DELAY,
    OTEL_PYTHON_SDK_INTERNAL_METRICS_ENABLED,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ab5f259b3a6565f7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/export/__init__.py:45
from opentelemetry.sdk.environment_variables._internal import (
    parse_boolean_environment_variable,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #789da2402c6f90a7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/export/__init__.py:48
from opentelemetry.sdk.resources import Resource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ad36d478e0c2060f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/export/__init__.py:49
from opentelemetry.semconv._incubating.attributes.otel_attributes import (
    OtelComponentTypeValues,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c44e8e3dc0cdffb4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/export/in_memory_log_exporter.py:9
from opentelemetry.sdk._logs import ReadableLogRecord

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8b939808b433d089 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/export/in_memory_log_exporter.py:10
from opentelemetry.sdk._logs.export import (
    LogRecordExporter,
    LogRecordExportResult,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ee23b08a65dcf878 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/export/__init__.py:4
from opentelemetry.sdk._logs._internal.export import (
    BatchLogRecordProcessor,
    ConsoleLogExporter,
    ConsoleLogRecordExporter,
    LogExporter,
    LogExportResult,
    LogRecordExporter,
    LogRecordExportResult,
    SimpleLogRecordProcessor,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #54df665e7910fd11 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/export/__init__.py:16
from opentelemetry.sdk._logs._internal.export.in_memory_log_exporter import (
    InMemoryLogExporter,
    InMemoryLogRecordExporter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #647d85f29f0f5bde Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_shared_internal/__init__.py:21
from opentelemetry.context import (
    _SUPPRESS_INSTRUMENTATION_KEY,
    attach,
    detach,
    set_value,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c309d8b130c8d28f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_shared_internal/__init__.py:27
from opentelemetry.sdk._shared_internal._processor_metrics import (
    ProcessorMetricsT,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #090502b49a81c80c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_shared_internal/__init__.py:30
from opentelemetry.util._once import Once

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ed6a2249b2fceb2e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_shared_internal/_processor_metrics.py:10
from opentelemetry.metrics import CallbackOptions, MeterProvider, Observation

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a0582eba7f426881 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_shared_internal/_processor_metrics.py:11
from opentelemetry.semconv._incubating.attributes.otel_attributes import (
    OTEL_COMPONENT_NAME,
    OTEL_COMPONENT_TYPE,
    OtelComponentTypeValues,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #912691db0a0a092f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_shared_internal/_processor_metrics.py:16
from opentelemetry.semconv._incubating.metrics.otel_metrics import (
    OTEL_SDK_PROCESSOR_LOG_QUEUE_SIZE,
    OTEL_SDK_PROCESSOR_SPAN_QUEUE_SIZE,
    create_otel_sdk_processor_log_processed,
    create_otel_sdk_processor_log_queue_capacity,
    create_otel_sdk_processor_span_processed,
    create_otel_sdk_processor_span_queue_capacity,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #abb6118dc4adba31 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_shared_internal/_processor_metrics.py:24
from opentelemetry.semconv.attributes.error_attributes import ERROR_TYPE

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #52c4bfabc544ff75 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/error_handler/__init__.py:54
from opentelemetry.util._importlib_metadata import entry_points

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #20226d3befa4cf1a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/__init__.py:5
from opentelemetry.sdk.metrics import export, view

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5c66eacb38d3b37d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/__init__.py:6
from opentelemetry.sdk.metrics._internal import Meter, MeterProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a2b2709a5cab9e36 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/__init__.py:7
from opentelemetry.sdk.metrics._internal.exceptions import MetricsTimeoutError

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4f0a9ad031f85ddf Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/__init__.py:8
from opentelemetry.sdk.metrics._internal.exemplar import (
    AlignedHistogramBucketExemplarReservoir,
    AlwaysOffExemplarFilter,
    AlwaysOnExemplarFilter,
    Exemplar,
    ExemplarFilter,
    ExemplarReservoir,
    SimpleFixedSizeExemplarReservoir,
    TraceBasedExemplarFilter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4ed3b2c515effa30 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/__init__.py:18
from opentelemetry.sdk.metrics._internal.instrument import (
    Counter,
    Histogram,
    ObservableCounter,
    ObservableGauge,
    ObservableUpDownCounter,
    UpDownCounter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #eaf4528a75952798 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/__init__.py:26
from opentelemetry.sdk.metrics._internal.instrument import Gauge as _Gauge

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8444abb0d82a62e0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:15
import opentelemetry.sdk.metrics

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #564c11923b0cfcea Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:16
from opentelemetry.metrics import Counter as APICounter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #511ba89d07bbf8b5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:17
from opentelemetry.metrics import Histogram as APIHistogram

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #bc7757622b7a1e91 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:18
from opentelemetry.metrics import Meter as APIMeter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ce08ba02d56673fe Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:19
from opentelemetry.metrics import MeterProvider as APIMeterProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d33ffa0d367da6d0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:20
from opentelemetry.metrics import NoOpMeter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #22559295ccfc05c6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:21
from opentelemetry.metrics import ObservableCounter as APIObservableCounter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4dc06b1e7323d7ba Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:22
from opentelemetry.metrics import ObservableGauge as APIObservableGauge

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #213a59ea5ad913ab Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:23
from opentelemetry.metrics import (
    ObservableUpDownCounter as APIObservableUpDownCounter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ee530af0ece3b26e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:26
from opentelemetry.metrics import UpDownCounter as APIUpDownCounter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #abe32111a9824681 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:27
from opentelemetry.metrics import _Gauge as APIGauge

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4ec1039a4ad4b279 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:28
from opentelemetry.sdk.environment_variables import (
    OTEL_METRICS_EXEMPLAR_FILTER,
    OTEL_SDK_DISABLED,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #41d8c53225bdfb22 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:32
from opentelemetry.sdk.metrics._internal.exceptions import MetricsTimeoutError

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6c120d0cacfced36 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:33
from opentelemetry.sdk.metrics._internal.exemplar import (
    AlwaysOffExemplarFilter,
    AlwaysOnExemplarFilter,
    ExemplarFilter,
    TraceBasedExemplarFilter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c6ad2fda79f77114 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:39
from opentelemetry.sdk.metrics._internal.instrument import (
    _Counter,
    _Gauge,
    _Histogram,
    _ObservableCounter,
    _ObservableGauge,
    _ObservableUpDownCounter,
    _UpDownCounter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6566361c8d002f29 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:48
from opentelemetry.sdk.metrics._internal.measurement_consumer import (
    MeasurementConsumer,
    SynchronousMeasurementConsumer,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #59cd8c9ed8dc7f03 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:52
from opentelemetry.sdk.metrics._internal.sdk_configuration import (
    SdkConfiguration,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #29eefbd7d1c607e2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:55
from opentelemetry.sdk.resources import (
    Resource,
    _get_process_dependent_resource,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ec62a98f6e9ae238 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:59
from opentelemetry.sdk.util._configurator import RuleBasedConfigurator

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3bfc558e8ddd55a4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:60
from opentelemetry.sdk.util.instrumentation import (
    InstrumentationScope,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d7fd97674529afeb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:63
from opentelemetry.util._once import Once

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1f768139e91626ff Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:64
from opentelemetry.util.types import (
    Attributes,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #593850fb127ac5b4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/_view_instrument_match.py:11
from opentelemetry.sdk.metrics._internal.aggregation import (
    Aggregation,
    AggregationTemporality,
    DefaultAggregation,
    _Aggregation,
    _SumAggregation,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0f78c446cdd0ed1e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/_view_instrument_match.py:18
from opentelemetry.sdk.metrics._internal.instrument import _Instrument

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cb58c48f266198c7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/_view_instrument_match.py:19
from opentelemetry.sdk.metrics._internal.measurement import Measurement

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5913cc479813d7bc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/_view_instrument_match.py:20
from opentelemetry.sdk.metrics._internal.point import DataPointT

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9e5009bc5fc1577c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/_view_instrument_match.py:21
from opentelemetry.sdk.metrics._internal.view import View

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2eeaa653a2e33f2d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/aggregation.py:20
from opentelemetry.metrics import (
    Asynchronous,
    Counter,
    Histogram,
    ObservableCounter,
    ObservableGauge,
    ObservableUpDownCounter,
    Synchronous,
    UpDownCounter,
    _Gauge,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d224d412bc64e159 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/aggregation.py:31
from opentelemetry.sdk.metrics._internal.exemplar import (
    Exemplar,
    ExemplarReservoirBuilder,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ddf481169dc4966d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/aggregation.py:35
from opentelemetry.sdk.metrics._internal.exponential_histogram.buckets import (
    Buckets,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e555fff1b773179d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/aggregation.py:38
from opentelemetry.sdk.metrics._internal.exponential_histogram.mapping import (
    Mapping,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0ee059e060988e63 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/aggregation.py:41
from opentelemetry.sdk.metrics._internal.exponential_histogram.mapping.exponent_mapping import (
    ExponentMapping,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6deeb23a146e31bb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/aggregation.py:44
from opentelemetry.sdk.metrics._internal.exponential_histogram.mapping.logarithm_mapping import (
    LogarithmMapping,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6180937336b15d21 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/aggregation.py:47
from opentelemetry.sdk.metrics._internal.instrument import _Instrument

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #07284abfcb2b48dd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/aggregation.py:48
from opentelemetry.sdk.metrics._internal.measurement import Measurement

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #bffe4dc854557a26 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/aggregation.py:49
from opentelemetry.sdk.metrics._internal.point import Buckets as BucketsPoint

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7bb5132a4c1c1f5c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/aggregation.py:50
from opentelemetry.sdk.metrics._internal.point import (
    ExponentialHistogramDataPoint,
    HistogramDataPoint,
    NumberDataPoint,
    Sum,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b15db18ece7f4012 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/aggregation.py:56
from opentelemetry.sdk.metrics._internal.point import Gauge as GaugePoint

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a56885eff953d456 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/aggregation.py:57
from opentelemetry.sdk.metrics._internal.point import (
    Histogram as HistogramPoint,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #679a521d2e365acc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/aggregation.py:60
from opentelemetry.util.types import Attributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b2a638653dc29b4f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/exemplar/exemplar.py:6
from opentelemetry.util.types import Attributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e20f9496b002a7fa Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/exemplar/exemplar_filter.py:6
from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cc8d597ffd2c8053 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/exemplar/exemplar_filter.py:7
from opentelemetry.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0a52d9f6e5f34271 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/exemplar/exemplar_filter.py:8
from opentelemetry.trace.span import INVALID_SPAN

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #56bdb05a42c4fded Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/exemplar/exemplar_filter.py:9
from opentelemetry.util.types import Attributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6e6cf355bdaa2e49 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/exemplar/exemplar_reservoir.py:12
from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1492d4cd7b3bc589 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/exemplar/exemplar_reservoir.py:13
from opentelemetry.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f9bb2ef4dbd9379b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/exemplar/exemplar_reservoir.py:14
from opentelemetry.trace.span import INVALID_SPAN

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b3b65fb06051618e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/exemplar/exemplar_reservoir.py:15
from opentelemetry.util.types import Attributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #487202eebe51ae18 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/exponential_histogram/mapping/exponent_mapping.py:7
from opentelemetry.sdk.metrics._internal.exponential_histogram.mapping import (
    Mapping,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #effeff713bcd223c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/exponential_histogram/mapping/exponent_mapping.py:10
from opentelemetry.sdk.metrics._internal.exponential_histogram.mapping.errors import (
    MappingOverflowError,
    MappingUnderflowError,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e662fd4bb4412b55 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/exponential_histogram/mapping/exponent_mapping.py:14
from opentelemetry.sdk.metrics._internal.exponential_histogram.mapping.ieee_754 import (
    MANTISSA_WIDTH,
    MAX_NORMAL_EXPONENT,
    MIN_NORMAL_EXPONENT,
    MIN_NORMAL_VALUE,
    get_ieee_754_exponent,
    get_ieee_754_mantissa,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1bf2d022a86380f1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/exponential_histogram/mapping/logarithm_mapping.py:7
from opentelemetry.sdk.metrics._internal.exponential_histogram.mapping import (
    Mapping,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #111a4212748ffc6f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/exponential_histogram/mapping/logarithm_mapping.py:10
from opentelemetry.sdk.metrics._internal.exponential_histogram.mapping.errors import (
    MappingOverflowError,
    MappingUnderflowError,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #92d9b76d3ed812c9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/exponential_histogram/mapping/logarithm_mapping.py:14
from opentelemetry.sdk.metrics._internal.exponential_histogram.mapping.ieee_754 import (
    MAX_NORMAL_EXPONENT,
    MIN_NORMAL_EXPONENT,
    MIN_NORMAL_VALUE,
    get_ieee_754_exponent,
    get_ieee_754_mantissa,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9f05edb01a1c7566 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/export/__init__.py:21
import opentelemetry.sdk.metrics._internal

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1c97ca5392744140 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/export/__init__.py:22
from opentelemetry.context import (
    _SUPPRESS_INSTRUMENTATION_KEY,
    attach,
    detach,
    set_value,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #250dd8509704904e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/export/__init__.py:28
from opentelemetry.metrics import MeterProvider, NoOpMeterProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5aa2057522bc65e3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/export/__init__.py:29
from opentelemetry.sdk.environment_variables import (
    OTEL_METRIC_EXPORT_INTERVAL,
    OTEL_METRIC_EXPORT_TIMEOUT,
    OTEL_PYTHON_SDK_INTERNAL_METRICS_ENABLED,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6cacf9284576e257 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/export/__init__.py:34
from opentelemetry.sdk.environment_variables._internal import (
    parse_boolean_environment_variable,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #361f24f4c95324b1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/export/__init__.py:37
from opentelemetry.sdk.metrics._internal.aggregation import (
    AggregationTemporality,
    DefaultAggregation,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d80b938c7d69715d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/export/__init__.py:41
from opentelemetry.sdk.metrics._internal.exceptions import MetricsTimeoutError

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #848c223fd35c7eba Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/export/__init__.py:42
from opentelemetry.sdk.metrics._internal.instrument import (
    Counter,
    Gauge,
    Histogram,
    ObservableCounter,
    ObservableGauge,
    ObservableUpDownCounter,
    UpDownCounter,
    _Counter,
    _Gauge,
    _Histogram,
    _ObservableCounter,
    _ObservableGauge,
    _ObservableUpDownCounter,
    _UpDownCounter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2cbbdd75812b12f8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/export/__init__.py:58
from opentelemetry.sdk.metrics._internal.point import MetricsData

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7138b1620e757aac Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/export/__init__.py:59
from opentelemetry.semconv._incubating.attributes.otel_attributes import (
    OtelComponentTypeValues,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d92d93511666a624 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/export/__init__.py:62
from opentelemetry.util._once import Once

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8c1a1027db40c096 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/export/_metric_reader_metrics.py:7
from opentelemetry.metrics import MeterProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1479a4856c8574ef Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/export/_metric_reader_metrics.py:8
from opentelemetry.semconv._incubating.attributes.otel_attributes import (
    OTEL_COMPONENT_NAME,
    OTEL_COMPONENT_TYPE,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7f07969429967cda Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/export/_metric_reader_metrics.py:12
from opentelemetry.semconv._incubating.metrics.otel_metrics import (
    create_otel_sdk_metric_reader_collection_duration,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fdd9b1b9aba675d2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/instrument.py:19
from opentelemetry.context import Context, get_current

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1a79b20a898b1b96 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/instrument.py:20
from opentelemetry.metrics import Asynchronous, CallbackT, Synchronous

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #edf125c56103c864 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/instrument.py:21
from opentelemetry.metrics import Counter as APICounter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #89a07baa5a565cf0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/instrument.py:22
from opentelemetry.metrics import Histogram as APIHistogram

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ba880e59899fb323 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/instrument.py:23
from opentelemetry.metrics import ObservableCounter as APIObservableCounter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3fea5c9f9920e184 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/instrument.py:24
from opentelemetry.metrics import ObservableGauge as APIObservableGauge

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #45bd184b9ffaae24 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/instrument.py:25
from opentelemetry.metrics import (
    ObservableUpDownCounter as APIObservableUpDownCounter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fb4e71587cfecadf Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/instrument.py:28
from opentelemetry.metrics import UpDownCounter as APIUpDownCounter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1cba92b78657b42a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/instrument.py:29
from opentelemetry.metrics import _Gauge as APIGauge

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4896c15636536537 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/instrument.py:30
from opentelemetry.metrics._internal.instrument import (
    CallbackOptions,
    _MetricsHistogramAdvisory,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #62a5112d7f9dc7b1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/instrument.py:34
from opentelemetry.sdk.metrics._internal.measurement import Measurement

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e385a6a4028a26b8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/instrument.py:37
    from opentelemetry.sdk.metrics._internal import (
        _ProxyMeterConfig,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #949d0c2f06f129f2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/instrument.py:40
    from opentelemetry.sdk.metrics._internal.measurement_consumer import (
        MeasurementConsumer,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #eb40b3769ac93f46 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/instrument.py:43
    from opentelemetry.sdk.util.instrumentation import InstrumentationScope

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #be4091af68093320 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/measurement.py:9
from opentelemetry.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4fbea9e57d3494d9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/measurement.py:10
from opentelemetry.util.types import Attributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #50f254642c97ec01 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/measurement.py:13
    from opentelemetry.sdk.metrics._internal.instrument import _Instrument

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d89251465b6616c7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/measurement_consumer.py:12
import opentelemetry.sdk.metrics

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #646308f5f9de0fa3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/measurement_consumer.py:13
import opentelemetry.sdk.metrics._internal.instrument

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #bc7b1c573746c4e1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/measurement_consumer.py:14
from opentelemetry.metrics._internal.instrument import CallbackOptions

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fa065923987951ff Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/measurement_consumer.py:15
from opentelemetry.sdk.metrics._internal.exceptions import MetricsTimeoutError

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #77576bd8c931290c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/measurement_consumer.py:16
from opentelemetry.sdk.metrics._internal.measurement import Measurement

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #be6b27b3639104ad Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/measurement_consumer.py:17
from opentelemetry.sdk.metrics._internal.metric_reader_storage import (
    MetricReaderStorage,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e829bcf1f6c7359d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/measurement_consumer.py:20
from opentelemetry.sdk.metrics._internal.point import MetricsData

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2194fdc52a57224c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/metric_reader_storage.py:8
from opentelemetry.metrics import (
    Asynchronous,
    Counter,
    ObservableCounter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7bcf7fde19f3d999 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/metric_reader_storage.py:13
from opentelemetry.sdk.metrics._internal._view_instrument_match import (
    _ViewInstrumentMatch,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6cc19c4a1480fdcd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/metric_reader_storage.py:16
from opentelemetry.sdk.metrics._internal.aggregation import (
    Aggregation,
    AggregationTemporality,
    ExplicitBucketHistogramAggregation,
    _DropAggregation,
    _ExplicitBucketHistogramAggregation,
    _ExponentialBucketHistogramAggregation,
    _LastValueAggregation,
    _SumAggregation,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e6961e787bece775 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/metric_reader_storage.py:26
from opentelemetry.sdk.metrics._internal.instrument import _Instrument

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cc1e3aa1d8f1a811 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/metric_reader_storage.py:27
from opentelemetry.sdk.metrics._internal.measurement import Measurement

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #13c763e6f1ad50f4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/metric_reader_storage.py:28
from opentelemetry.sdk.metrics._internal.point import (
    ExponentialHistogram,
    Gauge,
    Histogram,
    Metric,
    MetricsData,
    ResourceMetrics,
    ScopeMetrics,
    Sum,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cd869b866ee9a694 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/metric_reader_storage.py:38
from opentelemetry.sdk.metrics._internal.sdk_configuration import (
    SdkConfiguration,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #26b98b731c892149 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/metric_reader_storage.py:41
from opentelemetry.sdk.metrics._internal.view import View

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #51d2be5a64d4f37e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/metric_reader_storage.py:42
from opentelemetry.sdk.util.instrumentation import InstrumentationScope

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #897005068ef00b82 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/point.py:11
import opentelemetry.sdk.metrics._internal

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f69166f281f03c63 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/point.py:12
from opentelemetry.sdk.metrics._internal.exemplar import Exemplar

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4b5c3cfd184fc772 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/point.py:13
from opentelemetry.sdk.resources import Resource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b233f682316336eb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/point.py:14
from opentelemetry.sdk.util.instrumentation import InstrumentationScope

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e2bb1c5c63877e40 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/point.py:15
from opentelemetry.util.types import Attributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #513b43317cd97b42 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/sdk_configuration.py:10
import opentelemetry.sdk.metrics

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5c5b6702f7280312 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/sdk_configuration.py:11
import opentelemetry.sdk.resources

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7636b6cc2803971a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/view.py:9
from opentelemetry.metrics import Instrument

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1eb770633fb55130 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/view.py:10
from opentelemetry.sdk.metrics._internal.aggregation import (
    Aggregation,
    DefaultAggregation,
    _Aggregation,
    _ExplicitBucketHistogramAggregation,
    _ExponentialBucketHistogramAggregation,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2a28137c4090de1f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/view.py:17
from opentelemetry.sdk.metrics._internal.exemplar import (
    AlignedHistogramBucketExemplarReservoir,
    ExemplarReservoirBuilder,
    SimpleFixedSizeExemplarReservoir,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cc85d2a95450481e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/view.py:22
from opentelemetry.sdk.metrics._internal.instrument import _Instrument

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #358fd09c52b46e6c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/export/__init__.py:5
from opentelemetry.sdk.metrics._internal.aggregation import (
    AggregationTemporality,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cf3c61ee298829cd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/export/__init__.py:8
from opentelemetry.sdk.metrics._internal.export import (
    ConsoleMetricExporter,
    InMemoryMetricReader,
    MetricExporter,
    MetricExportResult,
    MetricReader,
    PeriodicExportingMetricReader,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2abc3901f5388608 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/export/__init__.py:18
from opentelemetry.sdk.metrics._internal.point import (  # noqa: F401
    Buckets,
    DataPointT,
    DataT,
    ExponentialHistogram,
    ExponentialHistogramDataPoint,
    Gauge,
    Histogram,
    HistogramDataPoint,
    Metric,
    MetricsData,
    NumberDataPoint,
    ResourceMetrics,
    ScopeMetrics,
    Sum,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f895de78e8bc1791 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/view/__init__.py:4
from opentelemetry.sdk.metrics._internal.aggregation import (
    Aggregation,
    DefaultAggregation,
    DropAggregation,
    ExplicitBucketHistogramAggregation,
    ExponentialBucketHistogramAggregation,
    LastValueAggregation,
    SumAggregation,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #693f4f852d570270 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/view/__init__.py:13
from opentelemetry.sdk.metrics._internal.view import View

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #aeb8739ce97adfe3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/resources/__init__.py:67
from opentelemetry.attributes import BoundedAttributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fae919587f24736d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/resources/__init__.py:68
from opentelemetry.sdk.environment_variables import (
    OTEL_EXPERIMENTAL_RESOURCE_DETECTORS,
    OTEL_RESOURCE_ATTRIBUTES,
    OTEL_SERVICE_NAME,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #62089adf3b5de07c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/resources/__init__.py:73
from opentelemetry.sdk.version import (
    __version__ as _OPENTELEMETRY_SDK_VERSION,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #582be99a81f7aa69 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/resources/__init__.py:76
from opentelemetry.semconv.resource import ResourceAttributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0e485ac9be6953c2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/resources/__init__.py:77
from opentelemetry.util.types import AttributeValue

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #920ec7be74c0c519 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/resources/__init__.py:571
    from opentelemetry.util._importlib_metadata import (  # noqa: PLC0415
        entry_points,  # type: ignore[reportUnknownVariableType]

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c6ab7726e47b1b60 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:33
from opentelemetry import context as context_api

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ad60466032d3116a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:34
from opentelemetry import metrics as metrics_api

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e434e08e4b11bc67 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:35
from opentelemetry import trace as trace_api

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ca9d532cdf471d82 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:36
from opentelemetry.attributes import BoundedAttributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #aa99323096e23d4f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:37
from opentelemetry.sdk import util

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7aa7e90fb4ecaf42 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:38
from opentelemetry.sdk.environment_variables import (
    OTEL_ATTRIBUTE_COUNT_LIMIT,
    OTEL_ATTRIBUTE_VALUE_LENGTH_LIMIT,
    OTEL_EVENT_ATTRIBUTE_COUNT_LIMIT,
    OTEL_LINK_ATTRIBUTE_COUNT_LIMIT,
    OTEL_PYTHON_SDK_INTERNAL_METRICS_ENABLED,
    OTEL_SDK_DISABLED,
    OTEL_SPAN_ATTRIBUTE_COUNT_LIMIT,
    OTEL_SPAN_ATTRIBUTE_VALUE_LENGTH_LIMIT,
    OTEL_SPAN_EVENT_COUNT_LIMIT,
    OTEL_SPAN_LINK_COUNT_LIMIT,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4fa0a50ad9197419 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:50
from opentelemetry.sdk.environment_variables._internal import (
    parse_boolean_environment_variable,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4f4a20730a0087ce Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:53
from opentelemetry.sdk.resources import (
    Resource,
    _get_process_dependent_resource,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #03859460b8984cbd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:57
from opentelemetry.sdk.trace import sampling

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0a2591234fcaf2b1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:58
from opentelemetry.sdk.trace._tracer_metrics import create_tracer_metrics

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #52fd43e8968a9795 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:59
from opentelemetry.sdk.trace.id_generator import IdGenerator, RandomIdGenerator

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ab1b52702eba1a41 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:60
from opentelemetry.sdk.util import BoundedList

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8db20853e3ebdca1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:61
from opentelemetry.sdk.util._configurator import RuleBasedConfigurator

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #68df4f7f4ec94d16 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:62
from opentelemetry.sdk.util.instrumentation import (
    InstrumentationInfo,
    InstrumentationScope,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #97b3a95aac34fba8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:66
from opentelemetry.semconv.attributes.exception_attributes import (
    EXCEPTION_ESCAPED,
    EXCEPTION_MESSAGE,
    EXCEPTION_STACKTRACE,
    EXCEPTION_TYPE,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7152592ada9ca2e5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:72
from opentelemetry.trace import NoOpTracer, SpanContext

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c1c48d7dd64d9c47 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:73
from opentelemetry.trace.status import Status, StatusCode

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5d1f922b17e38d8b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:74
from opentelemetry.util import types

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ec8b7fae8ce3dfa3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:75
from opentelemetry.util._decorator import _agnosticcontextmanager

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #688dc69b48a625cd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_always_off.py:8
from opentelemetry.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #30472b9d84b0a800 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_always_off.py:9
from opentelemetry.trace import Link, SpanKind, TraceState

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ad07913b9c940782 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_always_off.py:10
from opentelemetry.util.types import Attributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #73bbaf50e9987592 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_always_on.py:8
from opentelemetry.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #60e712e614f70d58 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_always_on.py:9
from opentelemetry.trace import Link, SpanKind, TraceState

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a94cbd57fff18fae Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_always_on.py:10
from opentelemetry.util.types import Attributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1364969176e73144 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_composable.py:10
from opentelemetry.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #27d43cc748fccfa9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_composable.py:11
from opentelemetry.trace import Link, SpanKind, TraceState

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #15b772079dc59382 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_composable.py:12
from opentelemetry.util.types import Attributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3a400e9709fc605b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_parent_threshold.py:8
from opentelemetry.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cc3e7e43f382b373 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_parent_threshold.py:9
from opentelemetry.trace import Link, SpanKind, TraceState, get_current_span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #961edb9e70a403f4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_parent_threshold.py:10
from opentelemetry.util.types import Attributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1f67e8903b2ae24e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_rule_based.py:11
from opentelemetry.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fa57f1ce07396b61 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_rule_based.py:12
from opentelemetry.trace import (
    Link,
    SpanKind,
    TraceState,
    get_current_span,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2ff84b929d2b7a6a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_rule_based.py:18
from opentelemetry.util.types import AnyValue, Attributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ad6d96463f8352a2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_sampler.py:8
from opentelemetry.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #51eccde8204f45e7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_sampler.py:9
from opentelemetry.sdk.trace.sampling import Decision, Sampler, SamplingResult

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #440f1f4eda043993 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_sampler.py:10
from opentelemetry.trace import Link, SpanKind, TraceState

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #bf35b62a44b15cf8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_sampler.py:11
from opentelemetry.util.types import Attributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5d22bbfb4cab1146 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_trace_state.py:9
from opentelemetry.trace import TraceState

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #81dd6a727f35023b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_traceid_ratio.py:8
from opentelemetry.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9587ce765aad900f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_traceid_ratio.py:9
from opentelemetry.trace import Link, SpanKind, TraceState

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0996fef3757d3a2c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_traceid_ratio.py:10
from opentelemetry.util.types import Attributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b66f8b1f560c31b0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_tracer_metrics.py:9
from opentelemetry import metrics as metrics_api

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d328b8acbb365dbd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_tracer_metrics.py:10
from opentelemetry.sdk.trace.sampling import Decision

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ecf44a4bff7b6eae Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_tracer_metrics.py:11
from opentelemetry.semconv._incubating.attributes.otel_attributes import (
    OTEL_SPAN_PARENT_ORIGIN,
    OTEL_SPAN_SAMPLING_RESULT,
    OtelSpanSamplingResultValues,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d5bb0f75e31beb6c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_tracer_metrics.py:16
from opentelemetry.semconv._incubating.metrics.otel_metrics import (
    create_otel_sdk_span_live,
    create_otel_sdk_span_started,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #636b67ea0ab557f1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_tracer_metrics.py:20
from opentelemetry.trace.span import SpanContext

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c21d63ae514f5615 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/export/__init__.py:12
from opentelemetry.context import (
    _SUPPRESS_INSTRUMENTATION_KEY,
    Context,
    attach,
    detach,
    set_value,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8fc51c60e8dbde38 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/export/__init__.py:19
from opentelemetry.metrics import MeterProvider, get_meter_provider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #58114ddb97491b1a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/export/__init__.py:20
from opentelemetry.sdk._shared_internal import (
    BatchProcessor,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0af774afaafc090d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/export/__init__.py:23
from opentelemetry.sdk._shared_internal._processor_metrics import (
    create_processor_metrics,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ff5feada0da03679 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/export/__init__.py:26
from opentelemetry.sdk.environment_variables import (
    OTEL_BSP_EXPORT_TIMEOUT,
    OTEL_BSP_MAX_EXPORT_BATCH_SIZE,
    OTEL_BSP_MAX_QUEUE_SIZE,
    OTEL_BSP_SCHEDULE_DELAY,
    OTEL_PYTHON_SDK_INTERNAL_METRICS_ENABLED,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f3c6390ebec24f5c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/export/__init__.py:33
from opentelemetry.sdk.environment_variables._internal import (
    parse_boolean_environment_variable,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c3e421712cbb0461 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/export/__init__.py:36
from opentelemetry.sdk.trace import ReadableSpan, Span, SpanProcessor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #685979340bb2fba3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/export/__init__.py:37
from opentelemetry.semconv._incubating.attributes.otel_attributes import (
    OtelComponentTypeValues,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ea1e455f818f6254 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/export/in_memory_span_exporter.py:8
from opentelemetry.sdk.trace import ReadableSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5a3dda6108c0270f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/export/in_memory_span_exporter.py:9
from opentelemetry.sdk.trace.export import SpanExporter, SpanExportResult

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9b0ad9515162165e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/id_generator.py:7
from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #be3407679cfc69ec Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/sampling.py:135
from opentelemetry.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8846928aa419ef9c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/sampling.py:136
from opentelemetry.sdk.environment_variables import (
    OTEL_TRACES_SAMPLER,
    OTEL_TRACES_SAMPLER_ARG,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #540b96e35507fec7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/sampling.py:140
from opentelemetry.trace import Link, SpanKind, get_current_span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8a3f2eb47e51455c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/sampling.py:141
from opentelemetry.trace.span import TraceState

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1538711ab7778883 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/sampling.py:142
from opentelemetry.util.types import Attributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f26711b669136048 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/util/__init__.pyi:28
from opentelemetry.util.types import AttributesAsKey, AttributeValue

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #364ee2789eea2489 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/util/_configurator.py:6
from opentelemetry.sdk.util.instrumentation import (
    InstrumentationScope,
    _InstrumentationScopePredicateT,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8dbbb42e34031c0c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/util/instrumentation.py:9
from opentelemetry.attributes import BoundedAttributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e13d62d50b7f352d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/util/instrumentation.py:10
from opentelemetry.util.types import (  # TODO: see if we can remove F401 when using new sphinx version # noqa: F401 # pylint: disable=unused-import
    AnyValue,
    Attributes,
    _ExtendedAttributes,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

expand_more 44 low-confidence finding(s)
low env_fs dependency Excluded from app score #0a65aef2ca21add8 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:154
    return environ.get(OTEL_TRACES_SAMPLER, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #41028b6516994fda Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:158
    return environ.get(OTEL_PYTHON_ID_GENERATOR, _DEFAULT_ID_GENERATOR)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dd2ca1f5edbd9163 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:162
    return environ.get(OTEL_PYTHON_TRACER_CONFIGURATOR, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2b864ad248f5a513 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:166
    return environ.get(OTEL_PYTHON_METER_CONFIGURATOR, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4a18262f73cb9302 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:170
    return environ.get(OTEL_PYTHON_LOGGER_CONFIGURATOR, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d89f860d77a905ed Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:184
    otlp_protocol = environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ccdd0bb7e9b6caa0 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:184
    otlp_protocol = environ.get(
        _PROTOCOL_ENV_BY_SIGNAL_TYPE[signal_type]
    ) or environ.get(OTEL_EXPORTER_OTLP_PROTOCOL)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0a3c692f7d6b0725 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:186
    ) or environ.get(OTEL_EXPORTER_OTLP_PROTOCOL)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9f29f8f9e3638a75 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:220
    names = environ.get(_EXPORTER_ENV_BY_SIGNAL_TYPE.get(signal_type, ""))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #eaf2db771647a571 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:492
                rate = float(os.getenv(OTEL_TRACES_SAMPLER_ARG, ""))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0668bde4e6342071 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:500
            arg = os.getenv(OTEL_TRACES_SAMPLER_ARG)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8f12919d2e4984fc Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:649
            os.getenv(
                _OTEL_PYTHON_LOGGING_AUTO_INSTRUMENTATION_ENABLED, "false"
            )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d36174a52bcaadef Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:710
        if config_file := environ.get(OTEL_CONFIG_FILE):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #822bf7bb29950a27 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:202
            if env_var not in environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #25323bc9e0468df2 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:205
            str_value = environ.get(env_var, "").strip().lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ebb6d98929fda67c Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:835
        disabled = environ.get(OTEL_SDK_DISABLED, "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a8bf82c9fc917628 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/export/__init__.py:363
                environ.get(OTEL_BLRP_MAX_QUEUE_SIZE, _DEFAULT_MAX_QUEUE_SIZE)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7fe3247dde784bd6 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/export/__init__.py:377
                environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #916901edd23ea61f Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/export/__init__.py:377
                environ.get(
                    OTEL_BLRP_SCHEDULE_DELAY, _DEFAULT_SCHEDULE_DELAY_MILLIS
                )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bc68f944448192a4 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/export/__init__.py:393
                environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9e8e49c61c9bdf8e Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/export/__init__.py:393
                environ.get(
                    OTEL_BLRP_MAX_EXPORT_BATCH_SIZE,
                    _DEFAULT_MAX_EXPORT_BATCH_SIZE,
                )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #87c545dc3481dcf2 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/export/__init__.py:410
                environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6d0ba430eccca569 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/export/__init__.py:410
                environ.get(
                    OTEL_BLRP_EXPORT_TIMEOUT, _DEFAULT_EXPORT_TIMEOUT_MILLIS
                )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #05dd3c49af4b21f3 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/environment_variables/_internal.py:13
    value = environ.get(environment_variable)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1beb6e0fd122c1f9 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:493
                    environ.get(OTEL_METRICS_EXEMPLAR_FILTER, "trace_based")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6f1998927503d3fe Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:504
        disabled = environ.get(OTEL_SDK_DISABLED, "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9aaf0ed08b5aa01b Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/export/__init__.py:498
                    environ.get(OTEL_METRIC_EXPORT_INTERVAL, 60000)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d08ed6e28b28064c Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/export/__init__.py:508
                    environ.get(OTEL_METRIC_EXPORT_TIMEOUT, 30000)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fde1ba903fc1947d Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/resources/__init__.py:315
        env_resources_items = environ.get(OTEL_RESOURCE_ATTRIBUTES)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #852050c4dfe29406 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/resources/__init__.py:332
        service_name = environ.get(OTEL_SERVICE_NAME)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d4a3c3975cd1afd6 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/resources/__init__.py:557
                for name in environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #15de180b75725b8e Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/resources/__init__.py:557
                for name in environ.get(
                    OTEL_EXPERIMENTAL_RESOURCE_DETECTORS, ""
                ).split(",")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cf6ed40c463fa41f Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:738
            if env_var not in environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3769b3d90167bf0d Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:741
            str_value = environ.get(env_var, "").strip().lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cb1af91e82cfe87d Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:1341
        disabled = environ.get(OTEL_SDK_DISABLED, "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4e9e976ee0a613a0 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/export/__init__.py:242
                environ.get(OTEL_BSP_MAX_QUEUE_SIZE, _DEFAULT_MAX_QUEUE_SIZE)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2504ae1b2a83c963 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/export/__init__.py:256
                environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #40e7b9b6250bcdd2 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/export/__init__.py:256
                environ.get(
                    OTEL_BSP_SCHEDULE_DELAY, _DEFAULT_SCHEDULE_DELAY_MILLIS
                )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #958946ec9387c0e4 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/export/__init__.py:272
                environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #61c40984ae645ac3 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/export/__init__.py:272
                environ.get(
                    OTEL_BSP_MAX_EXPORT_BATCH_SIZE,
                    _DEFAULT_MAX_EXPORT_BATCH_SIZE,
                )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2b574a2040537aa5 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/export/__init__.py:289
                environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0248c5a98a9814a4 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/export/__init__.py:289
                environ.get(
                    OTEL_BSP_EXPORT_TIMEOUT, _DEFAULT_EXPORT_TIMEOUT_MILLIS
                )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9b069ece92f81418 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/sampling.py:421
    trace_sampler = os.getenv(
        OTEL_TRACES_SAMPLER, "parentbased_always_on"
    ).lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #035bc1dfc0e99229 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/sampling.py:430
            rate = float(os.getenv(OTEL_TRACES_SAMPLER_ARG, ""))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

opentelemetry-api

python dependency
medium telemetry dependency Excluded from app score #f1bf969eb3393b95 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/_logs/__init__.py:25
from opentelemetry._logs._internal import (
    Logger,
    LoggerProvider,
    LogRecord,
    NoOpLogger,
    NoOpLoggerProvider,
    get_logger,
    get_logger_provider,
    set_logger_provider,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #13029e8ca81f087c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/_logs/__init__.py:35
from opentelemetry._logs.severity import SeverityNumber

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0485a4fb1110c53c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/_logs/_internal/__init__.py:35
from opentelemetry._logs.severity import SeverityNumber

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a384664c49ff3902 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/_logs/_internal/__init__.py:36
from opentelemetry.context import get_current

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #27c5dc4103230be5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/_logs/_internal/__init__.py:37
from opentelemetry.context.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #31376eb82a2c9ccc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/_logs/_internal/__init__.py:38
from opentelemetry.environment_variables import _OTEL_PYTHON_LOGGER_PROVIDER

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3a7224c51196e897 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/_logs/_internal/__init__.py:39
from opentelemetry.trace import get_current_span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #33857d3ade679cbb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/_logs/_internal/__init__.py:40
from opentelemetry.trace.span import TraceFlags

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9c8a1cafe8d9eba5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/_logs/_internal/__init__.py:41
from opentelemetry.util._once import Once

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ba617a6278c26757 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/_logs/_internal/__init__.py:42
from opentelemetry.util._providers import _load_provider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7489f8572cd7e3a7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/_logs/_internal/__init__.py:43
from opentelemetry.util.types import AnyValue, _ExtendedAttributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #21ca6cf9439bb7d9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/attributes/__init__.py:10
from opentelemetry.util import types

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d81eecbff6f4bfec Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/baggage/__init__.py:9
from opentelemetry.context import create_key, get_value, set_value

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b9c039882f14f527 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/baggage/__init__.py:10
from opentelemetry.context.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #91bb6fbf895f04f5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/baggage/__init__.py:11
from opentelemetry.util.re import (
    _BAGGAGE_PROPERTY_FORMAT,
    _KEY_FORMAT,
    _VALUE_FORMAT,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #55df264274ea10fc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/baggage/propagation/__init__.py:9
from opentelemetry.baggage import _is_valid_pair, get_all, set_baggage

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0cd1d15681e87f34 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/baggage/propagation/__init__.py:10
from opentelemetry.context import get_current

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3ebed510035b9d69 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/baggage/propagation/__init__.py:11
from opentelemetry.context.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8591b782a2a60470 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/baggage/propagation/__init__.py:12
from opentelemetry.propagators import textmap

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #543b5335c5aa3d8e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/baggage/propagation/__init__.py:13
from opentelemetry.util.re import _DELIMITER_PATTERN

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4a94b484c04d0748 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/context/__init__.py:12
from opentelemetry.context.context import Context, _RuntimeContext  # noqa

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #366d0c1f97cc8c37 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/context/__init__.py:13
from opentelemetry.context.contextvars_context import ContextVarsRuntimeContext

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e9b9bfa25d9d7a88 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/context/__init__.py:14
from opentelemetry.environment_variables import OTEL_PYTHON_CONTEXT

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c22ebd63dd107cda Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/context/__init__.py:30
    from opentelemetry.util._importlib_metadata import (  # noqa: PLC0415
        entry_points,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d3f61f3feb20226c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/context/contextvars_context.py:8
from opentelemetry.context.context import Context, _RuntimeContext

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9e45569cb85a21df Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/metrics/__init__.py:31
from opentelemetry.metrics._internal import (
    Meter,
    MeterProvider,
    NoOpMeter,
    NoOpMeterProvider,
    get_meter,
    get_meter_provider,
    set_meter_provider,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8e242eb1abf015e2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/metrics/__init__.py:40
from opentelemetry.metrics._internal.instrument import (
    Asynchronous,
    CallbackOptions,
    CallbackT,
    Counter,
    Histogram,
    Instrument,
    NoOpCounter,
    NoOpHistogram,
    NoOpObservableCounter,
    NoOpObservableGauge,
    NoOpObservableUpDownCounter,
    NoOpUpDownCounter,
    ObservableCounter,
    ObservableGauge,
    ObservableUpDownCounter,
    Synchronous,
    UpDownCounter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f93c47455d0259a5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/metrics/__init__.py:59
from opentelemetry.metrics._internal.instrument import Gauge as _Gauge

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #996262ab0530c0a8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/metrics/__init__.py:60
from opentelemetry.metrics._internal.instrument import NoOpGauge as _NoOpGauge

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #479da7c6712e7866 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/metrics/__init__.py:61
from opentelemetry.metrics._internal.observation import Observation

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #eaae77cd88cddcfd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/metrics/_internal/__init__.py:41
from opentelemetry.environment_variables import OTEL_PYTHON_METER_PROVIDER

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7aae9721d86f050e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/metrics/_internal/__init__.py:42
from opentelemetry.metrics._internal.instrument import (
    CallbackT,
    Counter,
    Gauge,
    Histogram,
    NoOpCounter,
    NoOpGauge,
    NoOpHistogram,
    NoOpObservableCounter,
    NoOpObservableGauge,
    NoOpObservableUpDownCounter,
    NoOpUpDownCounter,
    ObservableCounter,
    ObservableGauge,
    ObservableUpDownCounter,
    UpDownCounter,
    _MetricsHistogramAdvisory,
    _ProxyCounter,
    _ProxyGauge,
    _ProxyHistogram,
    _ProxyObservableCounter,
    _ProxyObservableGauge,
    _ProxyObservableUpDownCounter,
    _ProxyUpDownCounter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3458b8321794d875 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/metrics/_internal/__init__.py:67
from opentelemetry.util._once import Once

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a68d09f09a1f046f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/metrics/_internal/__init__.py:68
from opentelemetry.util._providers import _load_provider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a8a80227a50530ea Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/metrics/_internal/__init__.py:69
from opentelemetry.util.types import (
    Attributes,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #eea27a1e53518183 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/metrics/_internal/instrument.py:18
from opentelemetry import metrics

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a245a82b84918108 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/metrics/_internal/instrument.py:19
from opentelemetry.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #058555537dc6f443 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/metrics/_internal/instrument.py:20
from opentelemetry.metrics._internal.observation import Observation

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #235bce2f8f7741b0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/metrics/_internal/instrument.py:21
from opentelemetry.util.types import (
    Attributes,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b985362793885ada Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/metrics/_internal/observation.py:5
from opentelemetry.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1bce7474863cac5b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/metrics/_internal/observation.py:6
from opentelemetry.util.types import Attributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f6c03b00a5dcf4ee Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/propagate/__init__.py:63
from opentelemetry.context.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #de6475834da88c3e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/propagate/__init__.py:64
from opentelemetry.environment_variables import OTEL_PROPAGATORS

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #18c5861dd4de8399 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/propagate/__init__.py:65
from opentelemetry.propagators import composite, textmap

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fd4362ab913b367e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/propagate/__init__.py:115
        from opentelemetry.baggage.propagation import (  # noqa: PLC0415
            W3CBaggagePropagator,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #98fa2bcec6c0afd9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/propagate/__init__.py:120
        from opentelemetry.trace.propagation.tracecontext import (  # noqa: PLC0415
            TraceContextTextMapPropagator,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c5f8b9882076d992 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/propagate/__init__.py:129
    from opentelemetry.util._importlib_metadata import (  # noqa: PLC0415
        entry_points,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #83c542b3e3684ab9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/propagators/_envcarrier.py:15
from opentelemetry.propagators.textmap import Getter, Setter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c38ec1921b97bc11 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/propagators/composite.py:8
from opentelemetry.context.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f64a2c9a76e89671 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/propagators/composite.py:9
from opentelemetry.propagators import textmap

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5df138a663b4642c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/propagators/textmap.py:8
from opentelemetry.context.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3bb9c94969aacb6c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/trace/__init__.py:74
from opentelemetry import context as context_api

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2e7b8b692deb4133 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/trace/__init__.py:75
from opentelemetry.attributes import BoundedAttributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1ab13491c2ee3e56 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/trace/__init__.py:76
from opentelemetry.context.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3b0c6682ce2aa4fe Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/trace/__init__.py:77
from opentelemetry.environment_variables import OTEL_PYTHON_TRACER_PROVIDER

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #227a878932aab49b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/trace/__init__.py:78
from opentelemetry.trace.propagation import (
    _SPAN_KEY,
    get_current_span,
    set_span_in_context,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f1210969375ea7d4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/trace/__init__.py:83
from opentelemetry.trace.span import (
    DEFAULT_TRACE_OPTIONS,
    DEFAULT_TRACE_STATE,
    INVALID_SPAN,
    INVALID_SPAN_CONTEXT,
    INVALID_SPAN_ID,
    INVALID_TRACE_ID,
    NonRecordingSpan,
    Span,
    SpanContext,
    TraceFlags,
    TraceState,
    format_span_id,
    format_trace_id,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #66908cc0b7eb6d0e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/trace/__init__.py:98
from opentelemetry.trace.status import Status, StatusCode

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #408ee9837ed272be Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/trace/__init__.py:99
from opentelemetry.util import types

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #16df10cde8e936b9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/trace/__init__.py:100
from opentelemetry.util._decorator import _agnosticcontextmanager

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f0f5dbac682487b3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/trace/__init__.py:101
from opentelemetry.util._once import Once

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c7beb4da5458d167 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/trace/__init__.py:102
from opentelemetry.util._providers import _load_provider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #06ddea577402599f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/trace/propagation/__init__.py:4
from opentelemetry.context import create_key, get_value, set_value

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a18444b754a3324a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/trace/propagation/__init__.py:5
from opentelemetry.context.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #14ac5df55cdbe226 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/trace/propagation/__init__.py:6
from opentelemetry.trace.span import INVALID_SPAN, Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c3d9fc09d5f882f5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/trace/propagation/tracecontext.py:6
from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c08a9cd8b30571a3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/trace/propagation/tracecontext.py:7
from opentelemetry.context.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #98932d2c64c3ca5b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/trace/propagation/tracecontext.py:8
from opentelemetry.propagators import textmap

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #aab1931b7deb5f3a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/trace/propagation/tracecontext.py:9
from opentelemetry.trace import format_span_id, format_trace_id

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4499877904417c68 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/trace/propagation/tracecontext.py:10
from opentelemetry.trace.span import TraceState

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e4f58b3b2e234e17 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/trace/span.py:14
from opentelemetry.trace.status import Status, StatusCode

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #be0a85e3d4271425 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/trace/span.py:15
from opentelemetry.util import types

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6993250c6f49211a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/util/_providers.py:9
    from opentelemetry.metrics import MeterProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #aaa283624fa27709 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/util/_providers.py:10
    from opentelemetry.trace import TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #dcb3c8cc56e79c03 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/util/_providers.py:21
    from opentelemetry.util._importlib_metadata import (  # noqa: PLC0415
        entry_points,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

expand_more 7 low-confidence finding(s)
low env_fs dependency Excluded from app score #7986d28a9903f7ef Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/_logs/_internal/__init__.py:394
        if _OTEL_PYTHON_LOGGER_PROVIDER not in environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #42c995a16eff8cd1 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/context/__init__.py:25
    configured_context = os.environ.get(OTEL_PYTHON_CONTEXT)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #102495a1c5dc814b Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/metrics/_internal/__init__.py:868
        if OTEL_PYTHON_METER_PROVIDER not in environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #af705538ea3b12f0 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/propagate/__init__.py:112
    configured = environ.get(OTEL_PROPAGATORS)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #daa542a788c818e4 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/propagate/__init__.py:167
environ_propagators = environ.get(OTEL_PROPAGATORS, "tracecontext,baggage")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5a3739df215baeda Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/trace/__init__.py:573
        if OTEL_PYTHON_TRACER_PROVIDER not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9743a71dde185f23 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/util/_providers.py:28
            environ.get(provider_environment_variable, f"default_{provider}"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

opentelemetry-exporter-otlp-proto-http

python dependency
medium telemetry dependency Excluded from app score #5f4f99f221ddd1b6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/_common/__init__.py:9
from opentelemetry.sdk.environment_variables import (
    _OTEL_PYTHON_EXPORTER_OTLP_HTTP_CREDENTIAL_PROVIDER,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5d7ee7eb15c41d61 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/_common/__init__.py:12
from opentelemetry.util._importlib_metadata import entry_points

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #023ae95eb503a6d1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/_log_exporter/__init__.py:19
from opentelemetry.exporter.otlp.proto.common._exporter_metrics import (
    create_exporter_metrics,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #365f742e0630843f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/_log_exporter/__init__.py:22
from opentelemetry.exporter.otlp.proto.common._log_encoder import encode_logs

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6bec5191a82baa84 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/_log_exporter/__init__.py:23
from opentelemetry.exporter.otlp.proto.http import (
    _OTLP_HTTP_HEADERS,
    Compression,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #55851e45c76c4bf1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/_log_exporter/__init__.py:27
from opentelemetry.exporter.otlp.proto.http._common import (
    _is_retryable,
    _load_session_from_envvar,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #83d10b61503b2ce3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/_log_exporter/__init__.py:31
from opentelemetry.metrics import MeterProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5c9502645d021533 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/_log_exporter/__init__.py:32
from opentelemetry.sdk._logs import ReadableLogRecord

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e0588fae66874ec9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/_log_exporter/__init__.py:33
from opentelemetry.sdk._logs.export import (
    LogRecordExporter,
    LogRecordExportResult,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #54cb795bec9a87a7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/_log_exporter/__init__.py:37
from opentelemetry.sdk._shared_internal import DuplicateFilter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #055a7373ab510125 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/_log_exporter/__init__.py:38
from opentelemetry.sdk.environment_variables import (
    _OTEL_PYTHON_EXPORTER_OTLP_HTTP_LOGS_CREDENTIAL_PROVIDER,
    OTEL_EXPORTER_OTLP_CERTIFICATE,
    OTEL_EXPORTER_OTLP_CLIENT_CERTIFICATE,
    OTEL_EXPORTER_OTLP_CLIENT_KEY,
    OTEL_EXPORTER_OTLP_COMPRESSION,
    OTEL_EXPORTER_OTLP_ENDPOINT,
    OTEL_EXPORTER_OTLP_HEADERS,
    OTEL_EXPORTER_OTLP_LOGS_CERTIFICATE,
    OTEL_EXPORTER_OTLP_LOGS_CLIENT_CERTIFICATE,
    OTEL_EXPORTER_OTLP_LOGS_CLIENT_KEY,
    OTEL_EXPORTER_OTLP_LOGS_COMPRESSION,
    OTEL_EXPORTER_OTLP_LOGS_ENDPOINT,
    OTEL_EXPORTER_OTLP_LOGS_HEADERS,
    OTEL_EXPORTER_OTLP_LOGS_TIMEOUT,
    OTEL_EXPORTER_OTLP_TIMEOUT,
    OTEL_PYTHON_SDK_INTERNAL_METRICS_ENABLED,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #972e39939bc9c3f1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/_log_exporter/__init__.py:56
from opentelemetry.semconv._incubating.attributes.otel_attributes import (
    OtelComponentTypeValues,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #216efb05318eb39e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/_log_exporter/__init__.py:59
from opentelemetry.semconv.attributes.http_attributes import (
    HTTP_RESPONSE_STATUS_CODE,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c6cd0e3853d2d51a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/_log_exporter/__init__.py:62
from opentelemetry.util.re import parse_env_headers

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4534ae745da573f3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/metric_exporter/__init__.py:25
from opentelemetry.exporter.otlp.proto.common._exporter_metrics import (
    create_exporter_metrics,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9e6f316e427cb3a7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/metric_exporter/__init__.py:28
from opentelemetry.exporter.otlp.proto.common._internal import (
    _get_resource_data,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #06b429788702fd49 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/metric_exporter/__init__.py:31
from opentelemetry.exporter.otlp.proto.common._internal.metrics_encoder import (
    OTLPMetricExporterMixin,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #928de324cbbe0860 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/metric_exporter/__init__.py:34
from opentelemetry.exporter.otlp.proto.common.metrics_encoder import (
    encode_metrics,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c4c9ad578d3e7faf Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/metric_exporter/__init__.py:37
from opentelemetry.exporter.otlp.proto.http import (
    _OTLP_HTTP_HEADERS,
    Compression,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4be29caee511f12a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/metric_exporter/__init__.py:41
from opentelemetry.exporter.otlp.proto.http._common import (
    _is_retryable,
    _load_session_from_envvar,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #28280057ed2c450b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/metric_exporter/__init__.py:45
from opentelemetry.metrics import MeterProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #99f16d38d2fc74a3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/metric_exporter/__init__.py:46
from opentelemetry.proto.collector.metrics.v1.metrics_service_pb2 import (  # noqa: F401
    ExportMetricsServiceRequest,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0e544129e95a211a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/metric_exporter/__init__.py:49
from opentelemetry.proto.common.v1.common_pb2 import (  # noqa: F401
    AnyValue,
    ArrayValue,
    InstrumentationScope,
    KeyValue,
    KeyValueList,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #32cb4f0070a72e43 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/metric_exporter/__init__.py:56
from opentelemetry.proto.metrics.v1 import metrics_pb2 as pb2

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #979fa3ff7f2daead Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/metric_exporter/__init__.py:57
from opentelemetry.proto.resource.v1.resource_pb2 import Resource  # noqa: F401

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f8fec5d7c3809876 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/metric_exporter/__init__.py:58
from opentelemetry.proto.resource.v1.resource_pb2 import (
    Resource as PB2Resource,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #31f8139d20d8e965 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/metric_exporter/__init__.py:61
from opentelemetry.sdk.environment_variables import (
    _OTEL_PYTHON_EXPORTER_OTLP_HTTP_METRICS_CREDENTIAL_PROVIDER,
    OTEL_EXPORTER_OTLP_CERTIFICATE,
    OTEL_EXPORTER_OTLP_CLIENT_CERTIFICATE,
    OTEL_EXPORTER_OTLP_CLIENT_KEY,
    OTEL_EXPORTER_OTLP_COMPRESSION,
    OTEL_EXPORTER_OTLP_ENDPOINT,
    OTEL_EXPORTER_OTLP_HEADERS,
    OTEL_EXPORTER_OTLP_METRICS_CERTIFICATE,
    OTEL_EXPORTER_OTLP_METRICS_CLIENT_CERTIFICATE,
    OTEL_EXPORTER_OTLP_METRICS_CLIENT_KEY,
    OTEL_EXPORTER_OTLP_METRICS_COMPRESSION,
    OTEL_EXPORTER_OTLP_METRICS_ENDPOINT,
    OTEL_EXPORTER_OTLP_METRICS_HEADERS,
    OTEL_EXPORTER_OTLP_METRICS_TIMEOUT,
    OTEL_EXPORTER_OTLP_TIMEOUT,
    OTEL_PYTHON_SDK_INTERNAL_METRICS_ENABLED,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f98f4b8fd6e3a68b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/metric_exporter/__init__.py:79
from opentelemetry.sdk.metrics._internal.aggregation import Aggregation

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e9d04e8c5cc12bc9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/metric_exporter/__init__.py:80
from opentelemetry.sdk.metrics.export import (  # noqa: F401
    AggregationTemporality,
    Gauge,
    MetricExporter,
    MetricExportResult,
    MetricsData,
    Sum,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cdac0d65600df9b2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/metric_exporter/__init__.py:88
from opentelemetry.sdk.metrics.export import (  # noqa: F401
    Histogram as HistogramType,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fc1f166110fe88ba Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/metric_exporter/__init__.py:91
from opentelemetry.sdk.resources import Resource as SDKResource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #af5b1618477114d7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/metric_exporter/__init__.py:92
from opentelemetry.semconv._incubating.attributes.otel_attributes import (
    OtelComponentTypeValues,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9dfc4e30c47bc0ce Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/metric_exporter/__init__.py:95
from opentelemetry.semconv.attributes.http_attributes import (
    HTTP_RESPONSE_STATUS_CODE,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4eefc377a955dcbe Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/metric_exporter/__init__.py:98
from opentelemetry.util.re import parse_env_headers

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #afd9c4a23d6e3313 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/__init__.py:19
from opentelemetry.exporter.otlp.proto.common._exporter_metrics import (
    create_exporter_metrics,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b032e82dd8dc54ee Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/__init__.py:22
from opentelemetry.exporter.otlp.proto.common.trace_encoder import (
    encode_spans,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9df050e9ee0d4671 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/__init__.py:25
from opentelemetry.exporter.otlp.proto.http import (
    _OTLP_HTTP_HEADERS,
    Compression,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #354062cf05e2f5a5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/__init__.py:29
from opentelemetry.exporter.otlp.proto.http._common import (
    _is_retryable,
    _load_session_from_envvar,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a1879b27e0a2047e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/__init__.py:33
from opentelemetry.metrics import MeterProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #43eec78855fd07cc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/__init__.py:34
from opentelemetry.sdk.environment_variables import (
    _OTEL_PYTHON_EXPORTER_OTLP_HTTP_TRACES_CREDENTIAL_PROVIDER,
    OTEL_EXPORTER_OTLP_CERTIFICATE,
    OTEL_EXPORTER_OTLP_CLIENT_CERTIFICATE,
    OTEL_EXPORTER_OTLP_CLIENT_KEY,
    OTEL_EXPORTER_OTLP_COMPRESSION,
    OTEL_EXPORTER_OTLP_ENDPOINT,
    OTEL_EXPORTER_OTLP_HEADERS,
    OTEL_EXPORTER_OTLP_TIMEOUT,
    OTEL_EXPORTER_OTLP_TRACES_CERTIFICATE,
    OTEL_EXPORTER_OTLP_TRACES_CLIENT_CERTIFICATE,
    OTEL_EXPORTER_OTLP_TRACES_CLIENT_KEY,
    OTEL_EXPORTER_OTLP_TRACES_COMPRESSION,
    OTEL_EXPORTER_OTLP_TRACES_ENDPOINT,
    OTEL_EXPORTER_OTLP_TRACES_HEADERS,
    OTEL_EXPORTER_OTLP_TRACES_TIMEOUT,
    OTEL_PYTHON_SDK_INTERNAL_METRICS_ENABLED,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #49b03aa954b92cfd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/__init__.py:52
from opentelemetry.sdk.trace import ReadableSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7b62dcf3e6383b13 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/__init__.py:53
from opentelemetry.sdk.trace.export import SpanExporter, SpanExportResult

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d45d2b66516a0b89 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/__init__.py:54
from opentelemetry.semconv._incubating.attributes.otel_attributes import (
    OtelComponentTypeValues,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #75d613e04103e371 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/__init__.py:57
from opentelemetry.semconv.attributes.http_attributes import (
    HTTP_RESPONSE_STATUS_CODE,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9464464c8691e2b5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/__init__.py:60
from opentelemetry.util.re import parse_env_headers

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #84c8b6c0502af6df Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/encoder/__init__.py:8
from opentelemetry.proto.collector.trace.v1.trace_service_pb2 import (  # noqa: F401
    ExportTraceServiceRequest as PB2ExportTraceServiceRequest,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #988459fed572c3b5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/encoder/__init__.py:11
from opentelemetry.proto.common.v1.common_pb2 import (  # noqa: F401
    AnyValue as PB2AnyValue,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #da1daea0c7623671 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/encoder/__init__.py:14
from opentelemetry.proto.common.v1.common_pb2 import (  # noqa: F401
    ArrayValue as PB2ArrayValue,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c6874e9026ab8f38 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/encoder/__init__.py:17
from opentelemetry.proto.common.v1.common_pb2 import (  # noqa: F401
    InstrumentationScope as PB2InstrumentationScope,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3101faa11408eaf1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/encoder/__init__.py:20
from opentelemetry.proto.common.v1.common_pb2 import (  # noqa: F401
    KeyValue as PB2KeyValue,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c4b52503fb7fef3f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/encoder/__init__.py:23
from opentelemetry.proto.resource.v1.resource_pb2 import (  # noqa: F401
    Resource as PB2Resource,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #050569a37c2adf8c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/encoder/__init__.py:26
from opentelemetry.proto.trace.v1.trace_pb2 import (  # noqa: F401
    ResourceSpans as PB2ResourceSpans,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e3426b5ea91923d6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/encoder/__init__.py:29
from opentelemetry.proto.trace.v1.trace_pb2 import (  # noqa: F401
    ScopeSpans as PB2ScopeSpans,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #91a950fcdfa22ee7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/encoder/__init__.py:32
from opentelemetry.proto.trace.v1.trace_pb2 import (  # noqa: F401
    Span as PB2SPan,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0475156885b22799 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/encoder/__init__.py:35
from opentelemetry.proto.trace.v1.trace_pb2 import (  # noqa: F401
    Status as PB2Status,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #71216fb3283ed70b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/encoder/__init__.py:38
from opentelemetry.sdk.trace import (
    Event,  # noqa: F401
    Resource,  # noqa: F401

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2877d457565c405c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/encoder/__init__.py:42
from opentelemetry.sdk.trace import Span as SDKSpan  # noqa: F401

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f95179787b2f0c0d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/encoder/__init__.py:43
from opentelemetry.sdk.util.instrumentation import (  # noqa: F401
    InstrumentationScope,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fcef315218d066b6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/encoder/__init__.py:46
from opentelemetry.trace import (
    Link,  # noqa: F401
    SpanKind,  # noqa: F401

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a2e9e3a6010b4163 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/encoder/__init__.py:50
from opentelemetry.trace.span import (  # noqa: F401
    SpanContext,
    Status,
    TraceState,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b071a4348811dee9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/encoder/__init__.py:55
from opentelemetry.util.types import Attributes  # noqa: F401

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

expand_more 70 low-confidence finding(s)
low env_fs dependency Excluded from app score #96d701aa938904b3 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/_common/__init__.py:30
    _credential_env = environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #db1dfbdd66411c0b Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/_common/__init__.py:30
    _credential_env = environ.get(
        _OTEL_PYTHON_EXPORTER_OTLP_HTTP_CREDENTIAL_PROVIDER
    ) or environ.get(cred_envvar)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d8fb6d68e147844f Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/_common/__init__.py:32
    ) or environ.get(cred_envvar)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bfd940875be7d0d3 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/_log_exporter/__init__.py:91
        self._endpoint = endpoint or environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a388307af029ef3b Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/_log_exporter/__init__.py:91
        self._endpoint = endpoint or environ.get(
            OTEL_EXPORTER_OTLP_LOGS_ENDPOINT,
            _append_logs_path(
                environ.get(OTEL_EXPORTER_OTLP_ENDPOINT, DEFAULT_ENDPOINT)
            ),
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4fdf82dd9e8748ba Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/_log_exporter/__init__.py:94
                environ.get(OTEL_EXPORTER_OTLP_ENDPOINT, DEFAULT_ENDPOINT)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #649c66c9593606a6 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/_log_exporter/__init__.py:98
        self._certificate_file = certificate_file or environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2a4537b44c21f5ca Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/_log_exporter/__init__.py:98
        self._certificate_file = certificate_file or environ.get(
            OTEL_EXPORTER_OTLP_LOGS_CERTIFICATE,
            environ.get(OTEL_EXPORTER_OTLP_CERTIFICATE, True),
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5ebc4da0082c0abd Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/_log_exporter/__init__.py:100
            environ.get(OTEL_EXPORTER_OTLP_CERTIFICATE, True),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a4bd48fd8cf7ef5e Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/_log_exporter/__init__.py:102
        self._client_key_file = client_key_file or environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fc490b47c25b1085 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/_log_exporter/__init__.py:102
        self._client_key_file = client_key_file or environ.get(
            OTEL_EXPORTER_OTLP_LOGS_CLIENT_KEY,
            environ.get(OTEL_EXPORTER_OTLP_CLIENT_KEY, None),
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #844119632a1a1a79 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/_log_exporter/__init__.py:104
            environ.get(OTEL_EXPORTER_OTLP_CLIENT_KEY, None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3f493915d906cf7e Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/_log_exporter/__init__.py:106
        self._client_certificate_file = client_certificate_file or environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #04d686ad269ff3ee Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/_log_exporter/__init__.py:106
        self._client_certificate_file = client_certificate_file or environ.get(
            OTEL_EXPORTER_OTLP_LOGS_CLIENT_CERTIFICATE,
            environ.get(OTEL_EXPORTER_OTLP_CLIENT_CERTIFICATE, None),
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2fe8fa4a5ee24eb9 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/_log_exporter/__init__.py:108
            environ.get(OTEL_EXPORTER_OTLP_CLIENT_CERTIFICATE, None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #579df39802d5271e Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/_log_exporter/__init__.py:115
        headers_string = environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #33a982c672e511a5 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/_log_exporter/__init__.py:115
        headers_string = environ.get(
            OTEL_EXPORTER_OTLP_LOGS_HEADERS,
            environ.get(OTEL_EXPORTER_OTLP_HEADERS, ""),
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b3ce656b5b00d677 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/_log_exporter/__init__.py:117
            environ.get(OTEL_EXPORTER_OTLP_HEADERS, ""),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e7aa3da957567bf4 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/_log_exporter/__init__.py:123
            environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5c87bb80501e4ad5 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/_log_exporter/__init__.py:123
            environ.get(
                OTEL_EXPORTER_OTLP_LOGS_TIMEOUT,
                environ.get(OTEL_EXPORTER_OTLP_TIMEOUT, DEFAULT_TIMEOUT),
            )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7aa09ea44c745791 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/_log_exporter/__init__.py:125
                environ.get(OTEL_EXPORTER_OTLP_TIMEOUT, DEFAULT_TIMEOUT),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4ecf45c46b0977ba Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/_log_exporter/__init__.py:151
            os.environ.get(OTEL_PYTHON_SDK_INTERNAL_METRICS_ENABLED, "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9590dee98e828eed Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/_log_exporter/__init__.py:280
        environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2d5f77f6fc46deaa Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/_log_exporter/__init__.py:280
        environ.get(
            OTEL_EXPORTER_OTLP_LOGS_COMPRESSION,
            environ.get(OTEL_EXPORTER_OTLP_COMPRESSION, "none"),
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6a3c7979fe4b277d Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/_log_exporter/__init__.py:282
            environ.get(OTEL_EXPORTER_OTLP_COMPRESSION, "none"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e3fa8ed677e73d3f Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/metric_exporter/__init__.py:150
        self._endpoint = endpoint or environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #274348dc88b3eec4 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/metric_exporter/__init__.py:150
        self._endpoint = endpoint or environ.get(
            OTEL_EXPORTER_OTLP_METRICS_ENDPOINT,
            _append_metrics_path(
                environ.get(OTEL_EXPORTER_OTLP_ENDPOINT, DEFAULT_ENDPOINT)
            ),
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c649013ac0755759 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/metric_exporter/__init__.py:153
                environ.get(OTEL_EXPORTER_OTLP_ENDPOINT, DEFAULT_ENDPOINT)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7b43afbdca20f84d Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/metric_exporter/__init__.py:156
        self._certificate_file = certificate_file or environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ea9a33c7744e399f Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/metric_exporter/__init__.py:156
        self._certificate_file = certificate_file or environ.get(
            OTEL_EXPORTER_OTLP_METRICS_CERTIFICATE,
            environ.get(OTEL_EXPORTER_OTLP_CERTIFICATE, True),
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #02516998b67b9c3d Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/metric_exporter/__init__.py:158
            environ.get(OTEL_EXPORTER_OTLP_CERTIFICATE, True),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c5c10ef62d74f340 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/metric_exporter/__init__.py:160
        self._client_key_file = client_key_file or environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0ddac95b9d13c4f2 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/metric_exporter/__init__.py:160
        self._client_key_file = client_key_file or environ.get(
            OTEL_EXPORTER_OTLP_METRICS_CLIENT_KEY,
            environ.get(OTEL_EXPORTER_OTLP_CLIENT_KEY, None),
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4a9c21898c8132cd Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/metric_exporter/__init__.py:162
            environ.get(OTEL_EXPORTER_OTLP_CLIENT_KEY, None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7db5fc86cc5cc8ea Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/metric_exporter/__init__.py:164
        self._client_certificate_file = client_certificate_file or environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1248b90c56cdd5d9 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/metric_exporter/__init__.py:164
        self._client_certificate_file = client_certificate_file or environ.get(
            OTEL_EXPORTER_OTLP_METRICS_CLIENT_CERTIFICATE,
            environ.get(OTEL_EXPORTER_OTLP_CLIENT_CERTIFICATE, None),
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #85dd430d367fb7d3 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/metric_exporter/__init__.py:166
            environ.get(OTEL_EXPORTER_OTLP_CLIENT_CERTIFICATE, None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #748e7fd43b312185 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/metric_exporter/__init__.py:173
        headers_string = environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ec790a12a5ea0a2c Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/metric_exporter/__init__.py:173
        headers_string = environ.get(
            OTEL_EXPORTER_OTLP_METRICS_HEADERS,
            environ.get(OTEL_EXPORTER_OTLP_HEADERS, ""),
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3205e7016ab060cd Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/metric_exporter/__init__.py:175
            environ.get(OTEL_EXPORTER_OTLP_HEADERS, ""),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1e23eb34740b95bd Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/metric_exporter/__init__.py:181
            environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7fa518424440e856 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/metric_exporter/__init__.py:181
            environ.get(
                OTEL_EXPORTER_OTLP_METRICS_TIMEOUT,
                environ.get(OTEL_EXPORTER_OTLP_TIMEOUT, DEFAULT_TIMEOUT),
            )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b9299a663e3df66b Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/metric_exporter/__init__.py:183
                environ.get(OTEL_EXPORTER_OTLP_TIMEOUT, DEFAULT_TIMEOUT),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b9ba09e0ede04267 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/metric_exporter/__init__.py:214
            os.environ.get(OTEL_PYTHON_SDK_INTERNAL_METRICS_ENABLED, "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #65099eddc8180855 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/metric_exporter/__init__.py:396
            os.environ.get(OTEL_PYTHON_SDK_INTERNAL_METRICS_ENABLED, "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3a3585b3484f649b Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/metric_exporter/__init__.py:737
        environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1c85fa0ff123bdc1 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/metric_exporter/__init__.py:737
        environ.get(
            OTEL_EXPORTER_OTLP_METRICS_COMPRESSION,
            environ.get(OTEL_EXPORTER_OTLP_COMPRESSION, "none"),
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3eadbb5213233b9e Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/metric_exporter/__init__.py:739
            environ.get(OTEL_EXPORTER_OTLP_COMPRESSION, "none"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #34438323b7e34d73 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/__init__.py:87
        self._endpoint = endpoint or environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ba9bc42b731c9f2e Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/__init__.py:87
        self._endpoint = endpoint or environ.get(
            OTEL_EXPORTER_OTLP_TRACES_ENDPOINT,
            _append_trace_path(
                environ.get(OTEL_EXPORTER_OTLP_ENDPOINT, DEFAULT_ENDPOINT)
            ),
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f476e12fe3716ae1 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/__init__.py:90
                environ.get(OTEL_EXPORTER_OTLP_ENDPOINT, DEFAULT_ENDPOINT)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4c6d75dd0c7d871f Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/__init__.py:93
        self._certificate_file = certificate_file or environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e0fc39d61fd0d029 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/__init__.py:93
        self._certificate_file = certificate_file or environ.get(
            OTEL_EXPORTER_OTLP_TRACES_CERTIFICATE,
            environ.get(OTEL_EXPORTER_OTLP_CERTIFICATE, True),
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b3f89c3981d805e0 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/__init__.py:95
            environ.get(OTEL_EXPORTER_OTLP_CERTIFICATE, True),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #55d8cb77537f52f0 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/__init__.py:97
        self._client_key_file = client_key_file or environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #20bf71b5e7a97826 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/__init__.py:97
        self._client_key_file = client_key_file or environ.get(
            OTEL_EXPORTER_OTLP_TRACES_CLIENT_KEY,
            environ.get(OTEL_EXPORTER_OTLP_CLIENT_KEY, None),
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #576f044007058f95 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/__init__.py:99
            environ.get(OTEL_EXPORTER_OTLP_CLIENT_KEY, None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f89debcf47cbf217 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/__init__.py:101
        self._client_certificate_file = client_certificate_file or environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f809a1087035b189 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/__init__.py:101
        self._client_certificate_file = client_certificate_file or environ.get(
            OTEL_EXPORTER_OTLP_TRACES_CLIENT_CERTIFICATE,
            environ.get(OTEL_EXPORTER_OTLP_CLIENT_CERTIFICATE, None),
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #83b3ab739e6c09ec Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/__init__.py:103
            environ.get(OTEL_EXPORTER_OTLP_CLIENT_CERTIFICATE, None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b9ffb4f4674c6cff Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/__init__.py:110
        headers_string = environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #973e2402a583ff8a Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/__init__.py:110
        headers_string = environ.get(
            OTEL_EXPORTER_OTLP_TRACES_HEADERS,
            environ.get(OTEL_EXPORTER_OTLP_HEADERS, ""),
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e19e48286e8f9345 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/__init__.py:112
            environ.get(OTEL_EXPORTER_OTLP_HEADERS, ""),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7488e8aeec8f0766 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/__init__.py:118
            environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #79ffcf35afe2da66 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/__init__.py:118
            environ.get(
                OTEL_EXPORTER_OTLP_TRACES_TIMEOUT,
                environ.get(OTEL_EXPORTER_OTLP_TIMEOUT, DEFAULT_TIMEOUT),
            )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0c762306af5c7abd Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/__init__.py:120
                environ.get(OTEL_EXPORTER_OTLP_TIMEOUT, DEFAULT_TIMEOUT),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #09d30108368dfa1a Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/__init__.py:146
            os.environ.get(OTEL_PYTHON_SDK_INTERNAL_METRICS_ENABLED, "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ecd600fe2b197386 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/__init__.py:273
        environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9fe2f0472d1a9cdf Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/__init__.py:273
        environ.get(
            OTEL_EXPORTER_OTLP_TRACES_COMPRESSION,
            environ.get(OTEL_EXPORTER_OTLP_COMPRESSION, "none"),
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7912ee925437877a Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/otlp/proto/http/trace_exporter/__init__.py:275
            environ.get(OTEL_EXPORTER_OTLP_COMPRESSION, "none"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

patronus

python dependency
medium telemetry tooling reachable #3a197fb65881da6f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/examples/patronus_examples/otel_tracing_integration.py:3
from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry tooling reachable #f70f2263215caf94 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/examples/patronus_examples/otel_tracing_integration.py:4
from opentelemetry.exporter.otlp.proto.grpc.trace_exporter import OTLPSpanExporter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry tooling reachable #c6b6382b1d187977 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/examples/patronus_examples/otel_tracing_integration.py:5
from opentelemetry.sdk.trace import TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry tooling reachable #292bdcc387442f91 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/examples/patronus_examples/otel_tracing_integration.py:6
from opentelemetry.sdk.trace.export import (
    BatchSpanProcessor,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry tooling reachable #e65301bdb6b9d75d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/examples/patronus_examples/tracking/crewai_weather.py:15
from opentelemetry.instrumentation.threading import ThreadingInstrumentor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry tooling reachable #93d18c048648348c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/examples/patronus_examples/tracking/crewai_weather.py:16
from opentelemetry.instrumentation.asyncio import AsyncioInstrumentor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry tooling reachable #3e83493ecafa7701 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/examples/patronus_examples/tracking/langchain_weather.py:28
from opentelemetry.instrumentation.threading import ThreadingInstrumentor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry tooling reachable #cb7227f5e5915e16 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/examples/patronus_examples/tracking/langchain_weather.py:29
from opentelemetry.instrumentation.asyncio import AsyncioInstrumentor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry tooling reachable #bd80f5de8c6653fb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/examples/patronus_examples/tracking/openai_agents_weather.py:14
from opentelemetry.instrumentation.threading import ThreadingInstrumentor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry tooling reachable #bd052def99710596 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/examples/patronus_examples/tracking/openai_agents_weather.py:15
from opentelemetry.instrumentation.asyncio import AsyncioInstrumentor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry tooling reachable #d2d93bdbbdef61c5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/examples/patronus_examples/tracking/otel_openai_weather.py:19
from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry tooling reachable #38b46c07d5ad8df9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/examples/patronus_examples/tracking/otel_openai_weather.py:20
from opentelemetry.sdk.trace import TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry tooling reachable #5262563efa48cd4a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/examples/patronus_examples/tracking/otel_openai_weather.py:21
from opentelemetry.sdk.trace.export import BatchSpanProcessor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry tooling reachable #83ea4c3c8dc5ba90 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/examples/patronus_examples/tracking/otel_openai_weather.py:22
from opentelemetry.exporter.otlp.proto.grpc.trace_exporter import OTLPSpanExporter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry tooling reachable #1b56f9effa2a80b1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/examples/patronus_examples/tracking/otel_openai_weather.py:23
from opentelemetry.sdk.resources import Resource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry tooling reachable #902645d56ed3a053 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/examples/patronus_examples/tracking/otel_openai_weather.py:24
from opentelemetry.semconv.resource import ResourceAttributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry tooling reachable #1456d1379ad409d9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/examples/patronus_examples/tracking/otel_openai_weather.py:50
    from opentelemetry.sdk.trace.export import ConsoleSpanExporter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry tooling reachable #0e220027aed32b19 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/examples/patronus_examples/tracking/pydanticai_weather.py:13
from opentelemetry.instrumentation.threading import ThreadingInstrumentor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry tooling reachable #e70da37a35194a76 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/examples/patronus_examples/tracking/pydanticai_weather.py:14
from opentelemetry.instrumentation.asyncio import AsyncioInstrumentor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry tooling reachable #0ea393ed68fdad5d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/examples/patronus_examples/tracking/smolagents_weather.py:15
from opentelemetry.instrumentation.threading import ThreadingInstrumentor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #43e199d7e2b7f833 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/patronus/context/__init__.py:12
from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1fbfafacaa5d6a60 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/patronus/context/__init__.py:24
    from opentelemetry.sdk.trace import TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e6a5148b9a843da9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/patronus/context/__init__.py:25
    from opentelemetry._logs import LoggerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry tooling reachable #694c269b6193aa80 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/patronus/evals/evaluators.py:16
from opentelemetry.trace import get_current_span, SpanContext

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #508e5de3ea058ac9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/patronus/init.py:247
            from opentelemetry.instrumentation.instrumentor import BaseInstrumentor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d64c829800b94e1e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/patronus/integrations/otel.py:8
    from opentelemetry.instrumentation.instrumentor import BaseInstrumentor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a45b139dac6d2852 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/patronus/integrations/pydantic_ai.py:4
from opentelemetry.sdk._events import EventLoggerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #969f63d76fb8d0d7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/patronus/tracing/decorators.py:7
from opentelemetry.util.types import Attributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #41e44909387b9250 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/patronus/tracing/decorators.py:8
from opentelemetry._logs import SeverityNumber

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3595d003a807c0d6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/patronus/tracing/exporters.py:9
from opentelemetry.exporter.otlp.proto.grpc._log_exporter import OTLPLogExporter as OTLPLogExporterGRPC

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #236e3820f656c083 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/patronus/tracing/exporters.py:10
from opentelemetry.exporter.otlp.proto.grpc.trace_exporter import OTLPSpanExporter as OTLPSpanExporterGRPC

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c912d79be43f2c75 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/patronus/tracing/exporters.py:11
from opentelemetry.exporter.otlp.proto.http._log_exporter import OTLPLogExporter as OTLPLogExporterHTTP

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b64733c5c47b263a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/patronus/tracing/exporters.py:12
from opentelemetry.exporter.otlp.proto.http.trace_exporter import OTLPSpanExporter as OTLPSpanExporterHTTP

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1ed31b3148fd5596 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/patronus/tracing/exporters.py:13
from opentelemetry.sdk._logs.export import LogExporter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #69da215379526384 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/patronus/tracing/exporters.py:14
from opentelemetry.sdk.trace.export import SpanExporter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #10ac279b77433509 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/patronus/tracing/logger.py:10
from opentelemetry._logs import SeverityNumber, LogRecord

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7c714cc3c8ba237e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/patronus/tracing/logger.py:12
from opentelemetry.sdk._logs import Logger as OTELLogger

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c6db2f9fe22c230a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/patronus/tracing/logger.py:13
from opentelemetry.sdk._logs import LoggerProvider as OTELLoggerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ed6d7fdd1d4169cf Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/patronus/tracing/logger.py:14
from opentelemetry.sdk._logs import LoggingHandler as OTeLLoggingHandler

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cb2a42e6dba108d9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/patronus/tracing/logger.py:15
from opentelemetry.sdk._logs._internal import ConcurrentMultiLogRecordProcessor, SynchronousMultiLogRecordProcessor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b0f8ce997a0723f4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/patronus/tracing/logger.py:16
from opentelemetry.sdk._logs.export import BatchLogRecordProcessor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cb55f75db8c4581c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/patronus/tracing/logger.py:17
from opentelemetry.sdk.resources import Resource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1f8a5bf9f19d8a8a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/patronus/tracing/logger.py:18
from opentelemetry.sdk.util.instrumentation import InstrumentationScope

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8927ebdb85ab903d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/patronus/tracing/logger.py:19
from opentelemetry.trace import get_current_span, SpanContext

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0344b661a8bfbb97 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/patronus/tracing/logger.py:20
from opentelemetry.util.types import Attributes as OTeLAttributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #33a3faa38fac3486 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/patronus/tracing/tracer.py:6
from opentelemetry.sdk.resources import Resource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #68ac0445f2ef55ca Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/patronus/tracing/tracer.py:9
from opentelemetry import context as context_api

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7f45a84fa3e462fe Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/patronus/tracing/tracer.py:10
from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7a7db208ce2b3bc1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/patronus/tracing/tracer.py:11
from opentelemetry.sdk.trace import Span, SpanProcessor, TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5425172915e0fb23 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/patronus/tracing/tracer.py:12
from opentelemetry.sdk.trace.export import BatchSpanProcessor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

expand_more 18 low-confidence finding(s)
low env_fs tooling reachable #9d1799359eca3207 Environment-variable access.
pkgs/python/[email protected]/examples/patronus_examples/otel_tracing_integration.py:16
        endpoint=os.environ.get("OTEL_EXPORTER_OTLP_ENDPOINT"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #db4f73401e33fa65 Environment-variable access.
pkgs/python/[email protected]/examples/patronus_examples/otel_tracing_integration.py:17
        headers=os.environ.get("OTEL_EXPORTER_OTLP_HEADERS"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #9426d44a00db49ff Environment-variable access.
pkgs/python/[email protected]/examples/patronus_examples/otel_tracing_integration.py:27
client = Client(api_key=os.environ.get("PATRONUS_API_KEY"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #8c5ea6efd1eb56d8 Environment-variable access.
pkgs/python/[email protected]/examples/patronus_examples/tracing.py:15
    api_key=os.getenv("PATRONUS_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling reachable #3f47bbe3f2a03f01 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/examples/patronus_examples/tracking/anthropic_weather.py:23
    response = requests.get(
        f"https://api.open-meteo.com/v1/forecast?latitude={latitude}&longitude={longitude}&current=temperature_2m,wind_speed_10m&hourly=temperature_2m,relative_humidity_2m,wind_speed_10m"
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress tooling reachable #ecd5b98265307291 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/examples/patronus_examples/tracking/openai_weather.py:24
    response = requests.get(
        f"https://api.open-meteo.com/v1/forecast?latitude={latitude}&longitude={longitude}&current=temperature_2m,wind_speed_10m&hourly=temperature_2m,relative_humidity_2m,wind_speed_10m"
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling reachable #08fbce9d27784308 Environment-variable access.
pkgs/python/[email protected]/examples/patronus_examples/tracking/otel_openai_weather.py:42
if os.environ.get("OTEL_EXPORTER_OTLP_ENDPOINT"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling reachable #91603e8ac5717562 Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/examples/patronus_examples/tracking/otel_openai_weather.py:97
                    response = client.get(url, params=params)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #68a1470e747cad91 Filesystem access.
pkgs/python/[email protected]/src/patronus/api/api_client.py:428
        with open(file_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #adcd5ce3a5924431 Filesystem access.
pkgs/python/[email protected]/src/patronus/api/api_client.py:492
        with open(file_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #da7bb45aaa609955 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/patronus/api/api_client_base.py:107
        response = await self.http.request(
            method,
            url,
            params=params,
            content=content,
            headers=self.headers(),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #c2d0e86a78adab40 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/patronus/api/api_client_base.py:131
        response = self.http_sync.request(
            method,
            url,
            params=params,
            content=content,
            headers=self.headers(),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #b9be9137fd29d887 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/patronus/api/api_client_base.py:155
        response = await self.http.request(
            method,
            url,
            files=files,
            data=data,
            headers=headers,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #48358e9025b246bd Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/patronus/api/api_client_base.py:179
        response = self.http_sync.request(
            method,
            url,
            files=files,
            data=data,
            headers=headers,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #a9afb564809be1c5 Environment-variable access.
pkgs/python/[email protected]/src/patronus/config.py:21
    otel_service_name = os.getenv("OTEL_SERVICE_NAME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4cbf4f00f7047a79 Environment-variable access.
pkgs/python/[email protected]/src/patronus/tracing/exporters.py:38
    traces_protocol = os.environ.get("OTEL_EXPORTER_OTLP_TRACES_PROTOCOL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6712597616121f0a Environment-variable access.
pkgs/python/[email protected]/src/patronus/tracing/exporters.py:39
    logs_protocol = os.environ.get("OTEL_EXPORTER_OTLP_LOGS_PROTOCOL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #197f123ec628a891 Environment-variable access.
pkgs/python/[email protected]/src/patronus/tracing/exporters.py:40
    general_protocol = os.environ.get("OTEL_EXPORTER_OTLP_PROTOCOL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

stagehand

python dependency
medium pii_flow tooling reachable #9afb361d4a742755 PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/act_example.py:57 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/act_example.py:49 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/act_example.py:57
        print(f"Session started: {session.id}")

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #11898c4eb9f5a746 PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/act_example.py:87 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/act_example.py:49 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/act_example.py:87
            print(f"Result: {result_message}")

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #3fcbd589a40f2760 PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/act_example.py:88 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/act_example.py:49 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/act_example.py:88
            print(f"Success: {result_success}")

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #66455fdc96b5b788 PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/byob_example.py:89 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/byob_example.py:53 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/byob_example.py:89
            print("🧮 Stagehand extraction result:", extract_result)

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #d6abb4b1d0d71d71 PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/full_example.py:59 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/full_example.py:51 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/full_example.py:59
        print(f"Session started: {session.id}")

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #93a18bfa74d0f4b5 PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/full_example.py:77 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/full_example.py:51 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/full_example.py:77
            print(f"Found {len(results)} possible actions")

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #bacfaad2920ff926 PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/full_example.py:87 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/full_example.py:51 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/full_example.py:87
            print(f"Acting on: {result['description']}")

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #7213e9e03887bc8a PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/full_example.py:101 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/full_example.py:51 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/full_example.py:101
            print(f"Act completed: {act_message}")

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #195729ff5af5a6b6 PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/full_example.py:120 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/full_example.py:51 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/full_example.py:120
            print(f"Extracted data: {extracted_result}")

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #4a2a69f523be973d PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/full_example.py:126 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/full_example.py:51 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/full_example.py:126
            print(f"Looking up profile for author: {author}")

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #feb4f8a0524c73a4 PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/full_example.py:168 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/full_example.py:51 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/full_example.py:168
            print(f"Agent completed: {execute_message}")

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #64b55192696867af PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/full_example.py:169 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/full_example.py:51 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/full_example.py:169
            print(f"Agent success: {execute_success}")

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #6f83ab232b881b9e PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/full_example.py:170 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/full_example.py:51 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/full_example.py:170
            print(f"Agent actions taken: {len(execute_actions or [])}")

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #b238ba76d6246b85 PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/local_browser_playwright_example.py:128 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/local_browser_playwright_example.py:79 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/local_browser_playwright_example.py:128
            print(f"✅ Session started: {session_id}")

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #643c60c813e040bc PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/local_browser_playwright_example.py:174 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/local_browser_playwright_example.py:79 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/local_browser_playwright_example.py:174
                print("Extracted:", extracted)

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #dd9f4b81b1642fc3 PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/local_browser_playwright_example.py:190 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/local_browser_playwright_example.py:79 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/local_browser_playwright_example.py:190
                print("Execute result:", execute_result)

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #e546f4a6dfa50029 PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/local_example.py:72 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/local_example.py:48 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/local_example.py:72
        print(f"✅ Session started: {session_id}")

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #71da204226d97beb PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/local_example.py:89 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/local_example.py:48 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/local_example.py:89
        print(f"📄 Extracted data: {extract_result}")

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #54000b989b8cbeea PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/local_server_multiregion_browser_example.py:90 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/local_server_multiregion_browser_example.py:50 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/local_server_multiregion_browser_example.py:90
        print(f"✅ Session started: {session_id}")

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #28d89c4eb83f34a2 PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/local_server_multiregion_browser_example.py:142 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/local_server_multiregion_browser_example.py:50 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/local_server_multiregion_browser_example.py:142
                    print("Extracted:", extracted)

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #d465dcffb1f290dd PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/local_server_multiregion_browser_example.py:158 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/local_server_multiregion_browser_example.py:50 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/local_server_multiregion_browser_example.py:158
                    print("Execute result:", execute_result)

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #bdd9907053a310f2 PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/logging_example.py:33 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/logging_example.py:24 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/logging_example.py:33
        print(f"Session started: {session.id}")

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #ec1def8181c9b963 PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/logging_example.py:64 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/logging_example.py:24 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/logging_example.py:64
                    print(f"[log] {event.data.message}")

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #9ca32d073142494f PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/logging_example.py:68 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/logging_example.py:24 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/logging_example.py:68
                print(f"[system] status={status}")

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #1a6ac36f19f07a93 PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/logging_example.py:76 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/logging_example.py:24 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/logging_example.py:76
            print(f"Payload received: {result_payload}")

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #882fa31654677414 PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/playwright_page_example.py:86 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/playwright_page_example.py:49 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/playwright_page_example.py:86
        print(f"✅ Session started: {session_id}")

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #337e08d886ea5476 PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/playwright_page_example.py:108 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/playwright_page_example.py:49 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/playwright_page_example.py:108
                print(f"Observed {len(actions)} actions")

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #d609ca7926c24462 PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/playwright_page_example.py:127 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/playwright_page_example.py:49 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/playwright_page_example.py:127
                print("Extracted:", extracted)

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #0fcc2ad344f2a22b PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/pydoll_tab_example.py:151 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/pydoll_tab_example.py:118 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/pydoll_tab_example.py:151
        print(f"✅ Session started: {session.id}")

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #02b5836219172d24 PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/pydoll_tab_example.py:158 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/pydoll_tab_example.py:118 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/pydoll_tab_example.py:158
                print(f"ℹ️ Normalized cdp_url for Pydoll: {ws_address}")

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #f3872a5c459c8127 PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/pydoll_tab_example.py:193 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/pydoll_tab_example.py:118 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/pydoll_tab_example.py:193
            print(f"🧩 frame_id: {frame_id}")

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #8ff7773c787b284a PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/pydoll_tab_example.py:204 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/pydoll_tab_example.py:118 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/pydoll_tab_example.py:204
            print(f"Observed {len(actions)} actions")

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #714c4cc79905b5f4 PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/pydoll_tab_example.py:223 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/pydoll_tab_example.py:118 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/pydoll_tab_example.py:223
            print("Extracted:", extracted)

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #611cb57ea8c309f0 PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/remote_browser_playwright_example.py:89 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/remote_browser_playwright_example.py:51 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/remote_browser_playwright_example.py:89
        print(f"✅ Session started: {session_id}")

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #ea4b78ed9ece73fe PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/remote_browser_playwright_example.py:143 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/remote_browser_playwright_example.py:51 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/remote_browser_playwright_example.py:143
                    print("Extracted:", extracted)

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #5ed8f6a5d322418c PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/remote_browser_playwright_example.py:159 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/remote_browser_playwright_example.py:51 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/remote_browser_playwright_example.py:159
                    print("Execute result:", execute_result)

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #345a38285caff9a7 PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/vertex_auth_example.py:140 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/vertex_auth_example.py:104 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/vertex_auth_example.py:140
            print(f"[{server}] observe:", observe_result)

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #40da185e873a57ee PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/vertex_auth_example.py:155 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/vertex_auth_example.py:104 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/vertex_auth_example.py:155
            print(f"[{server}] extract:", extract_result)

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #f8404fa61a67af5e PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/vertex_auth_example.py:167 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/vertex_auth_example.py:104 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/vertex_auth_example.py:167
            print(f"[{server}] execute:", execute_result)

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

expand_more 62 low-confidence finding(s)
low env_fs tooling reachable #2440276cc00f927b Environment-variable access.
pkgs/python/[email protected]/examples/act_example.py:49
        browserbase_api_key=os.environ.get("BROWSERBASE_API_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #f6da3d7b6517a604 Environment-variable access.
pkgs/python/[email protected]/examples/act_example.py:50
        model_api_key=os.environ.get("MODEL_API_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #354ae8ba44df4f9c Environment-variable access.
pkgs/python/[email protected]/examples/agent_execute.py:46
    model_name = os.environ.get("STAGEHAND_MODEL", "anthropic/claude-sonnet-4-6")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #257e618f0f96c1aa Environment-variable access.
pkgs/python/[email protected]/examples/byob_example.py:53
        browserbase_api_key=os.environ.get("BROWSERBASE_API_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #3236dfd8239cf43b Environment-variable access.
pkgs/python/[email protected]/examples/byob_example.py:54
        model_api_key=os.environ.get("MODEL_API_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #6051267b6bc93dae Filesystem access.
pkgs/python/[email protected]/examples/env.py:28
    for line in env_path.read_text().splitlines():

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #79c4925ec94c6170 Environment-variable access.
pkgs/python/[email protected]/examples/env.py:35
        os.environ[key] = value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #09d3aa43d3bb2bf1 Environment-variable access.
pkgs/python/[email protected]/examples/env.py:37
    missing = [key for key in sorted(REQUIRED_KEYS) if not os.environ.get(key)]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #8e2bfeebdba48d16 Environment-variable access.
pkgs/python/[email protected]/examples/env.py:48
        os.environ.setdefault("STAGEHAND_SEA_BINARY", str(sea_binary))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #0256000ebbb13d86 Environment-variable access.
pkgs/python/[email protected]/examples/full_example.py:51
        browserbase_api_key=os.environ.get("BROWSERBASE_API_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #7a1cb1f2a46f5c12 Environment-variable access.
pkgs/python/[email protected]/examples/full_example.py:52
        model_api_key=os.environ.get("MODEL_API_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #b45f7744b689a1ea Environment-variable access.
pkgs/python/[email protected]/examples/full_example.py:143
                        "api_key": os.environ.get("MODEL_API_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling reachable #b8f36a62282dca89 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/examples/local_browser_playwright_example.py:64
            with urlopen(url, timeout=1) as response:

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling reachable #276da6e0e43fcabf Environment-variable access.
pkgs/python/[email protected]/examples/local_browser_playwright_example.py:79
    model_api_key = os.environ.get("MODEL_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #934b9af75058432f Environment-variable access.
pkgs/python/[email protected]/examples/local_browser_playwright_example.py:83
    bb_api_key = os.environ.get("BROWSERBASE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #85b0f608a0b21c3c Environment-variable access.
pkgs/python/[email protected]/examples/local_example.py:48
    model_key = os.environ.get("MODEL_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #8ad8879bb3ef83d1 Environment-variable access.
pkgs/python/[email protected]/examples/local_server_multiregion_browser_example.py:50
    model_api_key = os.environ.get("MODEL_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #fc8b6593538d92c0 Environment-variable access.
pkgs/python/[email protected]/examples/local_server_multiregion_browser_example.py:54
    bb_api_key = os.environ.get("BROWSERBASE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #83249808f160e417 Environment-variable access.
pkgs/python/[email protected]/examples/logging_example.py:24
        browserbase_api_key=os.environ.get("BROWSERBASE_API_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #4b125a4b3ce8f922 Environment-variable access.
pkgs/python/[email protected]/examples/logging_example.py:25
        model_api_key=os.environ.get("MODEL_API_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #66cca93a22c1a5bc Environment-variable access.
pkgs/python/[email protected]/examples/playwright_page_example.py:49
    model_api_key = os.environ.get("MODEL_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #7ea90eb160fb3fb9 Environment-variable access.
pkgs/python/[email protected]/examples/playwright_page_example.py:53
    bb_api_key = os.environ.get("BROWSERBASE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #0ab09a8812e44b0a Environment-variable access.
pkgs/python/[email protected]/examples/pydoll_tab_example.py:118
    model_api_key = os.environ.get("MODEL_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #1c1a30cbdb973d4e Environment-variable access.
pkgs/python/[email protected]/examples/pydoll_tab_example.py:122
    bb_api_key = os.environ.get("BROWSERBASE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #abd7aa6c4b5d97f9 Environment-variable access.
pkgs/python/[email protected]/examples/remote_browser_playwright_example.py:51
    model_api_key = os.environ.get("MODEL_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #94634200a553755a Environment-variable access.
pkgs/python/[email protected]/examples/remote_browser_playwright_example.py:55
    bb_api_key = os.environ.get("BROWSERBASE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #6d3b94ad8685aec4 Filesystem access.
pkgs/python/[email protected]/examples/vertex_auth_example.py:43
    for line in env_path.read_text().splitlines():

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #f7c222eb18ec7566 Environment-variable access.
pkgs/python/[email protected]/examples/vertex_auth_example.py:48
        os.environ.setdefault(key, value)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #18b0dec9935d2681 Environment-variable access.
pkgs/python/[email protected]/examples/vertex_auth_example.py:52
    inline_json = os.environ.get("VERTEX_SERVICE_ACCOUNT_JSON")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #043bb3fcf18224b8 Environment-variable access.
pkgs/python/[email protected]/examples/vertex_auth_example.py:56
        credentials_path = os.environ.get("GOOGLE_APPLICATION_CREDENTIALS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #7d61d1890eb2bea1 Filesystem access.
pkgs/python/[email protected]/examples/vertex_auth_example.py:62
        credentials = json.loads(Path(credentials_path).expanduser().read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #d09c03ffb0e42c1f Environment-variable access.
pkgs/python/[email protected]/examples/vertex_auth_example.py:78
    project = os.environ.get("VERTEX_PROJECT") or credentials.get("project_id")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #f812b01e6ce74580 Environment-variable access.
pkgs/python/[email protected]/examples/vertex_auth_example.py:82
    location = os.environ.get("VERTEX_LOCATION", "us-central1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #e10ee35b37dd7add Environment-variable access.
pkgs/python/[email protected]/examples/vertex_auth_example.py:83
    model_name = os.environ.get("VERTEX_MODEL", "vertex/gemini-2.5-flash")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #64aea8339fee68e8 Environment-variable access.
pkgs/python/[email protected]/examples/vertex_auth_example.py:104
    browserbase_api_key = os.environ.get("BROWSERBASE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #dc12697cf852175a Environment-variable access.
pkgs/python/[email protected]/examples/vertex_auth_example.py:125
    bootstrap_model = os.environ.get("STAGEHAND_BOOTSTRAP_MODEL", "openai/gpt-4.1-mini")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #adc92d46adde6d49 Environment-variable access.
pkgs/python/[email protected]/hatch_build.py:45
        wheel_tag = os.environ.get("STAGEHAND_WHEEL_TAG", "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #e5bd13b6ce290707 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/stagehand/_base_client.py:306
        return await self._client.request(self._page_cls, self._options)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #7d1b654080339245 Environment-variable access.
pkgs/python/[email protected]/src/stagehand/_client.py:141
            browserbase_api_key = os.environ.get("BROWSERBASE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a62c96ee89953a8b Environment-variable access.
pkgs/python/[email protected]/src/stagehand/_client.py:165
        custom_headers_env = os.environ.get("STAGEHAND_CUSTOM_HEADERS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a7e7d542bb89079f Environment-variable access.
pkgs/python/[email protected]/src/stagehand/_client.py:432
            browserbase_api_key = os.environ.get("BROWSERBASE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b0b1499e0761f42d Environment-variable access.
pkgs/python/[email protected]/src/stagehand/_client.py:456
        custom_headers_env = os.environ.get("STAGEHAND_CUSTOM_HEADERS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4a20980fbfb8e945 Environment-variable access.
pkgs/python/[email protected]/src/stagehand/_custom/sea_binary.py:32
        root = Path(os.environ.get("LOCALAPPDATA", str(Path.home() / "AppData" / "Local")))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b5bc7758f8c56e91 Environment-variable access.
pkgs/python/[email protected]/src/stagehand/_custom/sea_binary.py:34
        root = Path(os.environ.get("XDG_CACHE_HOME", str(Path.home() / ".cache")))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3178f41bf5e4f176 Filesystem access.
pkgs/python/[email protected]/src/stagehand/_custom/sea_binary.py:73
    data = src.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a5faaecaae0a1f3f Environment-variable access.
pkgs/python/[email protected]/src/stagehand/_custom/sea_binary.py:91
    env = os.environ.get("STAGEHAND_SEA_BINARY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b906511e6daf518e Environment-variable access.
pkgs/python/[email protected]/src/stagehand/_custom/sea_binary.py:104
            version = os.environ.get("STAGEHAND_VERSION") or __version__

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #dc151055abc4d93b Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/stagehand/_custom/sea_server.py:100
                    resp = client.get(f"{base_url}{path}")

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #a64725459b58ceae Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/stagehand/_custom/sea_server.py:115
                    resp = await client.get(f"{base_url}{path}")

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #ece56f82b2831a2d Environment-variable access.
pkgs/python/[email protected]/src/stagehand/_custom/sea_server.py:149
        proc_env = dict(os.environ)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #377fd64e9e9c44ca Environment-variable access.
pkgs/python/[email protected]/src/stagehand/_custom/sea_server.py:332
        base_url = os.environ.get("STAGEHAND_API_URL") or os.environ.get("STAGEHAND_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #74eb1c88a7579d3b Filesystem access.
pkgs/python/[email protected]/src/stagehand/_files.py:69
            return (path.name, path.read_bytes())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #17bd0bcaa8e0afb9 Filesystem access.
pkgs/python/[email protected]/src/stagehand/_files.py:81
        return pathlib.Path(file).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #63476a5d31e85ae9 Filesystem access.
pkgs/python/[email protected]/src/stagehand/_files.py:111
            return (path.name, await path.read_bytes())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6d1024e1135a478a Filesystem access.
pkgs/python/[email protected]/src/stagehand/_files.py:123
        return await anyio.Path(file).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #aa618637df10412f Environment-variable access.
pkgs/python/[email protected]/src/stagehand/_models.py:120
            extra="allow", defer_build=coerce_boolean(os.environ.get("DEFER_PYDANTIC_BUILD", "true"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5c33bac86a4133b7 Filesystem access.
pkgs/python/[email protected]/src/stagehand/_response.py:495
        with open(file, mode="wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5415d88bd3f84985 Filesystem access.
pkgs/python/[email protected]/src/stagehand/_response.py:537
        with open(file, mode="wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e83f8da58fafed77 Environment-variable access.
pkgs/python/[email protected]/src/stagehand/_utils/_logs.py:17
    env = os.environ.get("STAGEHAND_LOG")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8f644c5414a4b59b Filesystem access.
pkgs/python/[email protected]/src/stagehand/_utils/_transform.py:248
            binary = data.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4272765e454a03b8 Filesystem access.
pkgs/python/[email protected]/src/stagehand/_utils/_transform.py:414
            binary = await anyio.Path(data).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c894cae83ee07c0a Filesystem access.
pkgs/python/[email protected]/src/stagehand/_utils/_utils.py:379
    contents = Path(path).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

chromadb

python dependency
medium telemetry dependency Excluded from app score #3398888459cbcbec Structural telemetry/analytics emit (event capture or batched event insert). Confirm user consent and what payload is sent to the destination.
pkgs/python/[email protected]/chromadb/api/rust.py:226
        self.product_telemetry_client.capture(
            ClientCreateCollectionEvent(
                collection_uuid=str(id),
                # embedding_function=embedding_function.__class__.__name__,
            )
        )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #107c26953a088d61 Structural telemetry/analytics emit (event capture or batched event insert). Confirm user consent and what payload is sent to the destination.
pkgs/python/[email protected]/chromadb/api/rust.py:429
        self.product_telemetry_client.capture(
            CollectionGetEvent(
                collection_uuid=str(collection_id),
                ids_count=ids_amount,
                limit=limit if limit else 0,
                include_metadata=ids_amount if "metadatas" in include else 0,
                include_documents=ids_amount if "documents" in include else 0,
                include_uris=ids_amount if "uris" in include else 0,
            )
        )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #50f722d00c48a80e Structural telemetry/analytics emit (event capture or batched event insert). Confirm user consent and what payload is sent to the destination.
pkgs/python/[email protected]/chromadb/api/rust.py:474
        self.product_telemetry_client.capture(
            CollectionAddEvent(
                collection_uuid=str(collection_id),
                add_amount=len(ids),
                with_metadata=len(ids) if metadatas is not None else 0,
                with_documents=len(ids) if documents is not None else 0,
                with_uris=len(ids) if uris is not None else 0,
            )
        )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #602bf203b32b0f20 Structural telemetry/analytics emit (event capture or batched event insert). Confirm user consent and what payload is sent to the destination.
pkgs/python/[email protected]/chromadb/api/rust.py:507
        self.product_telemetry_client.capture(
            CollectionUpdateEvent(
                collection_uuid=str(collection_id),
                update_amount=len(ids),
                with_embeddings=len(embeddings) if embeddings else 0,
                with_metadata=len(metadatas) if metadatas else 0,
                with_documents=len(documents) if documents else 0,
                with_uris=len(uris) if uris else 0,
            )
        )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #57207fd7650d6855 Structural telemetry/analytics emit (event capture or batched event insert). Confirm user consent and what payload is sent to the destination.
pkgs/python/[email protected]/chromadb/api/rust.py:567
        self.product_telemetry_client.capture(
            CollectionQueryEvent(
                collection_uuid=str(collection_id),
                query_amount=query_amount,
                filtered_ids_amount=filtered_ids_amount,
                n_results=n_results,
                with_metadata_filter=query_amount if where is not None else 0,
                with_document_filter=query_amount if where_document is not None else 0,
                include_metadatas=query_amount if "metadatas" in include else 0,
                include_documents=query_amount if "documents" in include else 0,
                include_uris=query_amount if "uris" in include else 0,
                include_distances=query_amount if "distances" in include else 0,
            )
        )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #62f49f386cc7df1e Structural telemetry/analytics emit (event capture or batched event insert). Confirm user consent and what payload is sent to the destination.
pkgs/python/[email protected]/chromadb/api/rust.py:626
        self.product_telemetry_client.capture(
            CollectionDeleteEvent(
                collection_uuid=str(collection_id),
                delete_amount=deleted,
            )
        )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c6e9754e03513479 Structural telemetry/analytics emit (event capture or batched event insert). Confirm user consent and what payload is sent to the destination.
pkgs/python/[email protected]/chromadb/api/segment.py:285
        self._product_telemetry_client.capture(
            ClientCreateCollectionEvent(
                collection_uuid=str(id),
                # embedding_function=embedding_function.__class__.__name__,
            )
        )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2fb2b387b7847821 Structural telemetry/analytics emit (event capture or batched event insert). Confirm user consent and what payload is sent to the destination.
pkgs/python/[email protected]/chromadb/api/segment.py:552
        self._product_telemetry_client.capture(
            CollectionAddEvent(
                collection_uuid=str(collection_id),
                add_amount=len(ids),
                with_metadata=len(ids) if metadatas is not None else 0,
                with_documents=len(ids) if documents is not None else 0,
                with_uris=len(ids) if uris is not None else 0,
            )
        )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #91fdf42eeb4b144f Structural telemetry/analytics emit (event capture or batched event insert). Confirm user consent and what payload is sent to the destination.
pkgs/python/[email protected]/chromadb/api/segment.py:607
        self._product_telemetry_client.capture(
            CollectionUpdateEvent(
                collection_uuid=str(collection_id),
                update_amount=len(ids),
                with_embeddings=len(embeddings) if embeddings else 0,
                with_metadata=len(metadatas) if metadatas else 0,
                with_documents=len(documents) if documents else 0,
                with_uris=len(uris) if uris else 0,
            )
        )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #07adf20419962a9c Structural telemetry/analytics emit (event capture or batched event insert). Confirm user consent and what payload is sent to the destination.
pkgs/python/[email protected]/chromadb/api/segment.py:714
        self._product_telemetry_client.capture(
            CollectionGetEvent(
                collection_uuid=str(collection_id),
                ids_count=ids_amount,
                limit=limit if limit else 0,
                include_metadata=ids_amount if "metadatas" in include else 0,
                include_documents=ids_amount if "documents" in include else 0,
                include_uris=ids_amount if "uris" in include else 0,
            )
        )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f82de89b4c919e85 Structural telemetry/analytics emit (event capture or batched event insert). Confirm user consent and what payload is sent to the destination.
pkgs/python/[email protected]/chromadb/api/segment.py:825
        self._product_telemetry_client.capture(
            CollectionDeleteEvent(
                collection_uuid=str(collection_id), delete_amount=deleted_count
            )
        )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6ae82f2caffd2edb Structural telemetry/analytics emit (event capture or batched event insert). Confirm user consent and what payload is sent to the destination.
pkgs/python/[email protected]/chromadb/api/segment.py:890
        self._product_telemetry_client.capture(
            CollectionQueryEvent(
                collection_uuid=str(collection_id),
                query_amount=query_amount,
                filtered_ids_amount=ids_amount,
                n_results=n_results,
                with_metadata_filter=query_amount if where is not None else 0,
                with_document_filter=query_amount if where_document is not None else 0,
                include_metadatas=query_amount if "metadatas" in include else 0,
                include_documents=query_amount if "documents" in include else 0,
                include_uris=query_amount if "uris" in include else 0,
                include_distances=query_amount if "distances" in include else 0,
            )
        )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f20c0e7a39071f52 Structural telemetry/analytics emit (event capture or batched event insert). Confirm user consent and what payload is sent to the destination.
pkgs/python/[email protected]/chromadb/api/shared_system_client.py:137
        telemetry_client.capture(ClientStartEvent())

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #113677504dc58ef7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/chromadb/execution/executor/distributed.py:22
from opentelemetry.trace import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #24fe5ca45c005c4e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/chromadb/proto/utils.py:4
from opentelemetry.trace import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cd1a827eac5598ee Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/chromadb/server/fastapi/__init__.py:77
from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #382b3f6cd4243bc3 Structural telemetry/analytics emit (event capture or batched event insert). Confirm user consent and what payload is sent to the destination.
pkgs/python/[email protected]/chromadb/server/fastapi/__init__.py:245
        telemetry_client.capture(ServerStartEvent())

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9186105eee490895 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/chromadb/telemetry/opentelemetry/__init__.py:7
from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8708d3177e29d4ab Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/chromadb/telemetry/opentelemetry/__init__.py:8
from opentelemetry.sdk.resources import SERVICE_NAME, Resource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c55406540e7e707a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/chromadb/telemetry/opentelemetry/__init__.py:9
from opentelemetry.sdk.trace import TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b0e3c99c220608c4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/chromadb/telemetry/opentelemetry/__init__.py:10
from opentelemetry.sdk.trace.export import (
    BatchSpanProcessor,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #528699a927ec91ba Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/chromadb/telemetry/opentelemetry/__init__.py:13
from opentelemetry.exporter.otlp.proto.grpc.trace_exporter import OTLPSpanExporter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1e074b3be53e8155 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/chromadb/telemetry/opentelemetry/fastapi.py:3
from opentelemetry.instrumentation.fastapi import FastAPIInstrumentor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f2bdd0e4dcb9031d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/chromadb/telemetry/opentelemetry/grpc.py:5
from opentelemetry.trace import StatusCode, SpanKind

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

expand_more 67 low-confidence finding(s)
low env_fs dependency Excluded from app score #1dc843c4158c83ab Environment-variable access.
pkgs/python/[email protected]/chromadb/__init__.py:407
            arg.value = arg.value or os.environ.get(arg.env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #15c1479503660d81 Environment-variable access.
pkgs/python/[email protected]/chromadb/__init__.py:420
    tenant = tenant or os.environ.get("CHROMA_TENANT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #35c5e2311b0bdccd Environment-variable access.
pkgs/python/[email protected]/chromadb/__init__.py:423
    database = database or os.environ.get("CHROMA_DATABASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #d18678e4fe883a6a Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/chromadb/api/async_fastapi.py:167
        response = await self._get_client().request(method, url, **cast(Any, kwargs))

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #cf3ea698e0baebea Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/chromadb/api/fastapi.py:131
        response = self._session.request(method, url, **cast(Any, kwargs))

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #7581c7ccc8d7e03d Filesystem access.
pkgs/python/[email protected]/chromadb/auth/__init__.py:124
            with open(_creds_file, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8d3c201eadc8189c Filesystem access.
pkgs/python/[email protected]/chromadb/auth/__init__.py:235
            with open(_config_file, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #e1fee813576ccce1 Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/chromadb/cli/cli.py:25
        response = requests.get(url)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #65a75ce4ca7774d7 Filesystem access.
pkgs/python/[email protected]/chromadb/cli/utils.py:12
    with open(f"{log_config_path}", "r") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1256ca82a6e6ac5e Filesystem access.
pkgs/python/[email protected]/chromadb/db/migrations.py:256
    sql = file["path"].read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4b1cb49731ebe3bf Filesystem access.
pkgs/python/[email protected]/chromadb/segment/impl/vector/local_persistent_hnsw.py:74
        with open(filename, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #53301318328efebe Filesystem access.
pkgs/python/[email protected]/chromadb/segment/impl/vector/local_persistent_hnsw.py:255
        with open(self._get_metadata_file(), "wb") as metadata_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #667aca861286a1f7 Environment-variable access.
pkgs/python/[email protected]/chromadb/telemetry/opentelemetry/__init__.py:139
                        {"pod_name": os.environ.get("HOSTNAME")}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5f23a3bbcc398b8c Environment-variable access.
pkgs/python/[email protected]/chromadb/telemetry/opentelemetry/__init__.py:155
                        {"pod_name": os.environ.get("HOSTNAME")}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6f9e867da65010d5 Filesystem access.
pkgs/python/[email protected]/chromadb/telemetry/product/__init__.py:88
                with open(self.USER_ID_PATH, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3db2d520fe313c17 Filesystem access.
pkgs/python/[email protected]/chromadb/telemetry/product/__init__.py:93
                with open(self.USER_ID_PATH, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b3e0842324c0f1dd Environment-variable access.
pkgs/python/[email protected]/chromadb/telemetry/product/events.py:20
        self.is_cli = os.environ.get("CHROMA_CLI", "False") == "True"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9e9f9c029993b443 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/baseten_embedding_function.py:39
        if os.getenv("BASETEN_API_KEY") is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #eb5b47a89e3a9875 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/baseten_embedding_function.py:45
        resolved_api_key = api_key or os.getenv(self.api_key_env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #78c28e27f64d6956 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/chroma_cloud_qwen_embedding_function.py:61
        self.api_key = os.getenv(api_key_env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #5efb54d429b44946 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/chroma_cloud_qwen_embedding_function.py:127
        response = self._session.post(self._api_url, json=payload, timeout=60).json()

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #f347c4ca7c7bfb6f Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/chroma_cloud_qwen_embedding_function.py:149
        response = self._session.post(self._api_url, json=payload, timeout=60).json()

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #2f71abdf945cfaa7 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/chroma_cloud_splade_embedding_function.py:42
        self.api_key = os.getenv(self.api_key_env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #d166f471df4a0cda Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/chroma_cloud_splade_embedding_function.py:99
            response = self._session.post(self._api_url, json=payload, timeout=60)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #8a02425b83223ef3 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/cloudflare_workers_ai_embedding_function.py:57
        if os.getenv("CLOUDFLARE_API_KEY") is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #036a629ffbdafccc Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/cloudflare_workers_ai_embedding_function.py:62
        self.api_key = api_key or os.getenv(self.api_key_env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #a167c6ed8deabdea Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/cloudflare_workers_ai_embedding_function.py:99
        resp = self._session.post(self._api_url, json=payload).json()

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #a4c2a89cdfcff9f2 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/cohere_embedding_function.py:46
        if os.getenv("COHERE_API_KEY") is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f5009fbc80e0e1a4 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/cohere_embedding_function.py:51
        self.api_key = api_key or os.getenv(self.api_key_env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #24056ec37376eb3d Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/google_embedding_function.py:57
        self.api_key = os.getenv(self.api_key_env_var) if self.api_key_env_var else None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #72da5581f6d67f7d Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/google_embedding_function.py:251
        if os.getenv("GOOGLE_API_KEY") is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #76f63c2b8d48ebe6 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/google_embedding_function.py:256
        self.api_key = api_key or os.getenv(self.api_key_env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #932d5eb52887ceb6 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/google_embedding_function.py:401
        if os.getenv("GOOGLE_API_KEY") is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9a1a71e0afda39b2 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/google_embedding_function.py:406
        self.api_key = api_key or os.getenv(self.api_key_env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ce46e54aa0e28397 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/google_embedding_function.py:529
        if os.getenv("GOOGLE_API_KEY") is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9c5e12804e419cc3 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/google_embedding_function.py:534
        self.api_key = api_key or os.getenv(self.api_key_env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a289ebb01c26f607 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/huggingface_embedding_function.py:43
        if os.getenv("HUGGINGFACE_API_KEY") is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #62399b6f20520fa3 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/huggingface_embedding_function.py:48
        self.api_key = api_key or os.getenv(self.api_key_env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #594a8d17da6a38c6 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/huggingface_embedding_function.py:76
        response = self._session.post(
            self._api_url,
            json={"inputs": input, "options": {"wait_for_model": True}},
        ).json()

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #b877490d1ad2fcb0 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/huggingface_embedding_function.py:169
        if os.getenv("HUGGINGFACE_API_KEY") is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0b27ab02f3a9e05d Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/huggingface_embedding_function.py:173
            self.api_key = api_key or os.getenv(self.api_key_env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #a3b32bd1ea4af584 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/huggingface_embedding_function.py:199
        response = self._session.post(self._api_url, json={"inputs": input}).json()

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #830eaf1353870326 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/jina_embedding_function.py:84
        if os.getenv("JINA_API_KEY") is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ee416e47817c583c Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/jina_embedding_function.py:89
        self.api_key = api_key or os.getenv(self.api_key_env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #24872367c83cc0e5 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/jina_embedding_function.py:202
        resp = self._session.post(self._api_url, json=payload, timeout=60).json()

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #011dd0fb782f47e6 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/jina_embedding_function.py:210
        resp = self._session.post(self._api_url, json=payload, timeout=60).json()

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #8d7b165a181763b2 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/mistral_embedding_function.py:29
        self.api_key = os.getenv(api_key_env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6ac0b13c32681e22 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/morph_embedding_function.py:49
        self.api_key = api_key or os.getenv(api_key_env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ec6031a59b93ea23 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/nomic_embedding_function.py:50
        self.api_key = os.getenv(api_key_env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #88243113e81ef9fc Filesystem access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/onnx_mini_lm_l6_v2.py:24
    with open(fname, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b44b3465eadd4edf Filesystem access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/onnx_mini_lm_l6_v2.py:109
            with open(fname, "wb") as file, self.tqdm(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b1277722d8b9087d Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/openai_embedding_function.py:60
        if os.getenv("OPENAI_API_KEY") is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4c9c08f3c3deda18 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/openai_embedding_function.py:65
        self.api_key = api_key or os.getenv(self.api_key_env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #62031f8e0bd75872 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/perplexity_embedding_function.py:52
        if os.getenv("PERPLEXITY_API_KEY") is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c796995d52d91c70 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/perplexity_embedding_function.py:57
        self.api_key = api_key or os.getenv(self.api_key_env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cee4d04376040825 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/roboflow_embedding_function.py:48
        if os.getenv("ROBOFLOW_API_KEY") is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a0e90169ff298318 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/roboflow_embedding_function.py:53
        self.api_key = api_key or os.getenv(self.api_key_env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #88ae3d9948ca26a7 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/roboflow_embedding_function.py:97
                res = self._httpx.post(
                    f"{self.api_url}/clip/embed_image?api_key={self.api_key}",
                    json=infer_clip_payload_image,
                )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #7dd9e8c05160ee5e Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/roboflow_embedding_function.py:110
                res = self._httpx.post(
                    f"{self.api_url}/clip/embed_text?api_key={self.api_key}",
                    json=infer_clip_payload_text,
                )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #02cdc7cc99b6cbc4 Filesystem access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/schemas/registry.py:38
        with open(schema_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5f7775ceabd2398b Filesystem access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/schemas/schema_utils.py:36
    with open(schema_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #25d32b03c4f6c483 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/together_ai_embedding_function.py:52
        if os.getenv("TOGETHER_API_KEY") is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4de1266269e5c61d Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/together_ai_embedding_function.py:57
        self.api_key = api_key or os.getenv(self.api_key_env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #2df3ad686fb37961 Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/together_ai_embedding_function.py:89
        response = self._session.post(
            ENDPOINT,
            json={"model": self.model_name, "input": input},
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #bab9a8ce6ca60152 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/utils.py:11
    return (os.environ.get("CHROMA_EMBED_URL") or DEFAULT_CHROMA_EMBED_URL).rstrip("/")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #054c0f83853e0b58 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/voyageai_embedding_function.py:50
        if os.getenv("VOYAGE_API_KEY") is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0b4f7e9000709dee Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/voyageai_embedding_function.py:55
        self.api_key = api_key or os.getenv(self.api_key_env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

anthropic

python dependency
medium pii_flow tooling reachable #1ab26a64384c046b PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/agents.py:15 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/agents.py:9 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/agents.py:15
    print("Created environment:", environment.id)

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #75ebf37fa0876e5c PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/agents.py:22 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/agents.py:9 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/agents.py:22
    print("Created agent:", agent.id)

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #3ecee1d7a574be3d PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/agents.py:29 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/agents.py:9 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/agents.py:29
    print("Created session:", session.id)

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #cdf22b0f048bfa6d PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/agents.py:45 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/agents.py:9 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/agents.py:45
            print(event.to_json(indent=2))

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #5e8900d3da2c6e5c PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/agents_comprehensive.py:28 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/agents_comprehensive.py:18 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/agents_comprehensive.py:28
    print("Created environment:", environment.id)

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #b9657dfc72452de4 PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/agents_comprehensive.py:32 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/agents_comprehensive.py:18 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/agents_comprehensive.py:32
    print("Created vault:", vault.id)

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #da78b0977534704f PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/agents_comprehensive.py:43 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/agents_comprehensive.py:18 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/agents_comprehensive.py:43
    print("Created credential:", credential.id)

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #61e9275d5a2be831 PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/agents_comprehensive.py:52 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/agents_comprehensive.py:18 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/agents_comprehensive.py:52
    print("Created skill:", skill.id)

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #c4a0088d1c4c4509 PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/agents_comprehensive.py:75 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/agents_comprehensive.py:18 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/agents_comprehensive.py:75
    print("Created agent v1:", agent_v1.id)

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #0095329feb1fbd9b PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/agents_comprehensive.py:86 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/agents_comprehensive.py:18 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/agents_comprehensive.py:86
    print("Patched agent to v2:", agent.id)

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #d7268280764f6e14 PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/agents_comprehensive.py:89 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/agents_comprehensive.py:18 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/agents_comprehensive.py:89
    print("Agent versions:", versions.data)

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #522dc8a9729a3416 PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/agents_comprehensive.py:97 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/agents_comprehensive.py:18 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/agents_comprehensive.py:97
    print("Created session:", session.id)

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #7cd606ed77f8746f PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/agents_comprehensive.py:108 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/agents_comprehensive.py:18 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/agents_comprehensive.py:108
            print(event.to_json(indent=2))

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #4780714bec23c33f PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/agents_with_files.py:16 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/agents_with_files.py:10 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/agents_with_files.py:16
    print("Created environment:", environment.id)

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #0324b6ea2a5ab4d8 PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/agents_with_files.py:32 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/agents_with_files.py:10 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/agents_with_files.py:32
    print("Created agent:", agent.id)

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #f083654d4caa1c92 PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/agents_with_files.py:38 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/agents_with_files.py:10 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/agents_with_files.py:38
    print("Uploaded file:", file.id)

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #f4a599974eab9d2f PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/agents_with_files.py:52 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/agents_with_files.py:10 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/agents_with_files.py:52
    print("Created session:", session.id)

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #a370e63eb0a9b111 PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/agents_with_files.py:55 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/agents_with_files.py:10 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/agents_with_files.py:55
    print("Listed session resources:", resources.data)

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #c3fd4f9240733a16 PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/agents_with_files.py:76 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/agents_with_files.py:10 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/agents_with_files.py:76
            print(event.to_json(indent=2))

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

expand_more 103 low-confidence finding(s)
low env_fs tooling reachable #9cf2287a371be6ad Environment-variable access.
pkgs/python/[email protected]/examples/agents.py:9
    anthropic = Anthropic(api_key=os.environ.get("ANTHROPIC_API_KEY"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #deadde47776bd2e3 Environment-variable access.
pkgs/python/[email protected]/examples/agents_comprehensive.py:18
    anthropic = Anthropic(api_key=os.environ.get("ANTHROPIC_API_KEY"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #54ca330b4fbb48e1 Environment-variable access.
pkgs/python/[email protected]/examples/agents_comprehensive.py:20
    github_token = os.environ.get("GITHUB_TOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #81483991295d13ef Filesystem access.
pkgs/python/[email protected]/examples/agents_comprehensive.py:47
    with open(skill_md_path, "rb") as skill_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #6ab967c9aa10b990 Environment-variable access.
pkgs/python/[email protected]/examples/agents_with_files.py:10
    anthropic = Anthropic(api_key=os.environ.get("ANTHROPIC_API_KEY"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #00f378acc23d5208 Environment-variable access.
pkgs/python/[email protected]/examples/managed-agents-observe-tool-calls.py:46
    val = os.environ.get(name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #6e56a2f61d87c1b7 Environment-variable access.
pkgs/python/[email protected]/examples/managed-agents-observe-tool-calls.py:64
    workdir = os.environ.get("ANTHROPIC_WORKDIR", ".")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #efae8c02f6811b60 Environment-variable access.
pkgs/python/[email protected]/examples/managed-agents-self-hosted-sandbox-worker.py:48
    val = os.environ.get(name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #7f185c03ff43cb73 Environment-variable access.
pkgs/python/[email protected]/examples/managed-agents-self-hosted-sandbox-worker.py:60
    workdir = os.environ.get("ANTHROPIC_WORKDIR", ".")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #c49027485e501d52 Environment-variable access.
pkgs/python/[email protected]/examples/workload_identity.py:70
        identity_token_provider=lambda: os.environ["ANTHROPIC_IDENTITY_TOKEN"],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #942b208d56c8a84d Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/anthropic/_base_client.py:325
        return await self._client.request(self._page_cls, self._options)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #6492ad213aeedaea Environment-variable access.
pkgs/python/[email protected]/src/anthropic/_client.py:107
    if api_key is not None and os.environ.get("ANTHROPIC_API_KEY"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bfe5a935689a55e1 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/_client.py:109
    if auth_token is not None and os.environ.get("ANTHROPIC_AUTH_TOKEN"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7b891c16eeeb4e16 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/_client.py:214
            api_key = os.environ.get("ANTHROPIC_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3b310f98ee136dec Environment-variable access.
pkgs/python/[email protected]/src/anthropic/_client.py:215
            auth_token = os.environ.get("ANTHROPIC_AUTH_TOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dd7414fb8f3ca20b Environment-variable access.
pkgs/python/[email protected]/src/anthropic/_client.py:221
            webhook_key = os.environ.get("ANTHROPIC_WEBHOOK_SIGNING_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6e85c9b86bdc8a06 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/_client.py:225
            base_url = os.environ.get("ANTHROPIC_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ea0f4d67eaf01b11 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/_client.py:234
        custom_headers_env = os.environ.get("ANTHROPIC_CUSTOM_HEADERS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #49727022663cf957 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/_client.py:634
            api_key = os.environ.get("ANTHROPIC_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #19027cae6c0e0085 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/_client.py:635
            auth_token = os.environ.get("ANTHROPIC_AUTH_TOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8cbc49b0fd812507 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/_client.py:641
            webhook_key = os.environ.get("ANTHROPIC_WEBHOOK_SIGNING_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #aaaf457bc7a99453 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/_client.py:645
            base_url = os.environ.get("ANTHROPIC_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6099f7d6d45762bf Environment-variable access.
pkgs/python/[email protected]/src/anthropic/_client.py:654
        custom_headers_env = os.environ.get("ANTHROPIC_CUSTOM_HEADERS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a5ca0c6d3eb24c4c Filesystem access.
pkgs/python/[email protected]/src/anthropic/_files.py:69
            return (path.name, path.read_bytes())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #480007f94116ab37 Filesystem access.
pkgs/python/[email protected]/src/anthropic/_files.py:81
        return pathlib.Path(file).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6015d4505bab9ad0 Filesystem access.
pkgs/python/[email protected]/src/anthropic/_files.py:111
            return (path.name, await path.read_bytes())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bf0fcab56566eef1 Filesystem access.
pkgs/python/[email protected]/src/anthropic/_files.py:123
        return await anyio.Path(file).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #252e742068d36f42 Filesystem access.
pkgs/python/[email protected]/src/anthropic/_legacy_response.py:464
        with open(file, mode="wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #47766c16ae8649a1 Filesystem access.
pkgs/python/[email protected]/src/anthropic/_legacy_response.py:477
        with open(file, mode="wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c3134fea7d5a8eeb Environment-variable access.
pkgs/python/[email protected]/src/anthropic/_models.py:120
            extra="allow", defer_build=coerce_boolean(os.environ.get("DEFER_PYDANTIC_BUILD", "true"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9c05f239d239f388 Filesystem access.
pkgs/python/[email protected]/src/anthropic/_response.py:537
        with open(file, mode="wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #60a509d76faa7a6f Filesystem access.
pkgs/python/[email protected]/src/anthropic/_response.py:579
        with open(file, mode="wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7151e0d59d05b69b Environment-variable access.
pkgs/python/[email protected]/src/anthropic/_utils/_logs.py:17
    env = os.environ.get("ANTHROPIC_LOG")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5d902e9a6857ec6e Filesystem access.
pkgs/python/[email protected]/src/anthropic/_utils/_transform.py:250
            binary = data.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a2a45c50737207b8 Filesystem access.
pkgs/python/[email protected]/src/anthropic/_utils/_transform.py:418
            binary = await anyio.Path(data).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #af1b92c3ff82a652 Filesystem access.
pkgs/python/[email protected]/src/anthropic/_utils/_utils.py:379
    contents = Path(path).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #646655167f55b289 Filesystem access.
pkgs/python/[email protected]/src/anthropic/lib/_files.py:25
        files.append((path.relative_to(relative_to).as_posix(), path.read_bytes()))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #85b47dc3fae48662 Filesystem access.
pkgs/python/[email protected]/src/anthropic/lib/_files.py:42
        files.append((path.relative_to(relative_to).as_posix(), await path.read_bytes()))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d66e62740e5f5775 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/aws/_credentials.py:25
        value = os.environ.get(var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #71bfdda502b3fa89 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/aws/_credentials.py:90
    return os.environ.get("AWS_REGION") or os.environ.get("AWS_DEFAULT_REGION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f9bab95291f782d0 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/bedrock/_client.py:77
    aws_region = os.environ.get("AWS_REGION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b82befc0c7822c7d Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/bedrock/_client.py:165
            api_key = os.environ.get("AWS_BEARER_TOKEN_BEDROCK")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #389932be692f646b Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/bedrock/_client.py:190
            base_url = os.environ.get("ANTHROPIC_BEDROCK_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0b04a0b29dd736d4 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/bedrock/_client.py:345
            api_key = os.environ.get("AWS_BEARER_TOKEN_BEDROCK")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #74af0923a331c2e8 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/bedrock/_client.py:370
            base_url = os.environ.get("ANTHROPIC_BEDROCK_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e7b5a58f4b4a2997 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/bedrock/_mantle.py:144
        base_url = os.environ.get("ANTHROPIC_BEDROCK_MANTLE_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fc33cadca9ae3600 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/credentials/_chain.py:33
    federation_rule_id = os.environ.get(ENV_FEDERATION_RULE_ID)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7f3c7f53a1485c84 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/credentials/_chain.py:34
    organization_id = os.environ.get(ENV_ORGANIZATION_ID)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a8f7238b0dc58884 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/credentials/_chain.py:35
    has_literal_token = ENV_IDENTITY_TOKEN in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ed92b68a44cadeee Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/credentials/_chain.py:50
            value = os.environ.get(ENV_IDENTITY_TOKEN)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6a0d829f02094aa7 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/credentials/_chain.py:65
        service_account_id=os.environ.get(ENV_SERVICE_ACCOUNT_ID),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3c483c1f6ac754a4 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/credentials/_chain.py:69
        workspace_id=os.environ.get(ENV_WORKSPACE_ID) or None,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #be7a2bdb8e21f1bd Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/credentials/_chain.py:70
        scope=os.environ.get(ENV_SCOPE),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8268428ae6f9d556 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/credentials/_chain.py:108
    if os.environ.get(ENV_API_KEY):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2281ae26c9ea748e Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/credentials/_chain.py:112
    auth_token = os.environ.get(ENV_AUTH_TOKEN)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ace92221a25e8f3a Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/credentials/_chain.py:119
    env_explicit = bool(os.environ.get(ENV_PROFILE) or os.environ.get(ENV_CONFIG_DIR))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f0924f1eb4d418a0 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/credentials/_constants.py:78
    env = os.environ.get(ENV_CONFIG_DIR)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #85aff876f6e30377 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/credentials/_constants.py:82
        appdata = os.environ.get("APPDATA")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #40a8bf7b692788e4 Filesystem access.
pkgs/python/[email protected]/src/anthropic/lib/credentials/_constants.py:92
        name = (_config_dir() / "active_config").read_text(encoding="utf-8").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #28fc19745f312236 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/credentials/_constants.py:105
    env = os.environ.get(ENV_PROFILE)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7567a1917bc348f2 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/credentials/_constants.py:224
    env = os.environ.get(ENV_IDENTITY_TOKEN_FILE)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d8c2fd0cd17652ba Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/credentials/_constants.py:240
    if os.environ.get(ENV_PROFILE) or os.environ.get(ENV_CONFIG_DIR):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #249a7ad0c4e3cb52 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/credentials/_constants.py:244
    if os.environ.get(ENV_FEDERATION_RULE_ID) and os.environ.get(ENV_ORGANIZATION_ID):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #881dc24d8f8b6584 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/credentials/_constants.py:245
        if os.environ.get(ENV_IDENTITY_TOKEN_FILE) or os.environ.get(ENV_IDENTITY_TOKEN):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7f1a91a0afd0fd78 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/credentials/_providers.py:96
            v = os.environ.get(env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #84349d41ecb07297 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/credentials/_providers.py:110
            v = os.environ.get(ENV_IDENTITY_TOKEN_FILE)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b5b255b92b72f001 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/credentials/_providers.py:136
        value = os.environ.get(self._env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f5aaf036d3445bb9 Filesystem access.
pkgs/python/[email protected]/src/anthropic/lib/credentials/_providers.py:284
            raw = self._config_path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4dafa902d48100c0 Filesystem access.
pkgs/python/[email protected]/src/anthropic/lib/credentials/_providers.py:374
            creds: Dict[str, Any] = _wrap_secret_fields(json.loads(path.read_text(encoding="utf-8")))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #002cf0cc64644601 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/anthropic/lib/credentials/_providers.py:538
            resp = self._get_http_client().post(
                f"{self._base_url}{TOKEN_ENDPOINT}",
                # Serialized inline so the raw request bytes are never bound
                # to a local here; SecretStr values unwrap at dump time.
                content=_json_dumps_secrets(body),
                headers={
                    "Content-Type": "application/json",
                    # oauth-2025-04-20 unlocks the token endpoint family. Do
                    # NOT send oidc-federation-2026-04-01 — that's a routing
                    # switch that misroutes refresh_token grants to the Go
                    # userauth handler, which only accepts jwt-bearer.
                    "anthropic-beta": OAUTH_API_BETA_HEADER,
                    "User-Agent": _user_agent(),
                },
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #07f9e3880f4fdd93 Filesystem access.
pkgs/python/[email protected]/src/anthropic/lib/credentials/_providers.py:746
            content = self._path.read_text(encoding="utf-8").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #f3a0b34ae758905b Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/anthropic/lib/credentials/_workload.py:259
            resp = self._http_client.post(
                url,
                # Serialized inline so the raw request bytes are never bound
                # to a local here; SecretStr values unwrap at dump time.
                content=_json_dumps_secrets(body),
                headers={
                    "anthropic-beta": _JWT_BEARER_BETA_HEADER,
                    "Content-Type": "application/json",
                    "User-Agent": _user_agent(),
                },
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #303f44aa08e73a96 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/environments/_worker.py:160
    resolved = value or os.environ.get(env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #362eb29ab91e3661 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/foundry.py:157
        api_key = api_key if api_key is not None else os.environ.get("ANTHROPIC_FOUNDRY_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e27bcb890ebf2d45 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/foundry.py:158
        resource = resource if resource is not None else os.environ.get("ANTHROPIC_FOUNDRY_RESOURCE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cb865f2d80fc2ca2 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/foundry.py:159
        base_url = base_url if base_url is not None else os.environ.get("ANTHROPIC_FOUNDRY_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cc2cef8182bd2676 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/foundry.py:382
        api_key = api_key if api_key is not None else os.environ.get("ANTHROPIC_FOUNDRY_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #97a00bc0326f2840 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/foundry.py:383
        resource = resource if resource is not None else os.environ.get("ANTHROPIC_FOUNDRY_RESOURCE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #17025813454011ab Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/foundry.py:384
        base_url = base_url if base_url is not None else os.environ.get("ANTHROPIC_FOUNDRY_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a4365f74c6dfc2a2 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/google_cloud/_client.py:247
            location = os.environ.get("ANTHROPIC_GOOGLE_CLOUD_LOCATION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #24f96f0687e6f0b8 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/google_cloud/_client.py:252
            project = os.environ.get("ANTHROPIC_GOOGLE_CLOUD_PROJECT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #83b264a0eb0997e9 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/google_cloud/_client.py:254
            project = os.environ.get("GOOGLE_CLOUD_PROJECT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2cc6488c32cf51f8 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/google_cloud/_client.py:260
            base_url = os.environ.get("ANTHROPIC_GOOGLE_CLOUD_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e15f561aa20ecbe8 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/google_cloud/_client.py:266
            workspace_id = os.environ.get("ANTHROPIC_GOOGLE_CLOUD_WORKSPACE_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4073e79b4048d77e Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/google_cloud/_client.py:493
            location = os.environ.get("ANTHROPIC_GOOGLE_CLOUD_LOCATION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #005198683883fb78 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/google_cloud/_client.py:498
            project = os.environ.get("ANTHROPIC_GOOGLE_CLOUD_PROJECT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2fa68ebebd21f31b Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/google_cloud/_client.py:500
            project = os.environ.get("GOOGLE_CLOUD_PROJECT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dc0eb47f5802c8e3 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/google_cloud/_client.py:506
            base_url = os.environ.get("ANTHROPIC_GOOGLE_CLOUD_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ed604be4bad10740 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/google_cloud/_client.py:510
            workspace_id = os.environ.get("ANTHROPIC_GOOGLE_CLOUD_WORKSPACE_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #3c4a70bd92253c10 Filesystem access.
pkgs/python/[email protected]/src/anthropic/lib/tools/_beta_builtin_memory_tool.py:356
        return full_path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #fc837afc6cb2e152 Filesystem access.
pkgs/python/[email protected]/src/anthropic/lib/tools/_beta_builtin_memory_tool.py:653
        return await full_path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #a604e7c1cffb9baf Filesystem access.
pkgs/python/[email protected]/src/anthropic/lib/tools/_skills.py:138
                with zf.open(info) as src, open(target, "wb") as out:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #dabb2af283bd262a Filesystem access.
pkgs/python/[email protected]/src/anthropic/lib/tools/_skills.py:164
            with extracted as src, open(target, "wb") as out:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #31b9f3b35ed5f7c6 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/tools/agent_toolset.py:123
    return {k: v for k, v in os.environ.items() if not k.startswith("ANTHROPIC_")}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #5d6b11149f0eab19 Filesystem access.
pkgs/python/[email protected]/src/anthropic/lib/tools/agent_toolset.py:512
            text = target.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #49e59a7b984ee798 Filesystem access.
pkgs/python/[email protected]/src/anthropic/lib/tools/agent_toolset.py:540
            target.write_text(content)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #7576d329cd5134e9 Filesystem access.
pkgs/python/[email protected]/src/anthropic/lib/tools/agent_toolset.py:570
            text = target.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #fa75de3d56fcfeeb Filesystem access.
pkgs/python/[email protected]/src/anthropic/lib/tools/agent_toolset.py:582
            target.write_text(updated)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0898d2a73d8b36ca Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/vertex/_client.py:46
        project_id = os.environ.get("ANTHROPIC_VERTEX_PROJECT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f2b1cc46e5b5ca66 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/vertex/_client.py:114
            region = os.environ.get("CLOUD_ML_REGION", NOT_GIVEN)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e0a1bba5285b5e0e Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/vertex/_client.py:121
            base_url = os.environ.get("ANTHROPIC_VERTEX_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a284fd3afb8d65cf Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/vertex/_client.py:278
            region = os.environ.get("CLOUD_ML_REGION", NOT_GIVEN)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5900b0fc528007b4 Environment-variable access.
pkgs/python/[email protected]/src/anthropic/lib/vertex/_client.py:285
            base_url = os.environ.get("ANTHROPIC_VERTEX_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

composio-core

python dependency
medium telemetry dependency Excluded from app score #5411aab6902bb556 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/composio/core/cls/catch_all_exceptions.py:3
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #760937c1e932727a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/composio/core/cls/catch_all_exceptions.py:53
    if (isinstance(exc, (SystemExit, ValueError))) and sentry_sdk.is_initialized():

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ad9cd2f0b9b25fca Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/composio/core/cls/catch_all_exceptions.py:54
        sentry_sdk.capture_exception(exc)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5060c7104c7effe9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/composio/core/cls/catch_all_exceptions.py:55
        sentry_sdk.flush()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium pii_flow tooling reachable #fce3128ae63ddc11 A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/composio/tools/local/greptile/actions/codequery.py:107 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/composio/tools/local/greptile/actions/codequery.py:71 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/composio/tools/local/greptile/actions/codequery.py:107
        response = requests.post(
            "https://api.greptile.com/v2/query",
            headers=headers,
            data=json.dumps(data),
            timeout=request.timeout,
        )

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

medium telemetry dependency Excluded from app score #23f95a15ad406afc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/composio/utils/sentry.py:12
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2d945eb26f277766 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/composio/utils/sentry.py:13
import sentry_sdk.integrations.argv

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #433cfd87bdec141d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/composio/utils/sentry.py:14
import sentry_sdk.integrations.atexit

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5c3648dcf6d90dbf Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/composio/utils/sentry.py:15
import sentry_sdk.integrations.dedupe

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #95e1476ed18496d2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/composio/utils/sentry.py:16
import sentry_sdk.integrations.excepthook

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5a2f0a513b68f7d7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/composio/utils/sentry.py:17
import sentry_sdk.integrations.fastapi

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cd02a7009f825665 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/composio/utils/sentry.py:18
import sentry_sdk.integrations.logging

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #04154562bd29b079 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/composio/utils/sentry.py:19
import sentry_sdk.integrations.modules

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #929c5dfec0354b0f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/composio/utils/sentry.py:20
import sentry_sdk.integrations.stdlib

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #350c55273b0c9b14 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/composio/utils/sentry.py:21
import sentry_sdk.integrations.threading

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ff27d7107248e086 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/composio/utils/sentry.py:22
import sentry_sdk.types

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fa5df8aa84333669 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/composio/utils/sentry.py:89
    sentry_sdk.init(
        dsn=sentry_config["dsn"],
        traces_sample_rate=sentry_config.get("traces_sample_rate", 1.0),
        profiles_sample_rate=sentry_config.get("profiles_sample_rate", 1.0),
        debug=False,
        before_send=filter_sentry_errors,
        default_integrations=False,
        integrations=[
            sentry_sdk.integrations.argv.ArgvIntegration(),
            sentry_sdk.integrations.atexit.AtexitIntegration(
                callback=lambda x, y: None,
            ),  # suppress atexit message
            sentry_sdk.integrations.dedupe.DedupeIntegration(),
            sentry_sdk.integrations.excepthook.ExcepthookIntegration(),
            sentry_sdk.integrations.fastapi.FastApiIntegration(),
            sentry_sdk.integrations.logging.LoggingIntegration(),
            sentry_sdk.integrations.modules.ModulesIntegration(),
            sentry_sdk.integrations.stdlib.StdlibIntegration(),
            sentry_sdk.integrations.threading.ThreadingIntegration(),
        ],
    )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

expand_more 86 low-confidence finding(s)
low env_fs dependency Excluded from app score #d4b84ae499366423 Filesystem access.
pkgs/python/[email protected]/composio/cli/apps.py:99
    with open(enum_file, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #77644ee057de65f6 Filesystem access.
pkgs/python/[email protected]/composio/cli/apps.py:133
    with open(enum_file + "i", "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #88c1044369588bed Environment-variable access.
pkgs/python/[email protected]/composio/cli/context.py:82
        api_key_from_env = os.environ.get(ENV_COMPOSIO_API_KEY)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #82ce05760f2c3d6e Filesystem access.
pkgs/python/[email protected]/composio/cli/utils/helpfulcmd.py:31
            formatter.write_text(click.style(text, fg="white"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #95200f53ac87427b Environment-variable access.
pkgs/python/[email protected]/composio/client/__init__.py:108
                else os.environ.get(ENV_COMPOSIO_API_KEY)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #832a9f5e4fcef0b7 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/composio/client/__init__.py:212
        response = http.get(str(v1.cli.verify_cli_code({"key": key, "code": code})))

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #c227e0071069944d Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/composio/client/collections.py:1439
            response=self.client.http.get(
                str(self.endpoint / "search" / "advanced"),
                params=params,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #b82ad02eb1ecfbe9 Environment-variable access.
pkgs/python/[email protected]/composio/client/enums/enum.py:18
    os.environ.get("COMPOSIO_NO_REMOTE_ENUM_FETCHING", "false") != "false"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1e56a8fe629b8a11 Environment-variable access.
pkgs/python/[email protected]/composio/client/utils.py:18
NO_CACHE_REFRESH = os.getenv("COMPOSIO_NO_CACHE_REFRESH", "false") == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d70fe56a0853a23a Filesystem access.
pkgs/python/[email protected]/composio/client/utils.py:227
            first_action = json.loads(first_file.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d1efa9c9ed7b9318 Environment-variable access.
pkgs/python/[email protected]/composio/constants.py:39
_cache_dir = os.environ.get(ENV_LOCAL_CACHE_DIRECTORY)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7e00ffd585bfa35c Environment-variable access.
pkgs/python/[email protected]/composio/constants.py:147
COMPOSIO_VERSIONING_POLICY = os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bc5e08ea5f0dd447 Environment-variable access.
pkgs/python/[email protected]/composio/constants.py:147
COMPOSIO_VERSIONING_POLICY = os.environ.get(
    ENV_COMPOSIO_VERSIONING_POLICY,
    VERSION_LATEST_BASE,
)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1d0ee691c742841a Environment-variable access.
pkgs/python/[email protected]/composio/server/api.py:116
    access_token = os.environ.get(ENV_ACCESS_TOKEN)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2f2b7bf066f3861d Filesystem access.
pkgs/python/[email protected]/composio/server/api.py:273
        tempfile.write_text(request.content)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #542969eda471e8de Filesystem access.
pkgs/python/[email protected]/composio/storage/base.py:67
        self.path.write_text(
            json.dumps(
                data,
                indent=2,
            ),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #37190bfce7641762 Filesystem access.
pkgs/python/[email protected]/composio/storage/base.py:80
                path.read_text(
                    encoding="utf-8",
                )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #5dfd8ca67f2864d2 Filesystem access.
pkgs/python/[email protected]/composio/tools/base/local.py:124
                _content = Path(value).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #98b085f0ee42bc28 Filesystem access.
pkgs/python/[email protected]/composio/tools/base/local.py:137
                _content = Path(value).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #8ae94e6c26dcc609 Filesystem access.
pkgs/python/[email protected]/composio/tools/local/anthropic_computer_use/actions/computer.py:327
            base64_image = base64.b64encode(path.read_bytes()).decode()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #fde005057e1dcf8a Filesystem access.
pkgs/python/[email protected]/composio/tools/local/base/action.py:183
                    with open(value, "rb") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #d8d50f3d6208bf1e Filesystem access.
pkgs/python/[email protected]/composio/tools/local/base/action.py:202
                    with open(value, "rb") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #6ad87092042fb763 Filesystem access.
pkgs/python/[email protected]/composio/tools/local/base/utils/queries/__init__.py:11
with open(c_tags_query_path, "r", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #e4d35a22b318880a Filesystem access.
pkgs/python/[email protected]/composio/tools/local/clipboardtool/actions/image.py:81
            with open(temp_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #cce7c2ab5e5d4db7 Filesystem access.
pkgs/python/[email protected]/composio/tools/local/clipboardtool/actions/image.py:119
            with open(request.save_path, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #ceda088f8bb650d6 Filesystem access.
pkgs/python/[email protected]/composio/tools/local/codeanalysis/actions/base_action.py:26
        with open(self.fqdn_cache_file, "r", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #fcd861fa2c25abdc Filesystem access.
pkgs/python/[email protected]/composio/tools/local/codeanalysis/actions/create_codemap.py:154
            with open(file, "r", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #caa5e9b37b2bd3fb Filesystem access.
pkgs/python/[email protected]/composio/tools/local/codeanalysis/actions/create_codemap.py:204
        with open(self.fqdn_cache_file, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #8e555001bf0af07a Filesystem access.
pkgs/python/[email protected]/composio/tools/local/codeanalysis/actions/create_codemap.py:299
        with open(status_file, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #63e470725dd42678 Filesystem access.
pkgs/python/[email protected]/composio/tools/local/codeanalysis/actions/create_codemap.py:307
        with open(status_file, "r", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #c60255ea44ed827f Filesystem access.
pkgs/python/[email protected]/composio/tools/local/codeanalysis/lsp_helper.py:478
        with open(file_path, "r", encoding="utf-8") as fp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #0a3757196173930b Filesystem access.
pkgs/python/[email protected]/composio/tools/local/codeanalysis/lsp_helper.py:486
        with open(file_path, "w", encoding="utf-8") as fd:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #a5d3c286463037b4 Filesystem access.
pkgs/python/[email protected]/composio/tools/local/codeanalysis/lsp_helper.py:637
        with open(global_path, "r") as fd:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #32690970efd0fb8b Filesystem access.
pkgs/python/[email protected]/composio/tools/local/codeanalysis/lsp_helper.py:680
        with open(_class_obj.global_path, "r", encoding="utf-8") as fp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #ca449015e8f705ee Filesystem access.
pkgs/python/[email protected]/composio/tools/local/codeanalysis/lsp_helper.py:691
            with open(file_path, "w") as fd:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #b4b0a407208f60b5 Filesystem access.
pkgs/python/[email protected]/composio/tools/local/codeanalysis/lsp_helper.py:981
        with open(self.global_path, "r") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #421ee6de77136e62 Filesystem access.
pkgs/python/[email protected]/composio/tools/local/codeanalysis/lsp_helper.py:1146
        with open(file_path, "r") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #4ff4128f00ecbe05 Filesystem access.
pkgs/python/[email protected]/composio/tools/local/codeanalysis/tool_utils.py:74
                with open(file, "r", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #8e77524f06909d6b Filesystem access.
pkgs/python/[email protected]/composio/tools/local/codeanalysis/tree_sitter_related.py:132
    with open(file_path, "r", encoding="utf-8") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #605d61cdd58cb5dd Filesystem access.
pkgs/python/[email protected]/composio/tools/local/codeanalysis/tree_sitter_related.py:198
    with open(file_path, "r", encoding="utf-8") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #37fe895e4261802d Filesystem access.
pkgs/python/[email protected]/composio/tools/local/codeanalysis/tree_sitter_related.py:233
    with open(file_path, "r", encoding="utf-8") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #8fb658393f819251 Filesystem access.
pkgs/python/[email protected]/composio/tools/local/filetool/actions/apply_patch.py:62
        with open(git_root / "patch.patch", "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #9983bfb402364ab1 Filesystem access.
pkgs/python/[email protected]/composio/tools/local/filetool/actions/apply_patch.py:96
                file.path.write_text(before_file_contents[key], encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #01b682bfa6a168ff Filesystem access.
pkgs/python/[email protected]/composio/tools/local/filetool/actions/apply_patch.py:153
                file_contents[file_path] = file.path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #66ea38d93b743ad3 Environment-variable access.
pkgs/python/[email protected]/composio/tools/local/filetool/actions/git_clone.py:35
        github_access_token or os.environ.get("GITHUB_ACCESS_TOKEN", "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #19f1989c7abf9375 Environment-variable access.
pkgs/python/[email protected]/composio/tools/local/filetool/actions/git_clone.py:38
    if not github_access_token and os.environ.get("ALLOW_CLONE_WITHOUT_REPO") != "true":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #135c561c1ad9a428 Filesystem access.
pkgs/python/[email protected]/composio/tools/local/filetool/actions/git_repo_tree.py:77
            with open(tree_file_path, "r", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #56f8d65218b6cb5b Environment-variable access.
pkgs/python/[email protected]/composio/tools/local/greptile/actions/codequery.py:71
        token = metadata.get("greptile_token", os.getenv("GREPTILE_TOKEN"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #d4bbe08e612acab9 Environment-variable access.
pkgs/python/[email protected]/composio/tools/local/greptile/actions/codequery.py:76
        github_token = metadata.get("github_token", os.getenv("GITHUB_TOKEN"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling reachable #e51d6d3e81fe701d Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/composio/tools/local/greptile/actions/codequery.py:107
        response = requests.post(
            "https://api.greptile.com/v2/query",
            headers=headers,
            data=json.dumps(data),
            timeout=request.timeout,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling reachable #d3f6686533cb2fa8 Filesystem access.
pkgs/python/[email protected]/composio/tools/local/imageanalyser/actions/image_analyser.py:89
        with open(file_path, "rb") as image_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling reachable #0c023cec9c9d4459 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/composio/tools/local/imageanalyser/actions/image_analyser.py:129
            response = requests.get(media_path, timeout=40)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling reachable #6f50c53241c47178 Filesystem access.
pkgs/python/[email protected]/composio/tools/local/imageanalyser/actions/image_analyser.py:132
            with open(media_path, "rb") as image_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #036f42a2f965b5f2 Environment-variable access.
pkgs/python/[email protected]/composio/tools/local/imageanalyser/actions/image_analyser.py:179
        media_model_choice = os.environ.get("MEDIA_MODEL_CHOICE", "gpt-4o")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #d6159602476e3917 Environment-variable access.
pkgs/python/[email protected]/composio/tools/local/imageanalyser/actions/image_analyser.py:216
            key = os.environ.get("OPENAI_API_KEY") or metadata.get("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #32c990ca239b361d Environment-variable access.
pkgs/python/[email protected]/composio/tools/local/imageanalyser/actions/image_analyser.py:220
            key = os.environ.get("ANTHROPIC_API_KEY") or metadata.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #0315ed5901cd97b2 Filesystem access.
pkgs/python/[email protected]/composio/tools/local/shelltool/shell_exec/actions/spawn.py:89
        pid.write_text(str(process.pid))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #e82b40c52103cf9d Environment-variable access.
pkgs/python/[email protected]/composio/tools/local/shelltool/utils.py:23
    github_access_token = os.environ.get("GITHUB_ACCESS_TOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #539f5993e65669a9 Environment-variable access.
pkgs/python/[email protected]/composio/tools/local/shelltool/utils.py:25
        if os.environ.get("ALLOW_CLONE_WITHOUT_REPO") != "true":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling reachable #2d9df1867f831e74 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/composio/tools/local/webtool/actions/scrape_website_content.py:54
        with urlopen(req, context=context) as response:

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress tooling reachable #50f0accdcb8c5462 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/composio/tools/local/webtool/actions/scrape_website_element.py:56
        with urlopen(req, context=context) as response:

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling reachable #c82214cd8c36e23c Environment-variable access.
pkgs/python/[email protected]/composio/tools/local/zep/actions/add_memory.py:39
        client = Zep(api_key=os.environ.get("ZEP_API_KEY", metadata.get("api_key")))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #e9cbf2a98ccad668 Environment-variable access.
pkgs/python/[email protected]/composio/tools/local/zep/actions/create_session.py:39
        client = Zep(api_key=os.environ.get("ZEP_API_KEY", metadata.get("api_key")))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #3f821e4a5d75b35f Environment-variable access.
pkgs/python/[email protected]/composio/tools/local/zep/actions/get_memory.py:44
        client = Zep(api_key=os.environ.get("ZEP_API_KEY", metadata.get("api_key")))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #6b3fef82533b6fd2 Environment-variable access.
pkgs/python/[email protected]/composio/tools/local/zep/actions/search_memory.py:51
        client = Zep(api_key=os.environ.get("ZEP_API_KEY", metadata.get("api_key")))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #38e6181537353baf Environment-variable access.
pkgs/python/[email protected]/composio/tools/toolset.py:125
        _IS_CI = os.environ.get("CI") == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #1b45a2521d61e428 Filesystem access.
pkgs/python/[email protected]/composio/tools/toolset.py:161
        with open(self._path, encoding="utf-8") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #3aadd3652ca786e4 Filesystem access.
pkgs/python/[email protected]/composio/tools/toolset.py:179
        with open(self._path, "w", encoding="utf-8") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #cccf8cbe036c9f3e Filesystem access.
pkgs/python/[email protected]/composio/tools/toolset.py:377
            with open(path, "w", encoding="utf-8") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #874c4fb9b3184bae Filesystem access.
pkgs/python/[email protected]/composio/tools/toolset.py:381
        with open(path, "wb") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #94082b1fed2a7d4d Environment-variable access.
pkgs/python/[email protected]/composio/tools/toolset.py:1549
                or os.environ.get(ENV_COMPOSIO_API_KEY)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #b0a4a5981c2a182f Environment-variable access.
pkgs/python/[email protected]/composio/tools/toolset.py:1699
        from_env = os.environ.get(f"_COMPOSIO_{ENV_GITHUB_ACCESS_TOKEN}")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cbdd837370831456 Environment-variable access.
pkgs/python/[email protected]/composio/utils/descope.py:55
        self.project_id = project_id or os.environ.get("DESCOPE_PROJECT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d805a3f639e0caea Environment-variable access.
pkgs/python/[email protected]/composio/utils/descope.py:56
        self.management_key = management_key or os.environ.get("DESCOPE_MANAGEMENT_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f3e0b51e3f1d3e4b Environment-variable access.
pkgs/python/[email protected]/composio/utils/descope.py:58
            base_url or os.environ.get("DESCOPE_BASE_URL") or "https://api.descope.com"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #d0ffbb09038b50e0 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/composio/utils/descope.py:100
            response = requests.post(
                descope_url, headers=headers, data=payload, timeout=10, verify=False
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #c04f0cfe37a0a48d Environment-variable access.
pkgs/python/[email protected]/composio/utils/logging.py:20
_LOG_VERBOSITY = int(os.environ.get("COMPOSIO_LOG_VERBOSITY", 0))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #04bb2a087b7b84a0 Environment-variable access.
pkgs/python/[email protected]/composio/utils/logging.py:103
    level = os.environ.get(ENV_COMPOSIO_LOGGING_LEVEL)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a55bb5613c40e2c9 Filesystem access.
pkgs/python/[email protected]/composio/utils/sentry.py:47
        data = json.loads(user_file.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #495eedd901998bf6 Environment-variable access.
pkgs/python/[email protected]/composio/utils/sentry.py:79
    if os.environ.get("COMPOSIO_DISABLE_SENTRY", "false").lower() in ("true", "t"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #faa0716886f4b277 Filesystem access.
pkgs/python/[email protected]/composio/utils/sentry.py:117
            data = json.loads(user_file.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #35567e4676ded3b5 Filesystem access.
pkgs/python/[email protected]/composio/utils/sentry.py:136
    user_file.write_text(json.dumps(data), encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #454e93f9e9b92587 Environment-variable access.
pkgs/python/[email protected]/composio/utils/url.py:19
    return os.environ.get(ENV_COMPOSIO_BASE_URL) or DEFAULT_BASE_URL

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #4e08e8482c52dbdf Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/composio/utils/warnings.py:19
        request = requests.get(COMPOSIO_PYPI_METADATA, timeout=10.0)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #1368901a27581543 Environment-variable access.
pkgs/python/[email protected]/composio/utils/warnings.py:30
    if os.environ.get("COMPOSIO_DISABLE_VERSION_CHECK", "false").lower() != "false":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6a5c21d937a8f407 Filesystem access.
pkgs/python/[email protected]/setup.py:97
    long_description=(Path(__file__).parent / "README.md").read_text(encoding="utf-8"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

daytona

python dependency
medium telemetry dependency Excluded from app score #a422d5fab4164e5f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/daytona/_async/daytona.py:15
from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fced99cda41f7ea9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/daytona/_async/daytona.py:16
from opentelemetry.exporter.otlp.proto.http.trace_exporter import OTLPSpanExporter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b57664126b60686b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/daytona/_async/daytona.py:17
from opentelemetry.instrumentation.aiohttp_client import AioHttpClientInstrumentor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a69b7408d887aea1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/daytona/_async/daytona.py:18
from opentelemetry.sdk.resources import Resource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #317097056931afff Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/daytona/_async/daytona.py:19
from opentelemetry.sdk.trace import TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4e386c605908b5e0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/daytona/_async/daytona.py:20
from opentelemetry.sdk.trace.export import BatchSpanProcessor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a4845af6fcac0673 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/daytona/_async/daytona.py:21
from opentelemetry.semconv.attributes import service_attributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e6327bca6c8d2d57 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/daytona/_sync/daytona.py:17
from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #121d2cd216726a85 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/daytona/_sync/daytona.py:18
from opentelemetry.exporter.otlp.proto.http.trace_exporter import OTLPSpanExporter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #59ec55c6d9257f32 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/daytona/_sync/daytona.py:19
from opentelemetry.instrumentation.aiohttp_client import AioHttpClientInstrumentor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #63caebb2a4e1ea4f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/daytona/_sync/daytona.py:20
from opentelemetry.sdk.resources import Resource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #aa3dc03b893ca92f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/daytona/_sync/daytona.py:21
from opentelemetry.sdk.trace import TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #384174a3e7b2c7f6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/daytona/_sync/daytona.py:22
from opentelemetry.sdk.trace.export import BatchSpanProcessor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2ce91cc189653c77 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/daytona/_sync/daytona.py:23
from opentelemetry.semconv.attributes import service_attributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7b73f4e60a103d16 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/daytona/_utils/otel_decorator.py:12
from opentelemetry import metrics, trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ef3b74cc19356144 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/daytona/_utils/otel_decorator.py:13
from opentelemetry.trace import Status, StatusCode

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

expand_more 24 low-confidence finding(s)
low egress dependency Excluded from app score #31ecbcd6bb8cd669 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/daytona/_async/computer_use.py:729
        async with http_session_of(self._api_client.api_client).request(
            method,
            url,
            headers=headers,
            timeout=_request_timeout(download_timeout),
        ) as response:

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #f82aa5b88c0ecab1 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/daytona/_async/filesystem.py:344
            async with http_session_of(self._api_client.api_client).request(
                method,
                url,
                json=body,
                headers=headers,
                timeout=_request_timeout(timeout),
            ) as resp:

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #142fd3296974c2bd Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/daytona/_async/filesystem.py:436
            async with http_session_of(self._api_client.api_client).request(
                method,
                url,
                json=body,
                headers=headers,
                timeout=_request_timeout(timeout),
            ) as resp:

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #f10bfbd2da719f95 Filesystem access.
pkgs/python/[email protected]/src/daytona/_async/filesystem.py:1001
                    stream = stack.enter_context(open(f.source, "rb"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #f3bf79cc8a562b5b Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/daytona/_async/filesystem.py:1017
            async with http_session_of(self._api_client.api_client).post(
                url,
                data=form,
                headers=headers,
                timeout=_request_timeout(timeout),
            ) as response:

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #24260abf2dea8558 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/daytona/_async/filesystem.py:1136
                response = await client.post(url, data=data_fields, files=file_fields, headers=headers)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #d75a14961ad5372e Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/daytona/_async/filesystem.py:1174
            response = await client.post(url, content=body_generator(), headers=request_headers)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #11d13b14384f96d5 Filesystem access.
pkgs/python/[email protected]/src/daytona/_async/filesystem.py:1254
        return stack.enter_context(open(source, "rb"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6a56e1f9fda83eac Filesystem access.
pkgs/python/[email protected]/src/daytona/_sync/computer_use.py:731
            with open(local_path, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4152c4166e0a82b6 Filesystem access.
pkgs/python/[email protected]/src/daytona/_sync/filesystem.py:481
                            writer = open(meta.dst, mode="wb")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7954abc1e21a4487 Filesystem access.
pkgs/python/[email protected]/src/daytona/_sync/filesystem.py:961
                    stream = stack.enter_context(open(f.source, "rb"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #3385ef514ed53b4e Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/daytona/_sync/filesystem.py:971
            response = self._http_client.post(
                url,
                data=data_fields,
                files=file_fields,
                headers=headers,
                timeout=_request_timeout(timeout),
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #d28cd4ac0a9b6327 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/daytona/_sync/filesystem.py:1050
                response = client.post(url, data=data_fields, files=file_fields, headers=headers)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #de69a56a041653ee Filesystem access.
pkgs/python/[email protected]/src/daytona/_sync/filesystem.py:1072
        return stack.enter_context(open(source, "rb"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #98e2ad2403139db7 Filesystem access.
pkgs/python/[email protected]/src/daytona/_sync/object_storage.py:110
            with open(abs_path_str, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b47d5198b09fbfca Filesystem access.
pkgs/python/[email protected]/src/daytona/_sync/object_storage.py:126
                    with open(file_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c7821d5e518c6b90 Environment-variable access.
pkgs/python/[email protected]/src/daytona/_utils/env.py:26
        val = os.environ.get(name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #de75e5de9a5d18f2 Environment-variable access.
pkgs/python/[email protected]/src/daytona/_utils/environment.py:15
    old_env: MutableMapping[str, str] = deepcopy(os.environ)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f165a67684e3f4fa Environment-variable access.
pkgs/python/[email protected]/src/daytona/_utils/environment.py:16
    os.environ.clear()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #aa7b4ac7b7265527 Environment-variable access.
pkgs/python/[email protected]/src/daytona/_utils/environment.py:18
        os.environ.update(temp_env)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a4e90685f5223985 Environment-variable access.
pkgs/python/[email protected]/src/daytona/_utils/environment.py:22
        os.environ.clear()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7af8effc379b2005 Environment-variable access.
pkgs/python/[email protected]/src/daytona/_utils/environment.py:23
        os.environ.update(old_env)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #5f41442ee613de9f Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/daytona/_utils/stream.py:62
        async with active_session.request(method, url, headers=headers) as response:

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #7d0982fd3810140d Filesystem access.
pkgs/python/[email protected]/src/daytona/common/image.py:438
        dockerfile = path.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

crewai-tools

python dependency
medium pii_flow dependency Excluded from app score #74e1313f87f198b5 A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/src/crewai_tools/adapters/zapier_adapter.py:45 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/src/crewai_tools/adapters/zapier_adapter.py:27 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/src/crewai_tools/adapters/zapier_adapter.py:45
        response = requests.request(
            "POST",
            execute_url,
            headers=headers,
            json=action_params,
            timeout=30,
        )

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

medium pii_flow dependency Excluded from app score #b63a49763569e217 A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/src/crewai_tools/adapters/zapier_adapter.py:71 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/src/crewai_tools/adapters/zapier_adapter.py:69 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/src/crewai_tools/adapters/zapier_adapter.py:71
        response = requests.request(
            "GET",
            ACTIONS_URL,
            headers=headers,
            timeout=30,
        )

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

medium pii_flow tooling reachable #828e60b9ca59d583 A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/src/crewai_tools/tools/brave_search_tool/brave_search_tool.py:133 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/src/crewai_tools/tools/brave_search_tool/brave_search_tool.py:129 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/src/crewai_tools/tools/brave_search_tool/brave_search_tool.py:133
            response = requests.get(
                self.search_url, headers=headers, params=payload, timeout=30
            )

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

medium pii_flow tooling reachable #ab4db0c475877784 A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/src/crewai_tools/tools/brightdata_tool/brightdata_serp.py:224 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/src/crewai_tools/tools/brightdata_tool/brightdata_serp.py:219 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/src/crewai_tools/tools/brightdata_tool/brightdata_serp.py:224
            response = requests.post(
                self.base_url, json=request_params, headers=headers, timeout=30
            )

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

medium pii_flow tooling reachable #13304bc2cf68d312 A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/src/crewai_tools/tools/brightdata_tool/brightdata_unlocker.py:141 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/src/crewai_tools/tools/brightdata_tool/brightdata_unlocker.py:135 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/src/crewai_tools/tools/brightdata_tool/brightdata_unlocker.py:141
            response = requests.post(
                self.base_url, json=payload, headers=headers, timeout=30
            )

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

medium pii_flow tooling reachable #2d7ffdbe3234180f A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/src/crewai_tools/tools/contextualai_parse_tool/contextual_parse_tool.py:80 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/src/crewai_tools/tools/contextualai_parse_tool/contextual_parse_tool.py:64 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/src/crewai_tools/tools/contextualai_parse_tool/contextual_parse_tool.py:80
                result = requests.post(
                    url, headers=headers, data=config, files=file, timeout=30
                )

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

medium pii_flow tooling reachable #ad433b30f36abb05 A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/src/crewai_tools/tools/contextualai_parse_tool/contextual_parse_tool.py:89 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/src/crewai_tools/tools/contextualai_parse_tool/contextual_parse_tool.py:64 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/src/crewai_tools/tools/contextualai_parse_tool/contextual_parse_tool.py:89
                result = requests.get(status_url, headers=headers, timeout=30)

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

medium pii_flow tooling reachable #7f7b107d880c62a2 A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/src/crewai_tools/tools/contextualai_parse_tool/contextual_parse_tool.py:100 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/src/crewai_tools/tools/contextualai_parse_tool/contextual_parse_tool.py:64 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/src/crewai_tools/tools/contextualai_parse_tool/contextual_parse_tool.py:100
            result = requests.get(
                results_url,
                headers=headers,
                params={"output_types": ",".join(output_types)},
                timeout=30,
            )

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

medium pii_flow tooling reachable #2881f5bb958089b4 A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/src/crewai_tools/tools/contextualai_query_tool/contextual_query_tool.py:49 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/src/crewai_tools/tools/contextualai_query_tool/contextual_query_tool.py:48 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/src/crewai_tools/tools/contextualai_query_tool/contextual_query_tool.py:49
        response = requests.get(url, headers=headers, timeout=30)

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

medium pii_flow tooling reachable #ddc3d82ef3d8358c A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/src/crewai_tools/tools/contextualai_rerank_tool/contextual_rerank_tool.py:69 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/src/crewai_tools/tools/contextualai_rerank_tool/contextual_rerank_tool.py:53 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/src/crewai_tools/tools/contextualai_rerank_tool/contextual_rerank_tool.py:69
            result = requests.post(
                rerank_url, json=payload, headers=headers, timeout=30
            )

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

medium pii_flow tooling reachable #a166054b5cbd3cb9 A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/src/crewai_tools/tools/parallel_tools/parallel_search_tool.py:104 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/src/crewai_tools/tools/parallel_tools/parallel_search_tool.py:78 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/src/crewai_tools/tools/parallel_tools/parallel_search_tool.py:104
            resp = requests.post(
                self.search_url, json=payload, headers=headers, timeout=request_timeout
            )

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

medium pii_flow tooling reachable #4d95636bd16e7b1b A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/src/crewai_tools/tools/patronus_eval_tool/patronus_eval_tool.py:39 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/src/crewai_tools/tools/patronus_eval_tool/patronus_eval_tool.py:43 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/src/crewai_tools/tools/patronus_eval_tool/patronus_eval_tool.py:39
            requests.get(
                "https://api.patronus.ai/v1/evaluators",
                headers={
                    "accept": "application/json",
                    "X-API-KEY": os.environ["PATRONUS_API_KEY"],
                },
                timeout=30,
            ).text

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

medium pii_flow tooling reachable #bcad3e13116490a9 A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/src/crewai_tools/tools/patronus_eval_tool/patronus_eval_tool.py:62 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/src/crewai_tools/tools/patronus_eval_tool/patronus_eval_tool.py:66 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/src/crewai_tools/tools/patronus_eval_tool/patronus_eval_tool.py:62
            requests.get(
                "https://api.patronus.ai/v1/evaluator-criteria",
                headers={
                    "accept": "application/json",
                    "X-API-KEY": os.environ["PATRONUS_API_KEY"],
                },
                timeout=30,
            ).text

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

medium pii_flow tooling reachable #dddb223923103f2e A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/src/crewai_tools/tools/serper_dev_tool/serper_dev_tool.py:257 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/src/crewai_tools/tools/serper_dev_tool/serper_dev_tool.py:251 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/src/crewai_tools/tools/serper_dev_tool/serper_dev_tool.py:257
            response = requests.post(
                search_url, headers=headers, json=payload, timeout=10
            )

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

medium pii_flow tooling reachable #28d4b51a741bc9e0 A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/src/crewai_tools/tools/serper_scrape_website_tool/serper_scrape_website_tool.py:59 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/src/crewai_tools/tools/serper_scrape_website_tool/serper_scrape_website_tool.py:52 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/src/crewai_tools/tools/serper_scrape_website_tool/serper_scrape_website_tool.py:59
            response = requests.post(
                api_url,
                headers=headers,
                data=payload,
                timeout=30,
            )

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

expand_more 156 low-confidence finding(s)
low env_fs dependency Excluded from app score #1918ccafadc6d663 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/adapters/enterprise_adapter.py:14
    base_url = os.getenv("CREWAI_PLUS_URL", "https://app.crewai.com")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #34a67e93991253d2 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_tools/adapters/enterprise_adapter.py:299
            response = requests.get(actions_url, headers=headers, timeout=30)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #c43acb74687d77aa Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/adapters/enterprise_adapter.py:419
        token = enterprise_action_token or os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #34022d0ef1899952 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/adapters/enterprise_adapter.py:419
        token = enterprise_action_token or os.environ.get(
            "CREWAI_ENTERPRISE_TOOLS_TOKEN"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #7832a9d0cff404e9 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_tools/adapters/zapier_adapter.py:45
        response = requests.request(
            "POST",
            execute_url,
            headers=headers,
            json=action_params,
            timeout=30,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #ccdd89d87c6fb948 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/adapters/zapier_adapter.py:62
        self.api_key = api_key or os.getenv("ZAPIER_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #0a06488c1ca25a7c Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_tools/adapters/zapier_adapter.py:71
        response = requests.request(
            "GET",
            ACTIONS_URL,
            headers=headers,
            timeout=30,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #cd039d50ecc7087a Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/aws/bedrock/agents/invoke_agent_tool.py:60
        self.agent_id = agent_id or os.getenv("BEDROCK_AGENT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #aa07a70b548dc612 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/aws/bedrock/agents/invoke_agent_tool.py:61
        self.agent_alias_id = agent_alias_id or os.getenv("BEDROCK_AGENT_ALIAS_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fce9b07a403d43a7 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/aws/bedrock/agents/invoke_agent_tool.py:105
                region_name=os.getenv(
                    "AWS_REGION", os.getenv("AWS_DEFAULT_REGION", "us-west-2")
                ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8c611925c6cf95cb Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/aws/bedrock/agents/invoke_agent_tool.py:106
                    "AWS_REGION", os.getenv("AWS_DEFAULT_REGION", "us-west-2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2a9a4168077abb48 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/aws/bedrock/knowledge_base/retriever_tool.py:60
        self.knowledge_base_id = knowledge_base_id or os.getenv("BEDROCK_KB_ID")  # type: ignore[assignment]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2183a125a6c710c9 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/aws/bedrock/knowledge_base/retriever_tool.py:196
                region_name=os.getenv(
                    "AWS_REGION", os.getenv("AWS_DEFAULT_REGION", "us-east-1")
                ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f1622443e5519374 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/aws/bedrock/knowledge_base/retriever_tool.py:197
                    "AWS_REGION", os.getenv("AWS_DEFAULT_REGION", "us-east-1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #116bf82549eb47f5 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/aws/s3/reader_tool.py:35
                region_name=os.getenv("CREW_AWS_REGION", "us-east-1"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d76eae7e94f2c0c2 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/aws/s3/reader_tool.py:36
                aws_access_key_id=os.getenv("CREW_AWS_ACCESS_KEY_ID"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a0378feb5beefe35 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/aws/s3/reader_tool.py:37
                aws_secret_access_key=os.getenv("CREW_AWS_SEC_ACCESS_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2cde5b14f4fe4116 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/aws/s3/writer_tool.py:36
                region_name=os.getenv("CREW_AWS_REGION", "us-east-1"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7752b6e87ea2b0b7 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/aws/s3/writer_tool.py:37
                aws_access_key_id=os.getenv("CREW_AWS_ACCESS_KEY_ID"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3bfa8b37e8895474 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/aws/s3/writer_tool.py:38
                aws_secret_access_key=os.getenv("CREW_AWS_SEC_ACCESS_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a59477144b7a2605 Filesystem access.
pkgs/python/[email protected]/src/crewai_tools/generate_tool_specs.py:190
        with open(output_path, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f42e0524fb7ad0c9 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/rag/embedding_service.py:108
            return os.getenv(env_key)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #712b04a806b9023d Filesystem access.
pkgs/python/[email protected]/src/crewai_tools/rag/loaders/csv_loader.py:29
        with open(path, encoding="utf-8") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #761f3ac8daa075dc Filesystem access.
pkgs/python/[email protected]/src/crewai_tools/rag/loaders/json_loader.py:28
        with open(path, encoding="utf-8") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5d2de91f7269e3d7 Filesystem access.
pkgs/python/[email protected]/src/crewai_tools/rag/loaders/mdx_loader.py:36
        with open(path, encoding="utf-8") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4d636987dd22ae55 Filesystem access.
pkgs/python/[email protected]/src/crewai_tools/rag/loaders/text_loader.py:15
        with open(source_content.source, encoding="utf-8") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e2405ef948a2051e Filesystem access.
pkgs/python/[email protected]/src/crewai_tools/rag/loaders/xml_loader.py:37
        with open(path, encoding="utf-8") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d64568991c839141 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/security/safe_path.py:52
    return os.environ.get(_UNSAFE_PATHS_ENV, "").lower() in ("true", "1", "yes")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #86598474cf6df967 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_tools/security/safe_requests.py:60
        response = requests.get(current_url, timeout=timeout, **request_kwargs)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling reachable #243c7678ba18d23c Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/ai_mind_tool/ai_mind_tool.py:47
        self.api_key = api_key or os.getenv("MINDS_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #9a9d2d9452dbfd6a Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/apify_actors_tool/apify_actors_tool.py:58
        if not os.environ.get("APIFY_API_TOKEN"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling reachable #97fe0fad2ef41843 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_tools/tools/arxiv_paper_tool/arxiv_paper_tool.py:85
            with urllib.request.urlopen(  # noqa: S310
                api_url, timeout=self.REQUEST_TIMEOUT
            ) as response:

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling reachable #b2e143f3849d0bb2 Filesystem access.
pkgs/python/[email protected]/src/crewai_tools/tools/brave_search_tool/base.py:26
    with open(filename, "w") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #57707dfba7b1d7bc Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/brave_search_tool/base.py:126
        self._api_key = api_key or os.environ.get("BRAVE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling reachable #c457f8cba4199b0b Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_tools/tools/brave_search_tool/base.py:190
                resp = requests.get(
                    self.search_url,
                    headers=self._headers,
                    params=params,
                    timeout=self._timeout,
                )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling reachable #79fa75bd923cedbe Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/brave_search_tool/brave_search_tool.py:55
        if "BRAVE_API_KEY" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #78c7b87eb71db987 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/brave_search_tool/brave_search_tool.py:129
                "X-Subscription-Token": os.environ["BRAVE_API_KEY"],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling reachable #f13817ad10606b71 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_tools/tools/brave_search_tool/brave_search_tool.py:133
            response = requests.get(
                self.search_url, headers=headers, params=payload, timeout=30
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling reachable #2186ac2f994cec5f Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/brightdata_tool/brightdata_dataset.py:20
            API_URL=os.environ.get("BRIGHTDATA_API_URL", "https://api.brightdata.com"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #d8d980c7c5d4abf1 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/brightdata_tool/brightdata_dataset.py:21
            DEFAULT_TIMEOUT=int(os.environ.get("BRIGHTDATA_DEFAULT_TIMEOUT", "600")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #7e04fd4724269b0b Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/brightdata_tool/brightdata_dataset.py:23
                os.environ.get("BRIGHTDATA_DEFAULT_POLLING_INTERVAL", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #0051c376cfe42a4b Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/brightdata_tool/brightdata_dataset.py:481
        api_key = os.getenv("BRIGHT_DATA_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling reachable #feea41ec381896de Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_tools/tools/brightdata_tool/brightdata_dataset.py:499
            async with session.post(
                f"{BRIGHTDATA_API_URL}/datasets/v3/trigger",
                params={"dataset_id": dataset_id, "include_errors": "true"},
                json=[request_data],
                headers=headers,
            ) as trigger_response:

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress tooling reachable #cd8c2229afbb7cff Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_tools/tools/brightdata_tool/brightdata_dataset.py:518
                async with session.get(
                    f"{BRIGHTDATA_API_URL}/datasets/v3/progress/{snapshot_id}",
                    headers=headers,
                ) as status_response:

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress tooling reachable #1752fef8b9e0a3fe Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_tools/tools/brightdata_tool/brightdata_dataset.py:537
            async with session.get(
                f"{BRIGHTDATA_API_URL}/datasets/v3/snapshot/{snapshot_id}",
                params={"format": output_format},
                headers=headers,
            ) as snapshot_response:

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling reachable #8ddff62907640ec7 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/brightdata_tool/brightdata_dataset.py:578
        api_key = os.getenv("BRIGHT_DATA_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #333c645a2daa3190 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/brightdata_tool/brightdata_serp.py:18
            API_URL=os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #60d16eba773134ed Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/brightdata_tool/brightdata_serp.py:18
            API_URL=os.environ.get(
                "BRIGHTDATA_API_URL", "https://api.brightdata.com/request"
            )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #acad9696f3e03081 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/brightdata_tool/brightdata_serp.py:125
        self.api_key = os.getenv("BRIGHT_DATA_API_KEY") or ""

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #3cf150f74974e85d Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/brightdata_tool/brightdata_serp.py:126
        self.zone = os.getenv("BRIGHT_DATA_ZONE") or ""

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling reachable #cc85af0f1a2a5bfe Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_tools/tools/brightdata_tool/brightdata_serp.py:224
            response = requests.post(
                self.base_url, json=request_params, headers=headers, timeout=30
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling reachable #4442be3f99b611a0 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/brightdata_tool/brightdata_unlocker.py:19
            API_URL=os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #8cd287269e27ec5a Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/brightdata_tool/brightdata_unlocker.py:19
            API_URL=os.environ.get(
                "BRIGHTDATA_API_URL", "https://api.brightdata.com/request"
            )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #014743eab7285ce2 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/brightdata_tool/brightdata_unlocker.py:99
        self.api_key = os.getenv("BRIGHT_DATA_API_KEY") or ""

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #ef982ee0c67cb9b7 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/brightdata_tool/brightdata_unlocker.py:100
        self.zone = os.getenv("BRIGHT_DATA_ZONE") or ""

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling reachable #d0f776980ab09367 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_tools/tools/brightdata_tool/brightdata_unlocker.py:141
            response = requests.post(
                self.base_url, json=payload, headers=headers, timeout=30
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling reachable #b0fd3bd21685e8dc Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/browserbase_load_tool/browserbase_load_tool.py:16
    api_key: str | None = os.getenv("BROWSERBASE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #81fc96c00f87c2c1 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/browserbase_load_tool/browserbase_load_tool.py:17
    project_id: str | None = os.getenv("BROWSERBASE_PROJECT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #9961f225c8cfe1b2 Filesystem access.
pkgs/python/[email protected]/src/crewai_tools/tools/contextualai_create_agent_tool/contextual_create_agent_tool.py:65
                with open(doc_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #8bd88f2ee9a62a30 Filesystem access.
pkgs/python/[email protected]/src/crewai_tools/tools/contextualai_parse_tool/contextual_parse_tool.py:78
            with open(file_path, "rb") as fp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling reachable #3040aff59f5b43e7 Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_tools/tools/contextualai_parse_tool/contextual_parse_tool.py:80
                result = requests.post(
                    url, headers=headers, data=config, files=file, timeout=30
                )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress tooling reachable #39229efd45faa637 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_tools/tools/contextualai_parse_tool/contextual_parse_tool.py:89
                result = requests.get(status_url, headers=headers, timeout=30)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress tooling reachable #05170a2dc851b119 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_tools/tools/contextualai_parse_tool/contextual_parse_tool.py:100
            result = requests.get(
                results_url,
                headers=headers,
                params={"output_types": ",".join(output_types)},
                timeout=30,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress tooling reachable #9b5602999073d5d4 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_tools/tools/contextualai_query_tool/contextual_query_tool.py:49
        response = requests.get(url, headers=headers, timeout=30)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress tooling reachable #e1efcdd13d15befd Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_tools/tools/contextualai_rerank_tool/contextual_rerank_tool.py:69
            result = requests.post(
                rerank_url, json=payload, headers=headers, timeout=30
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling reachable #63f7f4393a2664d1 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/crewai_platform_tools/crewai_platform_action_tool.py:75
                verify=os.environ.get("CREWAI_FACTORY", "false").lower() != "true",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling reachable #c110a479d95ff576 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_tools/tools/crewai_platform_tools/crewai_platform_tool_builder.py:47
            response = requests.get(
                actions_url,
                headers=headers,
                timeout=30,
                params={"apps": ",".join(self._apps)},
                verify=os.environ.get("CREWAI_FACTORY", "false").lower() != "true",
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling reachable #f81ddbd2affb718c Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/crewai_platform_tools/crewai_platform_tool_builder.py:52
                verify=os.environ.get("CREWAI_FACTORY", "false").lower() != "true",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #dac57374c0fa7abc Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/crewai_platform_tools/misc.py:6
    base_url = os.getenv("CREWAI_PLUS_URL", "https://app.crewai.com")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #3543576aaadbef7f Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/crewai_platform_tools/misc.py:12
    token = os.getenv("CREWAI_PLATFORM_INTEGRATION_TOKEN") or ""

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #e42f01daac40b387 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/databricks_query_tool/databricks_query_tool.py:145
        has_profile = "DATABRICKS_CONFIG_PROFILE" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #fcf53c687e67028f Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/databricks_query_tool/databricks_query_tool.py:147
            "DATABRICKS_HOST" in os.environ and "DATABRICKS_TOKEN" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #f5557aad4b509a8a Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/daytona_sandbox_tool/daytona_base_tool.py:35
        default_factory=lambda: os.getenv("DAYTONA_API_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #67e6651cf219fb78 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/daytona_sandbox_tool/daytona_base_tool.py:40
        default_factory=lambda: os.getenv("DAYTONA_API_URL"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #0876e392daa1127d Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/daytona_sandbox_tool/daytona_base_tool.py:45
        default_factory=lambda: os.getenv("DAYTONA_TARGET"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling reachable #8e4934baf817a9a8 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_tools/tools/daytona_sandbox_tool/daytona_base_tool.py:152
            return client.get(self.sandbox_id), False

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling reachable #c1a4b75aa3297139 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/e2b_sandbox_tool/e2b_base_tool.py:36
            SecretStr(val) if (val := os.getenv("E2B_API_KEY")) else None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #59ac8ec860630527 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/e2b_sandbox_tool/e2b_base_tool.py:43
        default_factory=lambda: os.getenv("E2B_DOMAIN"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #b0baeba1c97ed7f3 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/exa_tools/exa_search_tool.py:58
        default_factory=lambda: os.getenv("EXA_API_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #f846971c147f41e3 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/exa_tools/exa_search_tool.py:63
        default_factory=lambda: os.getenv("EXA_BASE_URL"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #506c136ccacba27b Filesystem access.
pkgs/python/[email protected]/src/crewai_tools/tools/file_read_tool/file_read_tool.py:93
            with open(file_path, "r") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #5d6b0c2541892c4c Filesystem access.
pkgs/python/[email protected]/src/crewai_tools/tools/file_writer_tool/file_writer_tool.py:70
            with open(real_filepath, mode) as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #b41c7e5d1edfcb3f Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/generate_crewai_automation_tool/generate_crewai_automation_tool.py:28
        default_factory=lambda: os.getenv("CREWAI_PLUS_URL", "https://app.crewai.com"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #e8ba94520393e667 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/generate_crewai_automation_tool/generate_crewai_automation_tool.py:32
        default_factory=lambda: os.getenv("CREWAI_PERSONAL_ACCESS_TOKEN"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling reachable #2f07d723acc9c497 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_tools/tools/generate_crewai_automation_tool/generate_crewai_automation_tool.py:52
        response = requests.post(  # noqa: S113
            f"{self.crewai_enterprise_url}/crewai_plus/api/v1/studio",
            headers=self._get_headers(input_data.organization_id),
            json={"prompt": input_data.prompt},
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling reachable #a801af60f80f7613 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/hyperbrowser_load_tool/hyperbrowser_load_tool.py:49
        self.api_key = api_key or os.getenv("HYPERBROWSER_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling reachable #864ac66d5dd44b81 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_tools/tools/invoke_crewai_automation_tool/invoke_crewai_automation_tool.py:123
        response = requests.post(
            f"{self.crew_api_url}/kickoff",
            headers={
                "Authorization": f"Bearer {self.crew_bearer_token}",
                "Content-Type": "application/json",
            },
            json={"inputs": inputs},
            timeout=30,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress tooling reachable #d86ab68e46f83dbb Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_tools/tools/invoke_crewai_automation_tool/invoke_crewai_automation_tool.py:144
        response = requests.get(
            f"{self.crew_api_url}/status/{crew_id}",
            headers={
                "Authorization": f"Bearer {self.crew_bearer_token}",
                "Content-Type": "application/json",
            },
            timeout=30,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress tooling reachable #9a45506eb069faa1 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_tools/tools/jina_scrape_website_tool/jina_scrape_website_tool.py:51
        response = requests.get(
            f"https://r.jina.ai/{url}", headers=self.headers, timeout=15
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling reachable #a9cc7d4a0ae10701 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/linkup/linkup_search_tool.py:54
        self._client = LinkupClient(api_key=api_key or os.getenv("LINKUP_API_KEY"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #677bdb539f666425 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/merge_agent_handler_tool/merge_agent_handler_tool.py:65
        api_key = os.environ.get("AGENT_HANDLER_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling reachable #e26cc4e7f3c35f99 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_tools/tools/merge_agent_handler_tool/merge_agent_handler_tool.py:97
            response = requests.post(url, json=payload, headers=headers, timeout=60)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling reachable #101f1db0bc22306c Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/mongodb_vector_search_tool/vector_search.py:124
        if "AZURE_OPENAI_ENDPOINT" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #e415d2c6ad99debd Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/mongodb_vector_search_tool/vector_search.py:126
        elif "OPENAI_API_KEY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #e3b5edd9f4368bfd Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/multion_tool/example.py:7
os.environ["OPENAI_API_KEY"] = "Your Key"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #93286a66a1d9d05f Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/multion_tool/multion_tool.py:52
        self.multion = MultiOn(api_key=api_key or os.getenv("MULTION_API_KEY"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #370328fefa15c118 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/nl2sql/nl2sql_tool.py:256
        if os.environ.get("CREWAI_NL2SQL_ALLOW_DML", "").strip().lower() == "true":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #f35cdd9ff79973d8 Filesystem access.
pkgs/python/[email protected]/src/crewai_tools/tools/ocr_tool/ocr_tool.py:104
        with open(image_path, "rb") as image_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #7bf3983fe6eaf073 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/oxylabs_amazon_product_scraper_tool/oxylabs_amazon_product_scraper_tool.py:146
        username = os.environ.get("OXYLABS_USERNAME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #5904099a08f00689 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/oxylabs_amazon_product_scraper_tool/oxylabs_amazon_product_scraper_tool.py:147
        password = os.environ.get("OXYLABS_PASSWORD")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #2ebd95256c9c3ef9 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/oxylabs_amazon_search_scraper_tool/oxylabs_amazon_search_scraper_tool.py:148
        username = os.environ.get("OXYLABS_USERNAME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #fe53805bfb943dce Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/oxylabs_amazon_search_scraper_tool/oxylabs_amazon_search_scraper_tool.py:149
        password = os.environ.get("OXYLABS_PASSWORD")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #645257732f6541ce Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/oxylabs_google_search_scraper_tool/oxylabs_google_search_scraper_tool.py:151
        username = os.environ.get("OXYLABS_USERNAME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #2df34c63c697728c Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/oxylabs_google_search_scraper_tool/oxylabs_google_search_scraper_tool.py:152
        password = os.environ.get("OXYLABS_PASSWORD")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #1d89228725502bdf Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/oxylabs_universal_scraper_tool/oxylabs_universal_scraper_tool.py:142
        username = os.environ.get("OXYLABS_USERNAME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #cd9b8def7e1a59e3 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/oxylabs_universal_scraper_tool/oxylabs_universal_scraper_tool.py:143
        password = os.environ.get("OXYLABS_PASSWORD")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #c11a1e8c20d9744e Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/parallel_tools/parallel_search_tool.py:78
        api_key = os.environ.get("PARALLEL_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling reachable #06b7654df3c31896 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_tools/tools/parallel_tools/parallel_search_tool.py:104
            resp = requests.post(
                self.search_url, json=payload, headers=headers, timeout=request_timeout
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress tooling reachable #c916a5e1e11c2dc2 Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_tools/tools/patronus_eval_tool/patronus_eval_tool.py:39
            requests.get(
                "https://api.patronus.ai/v1/evaluators",
                headers={
                    "accept": "application/json",
                    "X-API-KEY": os.environ["PATRONUS_API_KEY"],
                },
                timeout=30,
            ).text

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling reachable #7ed6374a8e623009 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/patronus_eval_tool/patronus_eval_tool.py:43
                    "X-API-KEY": os.environ["PATRONUS_API_KEY"],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling reachable #b4895159714a8b27 Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_tools/tools/patronus_eval_tool/patronus_eval_tool.py:62
            requests.get(
                "https://api.patronus.ai/v1/evaluator-criteria",
                headers={
                    "accept": "application/json",
                    "X-API-KEY": os.environ["PATRONUS_API_KEY"],
                },
                timeout=30,
            ).text

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling reachable #975485cfebdb5814 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/patronus_eval_tool/patronus_eval_tool.py:66
                    "X-API-KEY": os.environ["PATRONUS_API_KEY"],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #a83e7e5192420704 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/patronus_eval_tool/patronus_eval_tool.py:138
        api_key = os.getenv("PATRONUS_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling reachable #dec9da9354bb7acc Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_tools/tools/patronus_eval_tool/patronus_eval_tool.py:145
        response = requests.post(
            self.evaluate_url,
            headers=headers,
            data=json.dumps(data),
            timeout=30,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling reachable #84549fe29328c9de Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/patronus_eval_tool/patronus_predefined_criteria_eval_tool.py:60
        api_key = os.getenv("PATRONUS_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling reachable #4ab6b8fd83ac797c Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_tools/tools/patronus_eval_tool/patronus_predefined_criteria_eval_tool.py:95
        response = requests.post(
            self.evaluate_url,
            headers=headers,
            data=json.dumps(data),
            timeout=30,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling reachable #4abb7348dc4a447e Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/qdrant_vector_search_tool/qdrant_search_tool.py:113
                    .Client(api_key=os.getenv("OPENAI_API_KEY"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #f0c68a3d084e4fe3 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/scrape_element_from_website/scrape_element_from_website.py:68
                self.cookies = {cookies["name"]: os.getenv(cookies["value"]) or ""}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #5c7c6d47417cb663 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/scrape_website_tool/scrape_website_tool.py:67
                self.cookies = {cookies["name"]: os.getenv(cookies["value"]) or ""}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #e080742722277512 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/scrapegraph_scrape_tool/scrapegraph_scrape_tool.py:113
        self.api_key = api_key or os.getenv("SCRAPEGRAPH_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #f0d211b8093bf302 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/scrapfly_scrape_website_tool/scrapfly_scrape_website_tool.py:66
        self.scrapfly = ScrapflyClient(key=api_key or os.getenv("SCRAPFLY_API_KEY"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #80dd4326eb8ce9db Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/serpapi_tool/serpapi_base_tool.py:44
        api_key = os.getenv("SERPAPI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #5a908e27bd453ca5 Filesystem access.
pkgs/python/[email protected]/src/crewai_tools/tools/serper_dev_tool/serper_dev_tool.py:94
        with open(filename, "w") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #8bb33451a911c5b7 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/serper_dev_tool/serper_dev_tool.py:251
            "X-API-KEY": os.environ["SERPER_API_KEY"],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling reachable #38f23ae730c9d720 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_tools/tools/serper_dev_tool/serper_dev_tool.py:257
            response = requests.post(
                search_url, headers=headers, json=payload, timeout=10
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling reachable #e4276774d9c11715 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/serper_scrape_website_tool/serper_scrape_website_tool.py:52
            api_key = os.getenv("SERPER_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling reachable #e0c63e6b9e1f8545 Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_tools/tools/serper_scrape_website_tool/serper_scrape_website_tool.py:59
            response = requests.post(
                api_url,
                headers=headers,
                data=payload,
                timeout=30,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling reachable #a56ddd749a3428fa Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/serply_api_tool/serply_job_search_tool.py:47
            "X-API-KEY": os.environ["SERPLY_API_KEY"],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling reachable #0179d183af74c633 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_tools/tools/serply_api_tool/serply_job_search_tool.py:66
        response = requests.request("GET", url, headers=self.headers, timeout=30)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling reachable #faa7c9b0898b7a28 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/serply_api_tool/serply_news_search_tool.py:47
            "X-API-KEY": os.environ["SERPLY_API_KEY"],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling reachable #f9655abb2e8aee62 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_tools/tools/serply_api_tool/serply_news_search_tool.py:65
        response = requests.request(
            "GET",
            url,
            headers=self.headers,
            timeout=30,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress tooling reachable #e0cda58ad4cf02bd Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_tools/tools/serply_api_tool/serply_news_search_tool.py:78
                    r = requests.get(
                        result["link"],
                        timeout=30,
                    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling reachable #43679f8a7cfd64bf Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/serply_api_tool/serply_scholar_search_tool.py:51
            "X-API-KEY": os.environ["SERPLY_API_KEY"],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling reachable #712ebf074b53b9d3 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_tools/tools/serply_api_tool/serply_scholar_search_tool.py:69
        response = requests.request(
            "GET",
            url,
            headers=self.headers,
            timeout=30,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling reachable #a985e3444e74436b Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/serply_api_tool/serply_web_search_tool.py:67
            "X-API-KEY": os.environ["SERPLY_API_KEY"],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling reachable #249b1b42e5dc9a1c Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_tools/tools/serply_api_tool/serply_web_search_tool.py:84
        response = requests.request(
            "GET",
            url,
            headers=self.headers,
            timeout=30,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling reachable #ca6f717f752c50f3 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/serply_api_tool/serply_webpage_to_markdown_tool.py:31
            "X-API-KEY": os.environ["SERPLY_API_KEY"],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling reachable #13b3e663d49bd707 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_tools/tools/serply_api_tool/serply_webpage_to_markdown_tool.py:54
        response = requests.request(
            "POST",
            self.request_url,
            headers=self.headers,
            json=data,
            timeout=30,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling reachable #eb13fc232d200596 Filesystem access.
pkgs/python/[email protected]/src/crewai_tools/tools/snowflake_search_tool/snowflake_search_tool.py:188
            with open(self.config.private_key_path, "rb") as key_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #c875c9a2d493a731 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/stagehand_tool/example.py:34
browserbase_api_key = os.environ.get("BROWSERBASE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #a2431c5d6a20d4a4 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/stagehand_tool/example.py:35
browserbase_project_id = os.environ.get("BROWSERBASE_PROJECT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #59dd2469865f3d86 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/stagehand_tool/example.py:36
model_api_key = os.environ.get("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #11c4d9588a99d124 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/stagehand_tool/stagehand_tool.py:208
        self.api_key = api_key or os.getenv("BROWSERBASE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #63ba9c9661d03576 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/stagehand_tool/stagehand_tool.py:209
        self.project_id = project_id or os.getenv("BROWSERBASE_PROJECT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #4621ad920730eef9 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/stagehand_tool/stagehand_tool.py:263
            return self.model_api_key or os.getenv("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #3275c339bb5982b3 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/stagehand_tool/stagehand_tool.py:265
            return self.model_api_key or os.getenv("ANTHROPIC_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #53053db88cc0ee2f Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/stagehand_tool/stagehand_tool.py:267
            return self.model_api_key or os.getenv("GOOGLE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #7c946989cb898a1b Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/stagehand_tool/stagehand_tool.py:271
            or os.getenv("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #188ff1aa3b7f2b70 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/stagehand_tool/stagehand_tool.py:272
            or os.getenv("ANTHROPIC_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #7ee8b56f74a60dbf Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/tavily_extractor_tool/tavily_extractor_tool.py:62
        default_factory=lambda: os.getenv("TAVILY_API_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #681420715535443f Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/tavily_get_research_tool/tavily_get_research_tool.py:56
            api_key = os.getenv("TAVILY_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #7307e237bf8b707d Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/tavily_research_tool/tavily_research_tool.py:92
            api_key = os.getenv("TAVILY_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #2ab227331afbe7a7 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/tavily_search_tool/tavily_search_tool.py:61
        default_factory=lambda: os.getenv("TAVILY_API_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #9bdcf1739411c5cb Filesystem access.
pkgs/python/[email protected]/src/crewai_tools/tools/vision_tool/vision_tool.py:140
        with open(image_path, "rb") as image_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #a0e4cfa64adc8148 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/weaviate_tool/vector_search.py:89
            openai_api_key = os.environ.get("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #9326662d8966d346 Environment-variable access.
pkgs/python/[email protected]/src/crewai_tools/tools/zapier_action_tool/zapier_action_tool.py:23
        zapier_api_key = os.getenv("ZAPIER_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

crewai

python dependency
medium telemetry dependency Excluded from app score #8bbec2107e0b39c1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/crewai/crew.py:21
from opentelemetry import baggage

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b47769da6deedb12 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/crewai/crew.py:22
from opentelemetry.context import attach, detach

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9a432703e49cf5bb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/crewai/crew.py:42
    from opentelemetry.trace import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #115347db99382a16 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/crewai/crews/utils.py:9
from opentelemetry import baggage

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #af57912e8b0fdc28 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/crewai/flow/runtime/__init__.py:35
from opentelemetry import baggage

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #063bdcedef4fd2f2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/crewai/flow/runtime/__init__.py:36
from opentelemetry.context import attach, detach

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e2c792d3e78ce716 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/crewai/telemetry/telemetry.py:23
from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cbdfc9c2e84e7b81 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/crewai/telemetry/telemetry.py:24
from opentelemetry.exporter.otlp.proto.http.trace_exporter import (
    OTLPSpanExporter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9e73aa8db39003c7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/crewai/telemetry/telemetry.py:27
from opentelemetry.sdk.resources import SERVICE_NAME, Resource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #65bed859d907b98f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/crewai/telemetry/telemetry.py:28
from opentelemetry.sdk.trace import TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #33450489a0518b1c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/crewai/telemetry/telemetry.py:29
from opentelemetry.sdk.trace.export import (
    BatchSpanProcessor,
    SpanExportResult,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #291922978075cb2c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/crewai/telemetry/telemetry.py:33
from opentelemetry.trace import ProxyTracerProvider, Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9b8d44d7c58d5906 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/crewai/telemetry/utils.py:11
from opentelemetry.trace import Span, Status, StatusCode

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d429f4a75ce1777d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/crewai/utilities/crew/crew_context.py:5
from opentelemetry import baggage

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

expand_more 120 low-confidence finding(s)
low env_fs dependency Excluded from app score #ebbdb680d4fad0ff Filesystem access.
pkgs/python/[email protected]/src/crewai/a2a/auth/client_schemes.py:112
            root_certs = Path(self.ca_cert_path).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6b6926801dddb5b1 Filesystem access.
pkgs/python/[email protected]/src/crewai/a2a/auth/client_schemes.py:115
            private_key = Path(self.client_key_path).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #34707365da95e3a6 Filesystem access.
pkgs/python/[email protected]/src/crewai/a2a/auth/client_schemes.py:116
            certificate_chain = Path(self.client_cert_path).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #b7d6fb74de3e5387 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai/a2a/auth/client_schemes.py:393
        response = await client.post(self.token_url, data=data)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #bcac821ee7ac09b5 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai/a2a/auth/client_schemes.py:511
        response = await client.post(self.token_url, data=data)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #7dd8bf6053f76b94 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai/a2a/auth/client_schemes.py:541
        response = await client.post(self.token_url, data=data)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #6f649dc68d9988c0 Environment-variable access.
pkgs/python/[email protected]/src/crewai/a2a/auth/server_schemes.py:151
        return os.environ.get("AUTH_TOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #b81326e70ab5c5d9 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai/a2a/auth/server_schemes.py:589
                response = await client.post(
                    str(self.introspection_url),
                    data={"token": token},
                    auth=(
                        self.introspection_client_id or "",
                        self.introspection_client_secret.get_secret_value()
                        if self.introspection_client_secret
                        else "",
                    ),
                )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #5edd956c151db6c0 Filesystem access.
pkgs/python/[email protected]/src/crewai/a2a/config.py:130
            return Path(self.private_key_path).read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #a0f0590bd393fff8 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai/a2a/utils/agent_card.py:268
            return await temp_client.get(agent_card_url)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #4e813d6b9944f49d Environment-variable access.
pkgs/python/[email protected]/src/crewai/a2a/utils/task.py:102
_redis_url = os.environ.get("REDIS_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f39fa82ed7d005b4 Environment-variable access.
pkgs/python/[email protected]/src/crewai/agent/core.py:1229
            else os.getenv(CREWAI_TRAINED_AGENTS_FILE_ENV, TRAINED_AGENTS_DATA_FILE)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #29e042df82bba595 Environment-variable access.
pkgs/python/[email protected]/src/crewai/context.py:47
        token = os.getenv("CREWAI_PLATFORM_INTEGRATION_TOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a5e9dc20370be99b Environment-variable access.
pkgs/python/[email protected]/src/crewai/events/listeners/tracing/trace_listener.py:194
            "user_id": os.getenv("CREWAI_USER_ID", "anonymous"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #21a3dc47137a3c71 Environment-variable access.
pkgs/python/[email protected]/src/crewai/events/listeners/tracing/trace_listener.py:195
            "organization_id": os.getenv("CREWAI_ORG_ID", ""),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #feb158e5c0b6f6e0 Environment-variable access.
pkgs/python/[email protected]/src/crewai/events/listeners/tracing/utils.py:128
    env_value = os.getenv("CREWAI_TRACING_ENABLED", "").lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #386b87c886c69971 Environment-variable access.
pkgs/python/[email protected]/src/crewai/events/listeners/tracing/utils.py:188
    return os.environ.get("CREWAI_TESTING", "").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a5d100a9436dce4c Filesystem access.
pkgs/python/[email protected]/src/crewai/events/listeners/tracing/utils.py:297
                content = path.read_text().strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5390bc87135cc097 Environment-variable access.
pkgs/python/[email protected]/src/crewai/events/listeners/tracing/utils.py:341
            container_id = os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9f46fbf31d60e58a Environment-variable access.
pkgs/python/[email protected]/src/crewai/events/listeners/tracing/utils.py:341
            container_id = os.environ.get(
                "HOSTNAME", os.environ.get("CONTAINER_ID", "")
            )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #25239e4277db7275 Environment-variable access.
pkgs/python/[email protected]/src/crewai/events/listeners/tracing/utils.py:342
                "HOSTNAME", os.environ.get("CONTAINER_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8a18028df8d0f648 Filesystem access.
pkgs/python/[email protected]/src/crewai/events/listeners/tracing/utils.py:380
        p.write_text(json.dumps(data, indent=2))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #feb03cb4e5b880cc Filesystem access.
pkgs/python/[email protected]/src/crewai/events/listeners/tracing/utils.py:412
        p.write_text(json.dumps(data, indent=2))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #07cc0d468fc4ad16 Environment-variable access.
pkgs/python/[email protected]/src/crewai/events/utils/console_formatter.py:70
        if os.getenv("CI", "").lower() in ("true", "1"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #240480c20e29f184 Environment-variable access.
pkgs/python/[email protected]/src/crewai/events/utils/console_formatter.py:73
        if os.getenv("CREWAI_DISABLE_VERSION_CHECK", "").lower() in ("true", "1"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7bc9ea0d5570c9c2 Filesystem access.
pkgs/python/[email protected]/src/crewai/experimental/evaluation/experiment/result.py:42
            with open(filepath, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3ebe85617a9f58ae Filesystem access.
pkgs/python/[email protected]/src/crewai/experimental/evaluation/experiment/result.py:58
                with open(baseline_filepath, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #515e9eebc983d45c Filesystem access.
pkgs/python/[email protected]/src/crewai/experimental/evaluation/experiment/result.py:73
                with open(baseline_filepath, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5c303065fd256750 Filesystem access.
pkgs/python/[email protected]/src/crewai/experimental/evaluation/experiment/result.py:91
            with open(baseline_filepath, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #684c47a430687f00 Filesystem access.
pkgs/python/[email protected]/src/crewai/flow/flow_definition.py:824
            contents = source_path.expanduser().read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3642f395452ca811 Environment-variable access.
pkgs/python/[email protected]/src/crewai/flow/runtime/_actions.py:238
        raw = os.environ.get(_ALLOW_SCRIPT_EXECUTION_ENV_VAR, "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9e30b04e3514a541 Filesystem access.
pkgs/python/[email protected]/src/crewai/flow/skill.py:89
    example_yaml = (_TEMPLATES_DIR / "flow_definition_example.yaml").read_text(
        encoding="utf-8"
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a76a77cddab95e12 Filesystem access.
pkgs/python/[email protected]/src/crewai/flow/visualization/renderers/interactive.py:414
    css_content = css_file.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #196bbb619ee549d6 Filesystem access.
pkgs/python/[email protected]/src/crewai/flow/visualization/renderers/interactive.py:421
    css_output_path.write_text(css_content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c5184046206d22c8 Filesystem access.
pkgs/python/[email protected]/src/crewai/flow/visualization/renderers/interactive.py:424
    js_content = js_file.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #54109e2fe3f918b7 Filesystem access.
pkgs/python/[email protected]/src/crewai/flow/visualization/renderers/interactive.py:438
    js_output_path.write_text(js_content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ae02ec086f94c897 Filesystem access.
pkgs/python/[email protected]/src/crewai/flow/visualization/renderers/interactive.py:461
    output_path.write_text(html_content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e3f3b4e07946b04a Environment-variable access.
pkgs/python/[email protected]/src/crewai/knowledge/knowledge.py:66
os.environ["TOKENIZERS_PARALLELISM"] = "false"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8f9f52f05b384f1d Filesystem access.
pkgs/python/[email protected]/src/crewai/knowledge/source/csv_knowledge_source.py:17
            with open(file_path, "r", encoding="utf-8") as csvfile:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a5eac9782abf2a9b Filesystem access.
pkgs/python/[email protected]/src/crewai/knowledge/source/json_knowledge_source.py:18
            with open(path, "r", encoding="utf-8") as json_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ba33ae0b3c782bbc Filesystem access.
pkgs/python/[email protected]/src/crewai/knowledge/source/text_file_knowledge_source.py:17
            with open(path, "r", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #373d539ece3f1868 Environment-variable access.
pkgs/python/[email protected]/src/crewai/llm.py:629
            or os.getenv("OPENAI_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #79e25d3d530785a4 Environment-variable access.
pkgs/python/[email protected]/src/crewai/llm.py:630
            or os.getenv("OPENAI_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7da8967cc2cc6d1e Environment-variable access.
pkgs/python/[email protected]/src/crewai/llm.py:2524
            success_callbacks_str = os.environ.get("LITELLM_SUCCESS_CALLBACKS", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b475e6a754218bd9 Environment-variable access.
pkgs/python/[email protected]/src/crewai/llm.py:2531
            failure_callbacks_str = os.environ.get("LITELLM_FAILURE_CALLBACKS", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8eebae43ce506210 Environment-variable access.
pkgs/python/[email protected]/src/crewai/llms/providers/anthropic/completion.py:256
            self.api_key = os.getenv("ANTHROPIC_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #034b396faf1e9e2b Environment-variable access.
pkgs/python/[email protected]/src/crewai/llms/providers/azure/completion.py:122
        data["api_key"] = data.get("api_key") or os.getenv("AZURE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9d0b7ddfeddadb14 Environment-variable access.
pkgs/python/[email protected]/src/crewai/llms/providers/azure/completion.py:125
            or os.getenv("AZURE_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a1a3ec109ad1e3e8 Environment-variable access.
pkgs/python/[email protected]/src/crewai/llms/providers/azure/completion.py:126
            or os.getenv("AZURE_OPENAI_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0b557ff303362951 Environment-variable access.
pkgs/python/[email protected]/src/crewai/llms/providers/azure/completion.py:127
            or os.getenv("AZURE_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1ecbe4c49148359e Environment-variable access.
pkgs/python/[email protected]/src/crewai/llms/providers/azure/completion.py:130
            data.get("api_version") or os.getenv("AZURE_API_VERSION") or "2024-06-01"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f6003bb9fde71c61 Environment-variable access.
pkgs/python/[email protected]/src/crewai/llms/providers/azure/completion.py:164
        raw = os.getenv("AZURE_CREDENTIAL_SCOPES")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ea2a92a0d7eb429b Environment-variable access.
pkgs/python/[email protected]/src/crewai/llms/providers/azure/completion.py:271
            self.api_key = os.getenv("AZURE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6298ab147d0e3bfe Environment-variable access.
pkgs/python/[email protected]/src/crewai/llms/providers/azure/completion.py:274
                os.getenv("AZURE_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f9e7fc5c2ee7525d Environment-variable access.
pkgs/python/[email protected]/src/crewai/llms/providers/azure/completion.py:275
                or os.getenv("AZURE_OPENAI_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9f1b32b953cfec4f Environment-variable access.
pkgs/python/[email protected]/src/crewai/llms/providers/azure/completion.py:276
                or os.getenv("AZURE_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0776c7f796b0f7f2 Environment-variable access.
pkgs/python/[email protected]/src/crewai/llms/providers/bedrock/completion.py:275
        data["aws_access_key_id"] = data.get("aws_access_key_id") or os.getenv(
            "AWS_ACCESS_KEY_ID"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d7c31f2a2f4df4e5 Environment-variable access.
pkgs/python/[email protected]/src/crewai/llms/providers/bedrock/completion.py:278
        data["aws_secret_access_key"] = data.get("aws_secret_access_key") or os.getenv(
            "AWS_SECRET_ACCESS_KEY"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d17081084db45d7f Environment-variable access.
pkgs/python/[email protected]/src/crewai/llms/providers/bedrock/completion.py:281
        data["aws_session_token"] = data.get("aws_session_token") or os.getenv(
            "AWS_SESSION_TOKEN"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #66c46d64426cb9c3 Environment-variable access.
pkgs/python/[email protected]/src/crewai/llms/providers/bedrock/completion.py:286
            or os.getenv("AWS_DEFAULT_REGION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1e8bbd56212243a7 Environment-variable access.
pkgs/python/[email protected]/src/crewai/llms/providers/bedrock/completion.py:287
            or os.getenv("AWS_REGION_NAME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #33a1505ce9f756d5 Environment-variable access.
pkgs/python/[email protected]/src/crewai/llms/providers/gemini/completion.py:84
            or os.getenv("GOOGLE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c176eb387e95bcaf Environment-variable access.
pkgs/python/[email protected]/src/crewai/llms/providers/gemini/completion.py:85
            or os.getenv("GEMINI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #99ceffa8fd7d1667 Environment-variable access.
pkgs/python/[email protected]/src/crewai/llms/providers/gemini/completion.py:87
        data["project"] = data.get("project") or os.getenv("GOOGLE_CLOUD_PROJECT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #36e7c6812f7778b3 Environment-variable access.
pkgs/python/[email protected]/src/crewai/llms/providers/gemini/completion.py:89
            data.get("location") or os.getenv("GOOGLE_CLOUD_LOCATION") or "us-central1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b4c3319ee5f24332 Environment-variable access.
pkgs/python/[email protected]/src/crewai/llms/providers/gemini/completion.py:94
            use_vx = os.getenv("GOOGLE_GENAI_USE_VERTEXAI", "").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #97a15c86e1a7a77f Environment-variable access.
pkgs/python/[email protected]/src/crewai/llms/providers/gemini/completion.py:133
                self.api_key = os.getenv("GOOGLE_API_KEY") or os.getenv(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b03ce3bd4e26055e Environment-variable access.
pkgs/python/[email protected]/src/crewai/llms/providers/gemini/completion.py:133
                self.api_key = os.getenv("GOOGLE_API_KEY") or os.getenv(
                    "GEMINI_API_KEY"
                )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #27cdc7e30afecbe4 Environment-variable access.
pkgs/python/[email protected]/src/crewai/llms/providers/gemini/completion.py:137
                self.project = os.getenv("GOOGLE_CLOUD_PROJECT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c76e47b0015f5a8e Environment-variable access.
pkgs/python/[email protected]/src/crewai/llms/providers/openai/completion.py:253
                or os.getenv("OPENAI_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #719b42c7e96eb758 Environment-variable access.
pkgs/python/[email protected]/src/crewai/llms/providers/openai/completion.py:254
                or os.getenv("OPENAI_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #83ffb00840aa3060 Environment-variable access.
pkgs/python/[email protected]/src/crewai/llms/providers/openai/completion.py:265
        data["api_key"] = data.get("api_key") or os.getenv("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b7e53101cb5ad75a Environment-variable access.
pkgs/python/[email protected]/src/crewai/llms/providers/openai/completion.py:379
                or os.getenv("OPENAI_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #935fad73cd0ef301 Environment-variable access.
pkgs/python/[email protected]/src/crewai/llms/providers/openai/completion.py:380
                or os.getenv("OPENAI_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2930f9b89b20f348 Environment-variable access.
pkgs/python/[email protected]/src/crewai/llms/providers/openai/completion.py:388
            self.api_key = os.getenv("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #659b38da304b8d67 Environment-variable access.
pkgs/python/[email protected]/src/crewai/llms/providers/openai/completion.py:398
            or os.getenv("OPENAI_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #937d5be843da69c3 Environment-variable access.
pkgs/python/[email protected]/src/crewai/llms/providers/openai/completion.py:399
            or os.getenv("OPENAI_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3ed1e245a9fc57cf Environment-variable access.
pkgs/python/[email protected]/src/crewai/llms/providers/openai_compatible/completion.py:189
        env_key = os.getenv(config.api_key_env)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f13c15e286c78792 Environment-variable access.
pkgs/python/[email protected]/src/crewai/llms/providers/openai_compatible/completion.py:220
            env_value = os.getenv(config.base_url_env)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bbb27d4c9e5a3523 Environment-variable access.
pkgs/python/[email protected]/src/crewai/llms/providers/snowflake/completion.py:93
                token = os.getenv(env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #81e19746d717c9f2 Environment-variable access.
pkgs/python/[email protected]/src/crewai/llms/providers/snowflake/completion.py:114
        account_url = data.get("account_url") or os.getenv("SNOWFLAKE_ACCOUNT_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cca3d52ee134f945 Environment-variable access.
pkgs/python/[email protected]/src/crewai/llms/providers/snowflake/completion.py:122
            or os.getenv("SNOWFLAKE_ACCOUNT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fab1670d20810cc8 Environment-variable access.
pkgs/python/[email protected]/src/crewai/llms/providers/snowflake/completion.py:123
            or os.getenv("SNOWFLAKE_ACCOUNT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #eb2fb456f36e8b56 Environment-variable access.
pkgs/python/[email protected]/src/crewai/llms/providers/snowflake/completion.py:124
            or os.getenv("SNOWFLAKE_ACCOUNT_IDENTIFIER")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #587454bb69689570 Environment-variable access.
pkgs/python/[email protected]/src/crewai/memory/storage/lancedb_storage.py:68
            storage_dir = os.environ.get("CREWAI_STORAGE_DIR")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f30564fd282f9177 Environment-variable access.
pkgs/python/[email protected]/src/crewai/memory/storage/qdrant_edge_storage.py:104
            storage_dir = os.environ.get("CREWAI_STORAGE_DIR")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fbc035209d45a3b7 Filesystem access.
pkgs/python/[email protected]/src/crewai/project/crew_base.py:391
        with open(config_path, encoding="utf-8") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9464908d21e71bfb Filesystem access.
pkgs/python/[email protected]/src/crewai/project/json_loader.py:209
    return parse_jsonc(path.read_text(encoding="utf-8"), source=path)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f2149a977ecce582 Environment-variable access.
pkgs/python/[email protected]/src/crewai/rag/chromadb/config.py:61
            api_key=os.getenv("OPENAI_API_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9e4a5ec1559edde7 Filesystem access.
pkgs/python/[email protected]/src/crewai/skills/cache.py:91
        (skill_dir / _META_FILENAME).write_text(
            json.dumps(meta, indent=2), encoding="utf-8"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3eb6695a1bb8856d Filesystem access.
pkgs/python/[email protected]/src/crewai/skills/cache.py:109
                            json.loads(meta_file.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #33dede84b9141183 Filesystem access.
pkgs/python/[email protected]/src/crewai/skills/parser.py:89
    content = path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bb249e846d5dcd20 Environment-variable access.
pkgs/python/[email protected]/src/crewai/skills/registry.py:76
        os.environ.get("CI") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ce903b1c92e3f1ae Environment-variable access.
pkgs/python/[email protected]/src/crewai/skills/registry.py:77
        or os.environ.get("CREWAI_NONINTERACTIVE") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #477222464888ae23 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai/skills/registry.py:192
        dl_response = httpx.get(download_url, follow_redirects=True)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #57f9aca073fccaad Filesystem access.
pkgs/python/[email protected]/src/crewai/state/provider/json_provider.py:66
        with open(file_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7e1a0edb7afea7c7 Filesystem access.
pkgs/python/[email protected]/src/crewai/state/provider/json_provider.py:132
        return Path(location).read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5daf36b6f4c147ea Filesystem access.
pkgs/python/[email protected]/src/crewai/state/provider/utils.py:29
        with open(file_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #73dad48e322a3266 Environment-variable access.
pkgs/python/[email protected]/src/crewai/telemetry/telemetry.py:151
            os.getenv("OTEL_SDK_DISABLED", "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3538d90e18ae4247 Environment-variable access.
pkgs/python/[email protected]/src/crewai/telemetry/telemetry.py:152
            or os.getenv("CREWAI_DISABLE_TELEMETRY", "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a1b1444b0770e22e Environment-variable access.
pkgs/python/[email protected]/src/crewai/telemetry/telemetry.py:153
            or os.getenv("CREWAI_DISABLE_TRACKING", "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d7f491b1882ace35 Environment-variable access.
pkgs/python/[email protected]/src/crewai/types/callback.py:27
    raw = os.environ.get("CREWAI_DESERIALIZE_CALLBACKS", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #42d7e429bc2b3a89 Environment-variable access.
pkgs/python/[email protected]/src/crewai/utilities/env.py:20
    return any(os.environ.get(var) for var in CODEX_ENV_VARS)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #65cb6693fab6d62a Environment-variable access.
pkgs/python/[email protected]/src/crewai/utilities/env.py:24
    return any(os.environ.get(var) for var in CURSOR_ENV_VARS)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4e054b29b778210e Environment-variable access.
pkgs/python/[email protected]/src/crewai/utilities/env.py:32
    if os.environ.get(CC_ENV_VAR):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e3e856fd956c050f Filesystem access.
pkgs/python/[email protected]/src/crewai/utilities/file_handler.py:94
                        with open(self._path, encoding="utf-8") as read_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9d3cee1f7ec6ad80 Filesystem access.
pkgs/python/[email protected]/src/crewai/utilities/file_handler.py:100
                    with open(self._path, "w", encoding="utf-8") as write_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a0b5012cbc50d949 Filesystem access.
pkgs/python/[email protected]/src/crewai/utilities/file_handler.py:112
                    with open(self._path, "a", encoding="utf-8") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4cc5c8acbf2b73c1 Filesystem access.
pkgs/python/[email protected]/src/crewai/utilities/file_handler.py:151
            with open(self.file_path, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0fca00a1e6c45e88 Filesystem access.
pkgs/python/[email protected]/src/crewai/utilities/file_handler.py:165
                with open(self.file_path, "rb") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dbaadb0e791df1b9 Filesystem access.
pkgs/python/[email protected]/src/crewai/utilities/i18n.py:38
                with open(self.prompt_file, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7e444dc28688dedd Filesystem access.
pkgs/python/[email protected]/src/crewai/utilities/i18n.py:44
                with open(prompts_path, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ac47c740c46fd7cb Environment-variable access.
pkgs/python/[email protected]/src/crewai/utilities/llm_utils.py:104
        os.environ.get("MODEL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8cd63831c0c17101 Environment-variable access.
pkgs/python/[email protected]/src/crewai/utilities/llm_utils.py:105
        or os.environ.get("MODEL_NAME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a3cdc791b8128166 Environment-variable access.
pkgs/python/[email protected]/src/crewai/utilities/llm_utils.py:106
        or os.environ.get("OPENAI_MODEL_NAME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #14991f404b970c27 Environment-variable access.
pkgs/python/[email protected]/src/crewai/utilities/llm_utils.py:130
        os.environ.get("BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4c27602b03b76350 Environment-variable access.
pkgs/python/[email protected]/src/crewai/utilities/llm_utils.py:131
        or os.environ.get("OPENAI_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f3c19ada8f0b2271 Environment-variable access.
pkgs/python/[email protected]/src/crewai/utilities/llm_utils.py:132
        or os.environ.get("OPENAI_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8819ff391c2522e4 Environment-variable access.
pkgs/python/[email protected]/src/crewai/utilities/llm_utils.py:135
    api_base = os.environ.get("API_BASE") or os.environ.get("AZURE_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cc248d836f3bb139 Environment-variable access.
pkgs/python/[email protected]/src/crewai/utilities/llm_utils.py:178
                    env_value = os.environ.get(key_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

couchbase

python dependency
medium telemetry dependency Excluded from app score #5702dfd3c21cc1cd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/couchbase/observability/otel_metrics.py:28
    from opentelemetry import metrics as otel_metrics

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #52a74755af05dfa2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/couchbase/observability/otel_metrics.py:29
    from opentelemetry.metrics import MeterProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e12c3b02cea34145 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/couchbase/observability/otel_metrics.py:32
    from opentelemetry import metrics as otel_metrics  # noqa: F811

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #96d76141afedb29c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/couchbase/observability/otel_tracing.py:29
    from opentelemetry import trace as otel_trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e931260dc7fb2e1b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/couchbase/observability/otel_tracing.py:30
    from opentelemetry.trace import TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #47ee5413e55441d1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/couchbase/observability/otel_tracing.py:33
    from opentelemetry import trace as otel_trace  # noqa: F811

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e1f892896d7f227e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/couchbase/observability/otel_tracing.py:34
    from opentelemetry.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f7349aae41d64acd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/couchbase/observability/otel_tracing.py:35
    from opentelemetry.trace import SpanKind

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #234ad086a0fc48aa Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/couchbase/observability/otel_tracing.py:36
    from opentelemetry.trace.status import Status as OtelStatus

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #027389ca0bfe7c49 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/couchbase/observability/otel_tracing.py:37
    from opentelemetry.trace.status import StatusCode as OtelStatusCode

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c093e71defba1aa4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/couchbase/otel_tracer.py:19
from opentelemetry.trace import (Span,
                                 Tracer,
                                 set_span_in_context)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

expand_more 30 low-confidence finding(s)
low env_fs dependency Excluded from app score #c1f4379660d07a89 Environment-variable access.
pkgs/python/[email protected]/couchbase/__init__.py:28
        open_ssl_dir = os.getenv('PYCBC_OPENSSL_DIR')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2dacfd7a3317628a Environment-variable access.
pkgs/python/[email protected]/couchbase/logic/logging_config.py:162
    log_level = os.getenv('PYCBC_LOG_LEVEL', None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #524211ca9f8ff25e Environment-variable access.
pkgs/python/[email protected]/couchbase/logic/logging_config.py:164
        log_file = os.getenv('PYCBC_LOG_FILE', None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0baf1e9fae2ade87 Environment-variable access.
pkgs/python/[email protected]/couchbase/logic/logging_config.py:166
            enable_console_logging = 0 if os.getenv('PYCBC_ENABLE_CONSOLE', None) is None else 1

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ad07adb6b8ec31e4 Filesystem access.
pkgs/python/[email protected]/couchbase_version.py:108
    fp = open(VERSION_FILE, "r")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #08169560f8e465d8 Filesystem access.
pkgs/python/[email protected]/couchbase_version.py:172
    with open(VERSION_FILE, "w") as fp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b5ef4c30032f2502 Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:36
CMAKE_EXE = os.environ.get('CMAKE_EXE', shutil.which('cmake'))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e893efc11b49d3bc Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:42
CXXCBC_CACHE_DIR = os.environ.get('PYCBC_CXXCBC_CACHE_DIR', os.path.join(PYCBC_ROOT, 'deps', 'couchbase-cxx-cache'))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b041d27a6ddff94a Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:55
    build_type = os.getenv('PYCBC_BUILD_TYPE', 'Release')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3e4b00821d21a948 Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:60
            c_flags = os.getenv('CFLAGS', '')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b1f361ead8fbba08 Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:61
            cxx_flags = os.getenv('CXXFLAGS', '')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #344f031b4f5b07e1 Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:62
            os.environ['CFLAGS'] = f'{c_flags} {debug_flags}'

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #59577079d50b7bea Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:63
            os.environ['CXXFLAGS'] = f'{cxx_flags} {debug_flags}'

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #daec236e41b324b0 Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:64
    os.environ['PYCBC_BUILD_TYPE'] = build_type

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b35821598e4f0f94 Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:68
    ssl_dir = os.getenv('PYCBC_OPENSSL_DIR', None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0513680bcc824cc8 Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:73
    pycbc_use_openssl = os.getenv('PYCBC_USE_OPENSSL', 'true').lower() in ENV_TRUE

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9287370bd4d021ca Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:74
    pycbc_use_opensslv1_1 = os.getenv('PYCBC_USE_OPENSSLV1_1', 'false').lower() in ENV_TRUE

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8351073afa462dc2 Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:77
        ssl_version = os.getenv('PYCBC_OPENSSL_VERSION', None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1dde683de70b4df9 Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:92
    use_static_stdlib = os.getenv('PYCBC_USE_STATIC_STDLIB', 'false').lower() in ENV_TRUE

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9237b6048ce05423 Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:100
    download_mozilla_ca_bundle = os.getenv('PYCBC_DOWNLOAD_MOZILLA_CA_BUNDLE', None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #eab13a63742ff4aa Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:107
    sanitizers = os.getenv('PYCBC_SANITIZERS', None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #953b84cc3894d3c8 Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:112
    if os.getenv('PYCBC_VERBOSE_MAKEFILE', None):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c404e974dc7e9522 Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:115
    pycbc_cmake_system_version = os.getenv('PYCBC_CMAKE_SYSTEM_VERSION', None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #489de2264c258ff8 Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:119
    pycbc_tls_key_log_file = os.getenv('PYCBC_TLS_KEY_LOG_FILE', None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e0452ed78f725ae4 Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:124
    os.environ['CMAKE_COMMON_VARIABLES'] = ' '.join(cmake_extra_args)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cb9de2b08d7a082b Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:141
        env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #65ffd6534110ad9a Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:154
                os.environ.get('CMAKE_COMMON_VARIABLES', '').split(' ')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ee269577eb61f895 Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:258
        set_cpm_cache = os.environ.get('PYCBC_SET_CPM_CACHE', 'true').lower() in ENV_TRUE

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6e5b4650ea0f8aad Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:352
        env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a6d08f45211f4b40 Filesystem access.
pkgs/python/[email protected]/setup.py:82
      long_description=open(PYCBC_README, "r").read(),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

mcpadapt

python dependency
medium pii_flow tooling reachable #c26628594ef007ff PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/google_genai.py:67 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/google_genai.py:27 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/google_genai.py:67
            print(f"Function to call: {function_call.name}")

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #22c5d040b2c15c24 PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/google_genai.py:68 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/google_genai.py:27 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/google_genai.py:68
            print(f"Arguments: {function_call.args}")

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #8f21b117322ad82c PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/google_genai.py:70 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/google_genai.py:27 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/google_genai.py:70
            print(function_call.name)

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #16cc8554020ed29b PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/google_genai.py:71 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/google_genai.py:27 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/google_genai.py:71
            print(function_call.args)

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #50d62eea6aac8f8d PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/google_genai.py:77 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/google_genai.py:27 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/google_genai.py:77
            print(text_content)

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #b68b1bacf9ea7a85 PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/google_genai.py:81 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/google_genai.py:27 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/google_genai.py:81
            print(response.text)

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #ddddd6fca934e571 PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/smolagents_structured_output.py:71 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/smolagents_structured_output.py:63 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/smolagents_structured_output.py:71
        print(f"Result: {result}")

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #fd59ff9b1ab6ca9b PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/examples/smolagents_structured_output.py:93 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/smolagents_structured_output.py:85 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/examples/smolagents_structured_output.py:93
        print(f"Result: {result}")

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

expand_more 13 low-confidence finding(s)
low env_fs tooling reachable #3efb9fa628c73db1 Environment-variable access.
pkgs/python/[email protected]/examples/crewai_pubmed.py:16
if not os.environ.get("OPENAI_API_KEY"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #631ff53d0870d7d3 Environment-variable access.
pkgs/python/[email protected]/examples/crewai_pubmed.py:25
        env={"UV_PYTHON": "3.12", **os.environ},

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #851a02fe8a58697a Environment-variable access.
pkgs/python/[email protected]/examples/google_genai.py:27
    api_key=os.getenv("GEMINI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #2e8656d3cf8cf875 Environment-variable access.
pkgs/python/[email protected]/examples/langchain_pubmed.py:20
if not os.environ.get("ANTHROPIC_API_KEY"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #b83096b9830c0d9e Environment-variable access.
pkgs/python/[email protected]/examples/langchain_pubmed.py:34
            env={"UV_PYTHON": "3.12", **os.environ},

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #df347ffbf6bf2f86 Environment-variable access.
pkgs/python/[email protected]/examples/langchain_pubmed.py:75
            env={"UV_PYTHON": "3.12", **os.environ},

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #31c03d74958f9db0 Environment-variable access.
pkgs/python/[email protected]/examples/smolagents_pubmed.py:25
        env={"UV_PYTHON": "3.12", **os.environ},

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #eaa9204dda4eff59 Environment-variable access.
pkgs/python/[email protected]/examples/smolagents_structured_output.py:63
        model = InferenceClientModel(token=os.getenv("HF_TOKEN"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #988bd98f8cbeb3bb Environment-variable access.
pkgs/python/[email protected]/examples/smolagents_structured_output.py:85
        model = InferenceClientModel(token=os.getenv("HF_TOKEN"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #37d47d3173014362 Filesystem access.
pkgs/python/[email protected]/scripts/bump_version.py:21
    content = init_file.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #f76d05fa9cbaad9e Filesystem access.
pkgs/python/[email protected]/scripts/bump_version.py:40
    init_file.write_text(new_content)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2fe294324568057c Environment-variable access.
pkgs/python/[email protected]/src/mcpadapt/google_genai_adapter.py:114
            env={"UV_PYTHON": "3.12", **os.environ},

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #02dc431145ef2a4a Environment-variable access.
pkgs/python/[email protected]/src/mcpadapt/smolagents_adapter.py:265
            env={"UV_PYTHON": "3.12", **os.environ},

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

azure-ai-inference

python dependency
medium telemetry dependency Excluded from app score #ac47125d0bf79e01 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/azure/ai/inference/tracing.py:24
    from opentelemetry.trace import StatusCode, Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f020b29cf932770e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/samples/sample_chat_completions_with_azure_monitor_tracing.py:31
from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a9c30fa74aeee4b4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/samples/sample_chat_completions_with_azure_monitor_tracing.py:39
from opentelemetry.trace import get_tracer

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c389172c7751cbeb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/samples/sample_chat_completions_with_tracing.py:32
from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #481834fb28abbce4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/samples/sample_chat_completions_with_tracing.py:35
from opentelemetry.sdk.trace import TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #bba471f3b99375f6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/samples/sample_chat_completions_with_tracing.py:36
from opentelemetry.sdk.trace.export import SimpleSpanProcessor, ConsoleSpanExporter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d0b51a52929d487a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/samples/sample_chat_completions_with_tracing.py:55
from opentelemetry.trace import get_tracer

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

expand_more 93 low-confidence finding(s)
low env_fs dependency Excluded from app score #3a7e6b116b6f7c92 Filesystem access.
pkgs/python/[email protected]/azure/ai/inference/models/_patch.py:320
        with open(image_file, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f71b621b65e0e52a Filesystem access.
pkgs/python/[email protected]/azure/ai/inference/models/_patch.py:346
        with open(image_file, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d429cede6b01e262 Filesystem access.
pkgs/python/[email protected]/azure/ai/inference/models/_patch.py:548
        with open(audio_file, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c9cb1d01f861c4fd Environment-variable access.
pkgs/python/[email protected]/azure/ai/inference/prompts/_core.py:190
        if variable in os.environ.keys():

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7d232d3a12aa0bdd Environment-variable access.
pkgs/python/[email protected]/azure/ai/inference/prompts/_core.py:191
            return os.environ[variable]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #47f5ae780e4f62ca Filesystem access.
pkgs/python/[email protected]/azure/ai/inference/prompts/_parsers.py:64
        with open(image_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7323af1eb17665ef Filesystem access.
pkgs/python/[email protected]/azure/ai/inference/prompts/_tracer.py:306
        with open(trace_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #80544c0b8e6fd410 Filesystem access.
pkgs/python/[email protected]/azure/ai/inference/prompts/_utils.py:22
    with open(file_path, "r", encoding=encoding) as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8969694ac42c84b8 Environment-variable access.
pkgs/python/[email protected]/azure/ai/inference/tracing.py:147
            var_value = os.environ.get("AZURE_TRACING_GEN_AI_CONTENT_RECORDING_ENABLED")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #779e01c82c897d15 Environment-variable access.
pkgs/python/[email protected]/samples/async_samples/sample_chat_completions_async.py:35
        endpoint = os.environ["AZURE_AI_CHAT_ENDPOINT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #49c044188c23c908 Environment-variable access.
pkgs/python/[email protected]/samples/async_samples/sample_chat_completions_async.py:36
        key = os.environ["AZURE_AI_CHAT_KEY"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cc2d3ba5c442cf55 Environment-variable access.
pkgs/python/[email protected]/samples/async_samples/sample_chat_completions_from_input_bytes_async.py:37
        endpoint = os.environ["AZURE_AI_CHAT_ENDPOINT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b9631ddb0189ccfe Environment-variable access.
pkgs/python/[email protected]/samples/async_samples/sample_chat_completions_from_input_bytes_async.py:38
        key = os.environ["AZURE_AI_CHAT_KEY"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c75262d35436d6b8 Environment-variable access.
pkgs/python/[email protected]/samples/async_samples/sample_chat_completions_from_input_dict_async.py:38
        endpoint = os.environ["AZURE_AI_CHAT_ENDPOINT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1302db8d7574a946 Environment-variable access.
pkgs/python/[email protected]/samples/async_samples/sample_chat_completions_from_input_dict_async.py:39
        key = os.environ["AZURE_AI_CHAT_KEY"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d331dd0590d7bd93 Environment-variable access.
pkgs/python/[email protected]/samples/async_samples/sample_chat_completions_streaming_async.py:36
        endpoint = os.environ["AZURE_AI_CHAT_ENDPOINT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a5657a0f823eb5a7 Environment-variable access.
pkgs/python/[email protected]/samples/async_samples/sample_chat_completions_streaming_async.py:37
        key = os.environ["AZURE_AI_CHAT_KEY"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c185baee125a5eae Environment-variable access.
pkgs/python/[email protected]/samples/async_samples/sample_chat_completions_streaming_azure_openai_async.py:38
        endpoint = os.environ["AZURE_OPENAI_CHAT_ENDPOINT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0a297dd9d75969ef Environment-variable access.
pkgs/python/[email protected]/samples/async_samples/sample_chat_completions_streaming_azure_openai_async.py:50
            key = os.environ["AZURE_OPENAI_CHAT_KEY"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #61f9732bcc343d5d Environment-variable access.
pkgs/python/[email protected]/samples/async_samples/sample_embeddings_async.py:34
        endpoint = os.environ["AZURE_AI_EMBEDDINGS_ENDPOINT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8c5c798510330477 Environment-variable access.
pkgs/python/[email protected]/samples/async_samples/sample_embeddings_async.py:35
        key = os.environ["AZURE_AI_EMBEDDINGS_KEY"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d63b69ddc48116d0 Environment-variable access.
pkgs/python/[email protected]/samples/async_samples/sample_image_embeddings_async.py:32
        endpoint = os.environ["AZURE_AI_IMAGE_EMBEDDINGS_ENDPOINT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a9ca3eed4b5d4bbf Environment-variable access.
pkgs/python/[email protected]/samples/async_samples/sample_image_embeddings_async.py:33
        key = os.environ["AZURE_AI_IMAGE_EMBEDDINGS_KEY"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5074feaf37054a69 Environment-variable access.
pkgs/python/[email protected]/samples/async_samples/sample_load_client_async.py:30
        endpoint = os.environ["AZURE_AI_EMBEDDINGS_ENDPOINT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1bacc78214b02f24 Environment-variable access.
pkgs/python/[email protected]/samples/async_samples/sample_load_client_async.py:31
        key = os.environ["AZURE_AI_EMBEDDINGS_KEY"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #149422b2d8c4f95d Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions.py:31
        endpoint = os.environ["AZURE_AI_CHAT_ENDPOINT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7696151d89e2f7ee Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions.py:32
        key = os.environ["AZURE_AI_CHAT_KEY"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0b00fc24afb2f3aa Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_azure_openai.py:36
        endpoint = os.environ["AZURE_OPENAI_CHAT_ENDPOINT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #03e094b279da3b42 Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_azure_openai.py:48
            key = os.environ["AZURE_OPENAI_CHAT_KEY"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7d81cdb91c00b1e8 Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_from_input_bytes.py:37
        endpoint = os.environ["AZURE_AI_CHAT_ENDPOINT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #213ab01204e40ffe Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_from_input_bytes.py:38
        key = os.environ["AZURE_AI_CHAT_KEY"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2060f14648b58563 Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_from_input_dict.py:38
        endpoint = os.environ["AZURE_AI_CHAT_ENDPOINT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f81d5ae6ba98b655 Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_from_input_dict.py:39
        key = os.environ["AZURE_AI_CHAT_KEY"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #60d3d7efe39351d4 Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_from_input_dict_with_image_url.py:42
        endpoint = os.environ["AZURE_AI_CHAT_ENDPOINT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ed27617881fe67d4 Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_from_input_dict_with_image_url.py:43
        key = os.environ["AZURE_AI_CHAT_KEY"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1a1ddcbd1664cfe2 Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_from_input_dict_with_image_url.py:50
        model_deployment = os.environ["AZURE_AI_CHAT_DEPLOYMENT_NAME"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4aa65bbdf6de5145 Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_from_input_prompt_string.py:36
        endpoint = os.environ["AZURE_AI_CHAT_ENDPOINT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6e2d0c59bf29a08f Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_from_input_prompt_string.py:37
        key = os.environ["AZURE_AI_CHAT_KEY"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #85ef4b7abbe92ee8 Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_from_input_prompty.py:36
        endpoint = os.environ["AZURE_AI_CHAT_ENDPOINT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ffca695c711e2583 Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_from_input_prompty.py:37
        key = os.environ["AZURE_AI_CHAT_KEY"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #aa677104c5c6c87c Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_streaming.py:31
        endpoint = os.environ["AZURE_AI_CHAT_ENDPOINT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #09b47971b5a4936a Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_streaming.py:32
        key = os.environ["AZURE_AI_CHAT_KEY"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #61f225f6ace2bcf8 Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_streaming_with_entra_id_auth.py:31
        endpoint = os.environ["AZURE_AI_CHAT_ENDPOINT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c524343b1908eef8 Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_streaming_with_entra_id_auth.py:38
        model_deployment = os.environ["AZURE_AI_CHAT_DEPLOYMENT_NAME"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f5e3233feef31852 Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_streaming_with_tools.py:45
            endpoint = os.environ["AZURE_OPENAI_CHAT_ENDPOINT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #809fcac03869b1f2 Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_streaming_with_tools.py:46
            key = os.environ["AZURE_OPENAI_CHAT_KEY"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #df7194c652561f5a Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_streaming_with_tools.py:48
            endpoint = os.environ["AZURE_AI_CHAT_ENDPOINT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3eee5728b7b91114 Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_streaming_with_tools.py:49
            key = os.environ["AZURE_AI_CHAT_KEY"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4c6a221f20d008c6 Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_with_audio_data.py:47
        endpoint = os.environ["AZURE_AI_CHAT_ENDPOINT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7d847f4d02f80e33 Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_with_audio_data.py:48
        key = os.environ["AZURE_AI_CHAT_KEY"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a831120231864538 Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_with_audio_data.py:55
        model_deployment = os.environ["AZURE_AI_CHAT_DEPLOYMENT_NAME"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9ce305efbc77dd31 Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_with_azure_monitor_tracing.py:151
        endpoint = os.environ["AZURE_AI_CHAT_ENDPOINT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ca5a8678fb27766a Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_with_azure_monitor_tracing.py:152
        key = os.environ["AZURE_AI_CHAT_KEY"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #04c61697e871d566 Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_with_defaults.py:33
        endpoint = os.environ["AZURE_AI_CHAT_ENDPOINT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #090342aa778c1bb4 Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_with_defaults.py:34
        key = os.environ["AZURE_AI_CHAT_KEY"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a39a3e8dfd04e71f Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_with_entra_id_auth.py:42
        endpoint = os.environ["AZURE_AI_CHAT_ENDPOINT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0338f854f6aee63a Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_with_entra_id_auth.py:43
        model_deployment_name = os.environ["AZURE_AI_CHAT_MODEL_DEPLOYMENT_NAME"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #63f791352577ad33 Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_with_history.py:32
        endpoint = os.environ["AZURE_AI_CHAT_ENDPOINT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b155b56d51b74d29 Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_with_history.py:33
        key = os.environ["AZURE_AI_CHAT_KEY"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cf49f9fa9b1e77ca Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_with_image_data.py:47
        endpoint = os.environ["AZURE_AI_CHAT_ENDPOINT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4dba28861ba2e0e0 Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_with_image_data.py:48
        key = os.environ["AZURE_AI_CHAT_KEY"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #71489ac4570caf7c Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_with_image_data.py:55
        model_deployment = os.environ["AZURE_AI_CHAT_DEPLOYMENT_NAME"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #641c05a10b718678 Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_with_image_url.py:47
        endpoint = os.environ["AZURE_AI_CHAT_ENDPOINT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #759b3b516096b19c Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_with_image_url.py:48
        key = os.environ["AZURE_AI_CHAT_KEY"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c90be23177161e6a Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_with_image_url.py:55
        model_deployment = os.environ["AZURE_AI_CHAT_DEPLOYMENT_NAME"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bcc7313696c74ea7 Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_with_model_extras.py:33
        endpoint = os.environ["AZURE_AI_CHAT_ENDPOINT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e5e07e6edb060ffe Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_with_model_extras.py:34
        key = os.environ["AZURE_AI_CHAT_KEY"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8bd676680553ed06 Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_with_structured_output.py:54
        endpoint = os.environ["AZURE_OPENAI_CHAT_ENDPOINT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #245794c6f965408d Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_with_structured_output.py:55
        key = os.environ["AZURE_OPENAI_CHAT_KEY"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8d54e092687bfbc3 Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_with_structured_output_pydantic.py:57
        endpoint = os.environ["AZURE_OPENAI_CHAT_ENDPOINT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f719f5a0b696648d Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_with_structured_output_pydantic.py:58
        key = os.environ["AZURE_OPENAI_CHAT_KEY"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #38f4f328bbac10c5 Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_with_tools.py:34
        endpoint = os.environ["AZURE_AI_CHAT_ENDPOINT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #72bde4950f5da9fb Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_with_tools.py:35
        key = os.environ["AZURE_AI_CHAT_KEY"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6d638e549e9589fc Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_with_tracing.py:170
        endpoint = os.environ["AZURE_AI_CHAT_ENDPOINT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #52407021057a93c0 Environment-variable access.
pkgs/python/[email protected]/samples/sample_chat_completions_with_tracing.py:171
        key = os.environ["AZURE_AI_CHAT_KEY"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4d9827d490b2bdad Environment-variable access.
pkgs/python/[email protected]/samples/sample_embeddings.py:32
        endpoint = os.environ["AZURE_AI_EMBEDDINGS_ENDPOINT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ef66cc421c0eeca8 Environment-variable access.
pkgs/python/[email protected]/samples/sample_embeddings.py:33
        key = os.environ["AZURE_AI_EMBEDDINGS_KEY"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b4367e0e859cb3bc Environment-variable access.
pkgs/python/[email protected]/samples/sample_embeddings_azure_openai.py:36
        endpoint = os.environ["AZURE_OPENAI_EMBEDDINGS_ENDPOINT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #668c8097bc72c66e Environment-variable access.
pkgs/python/[email protected]/samples/sample_embeddings_azure_openai.py:48
            key = os.environ["AZURE_OPENAI_EMBEDDINGS_KEY"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f8775a2497cab0eb Environment-variable access.
pkgs/python/[email protected]/samples/sample_embeddings_with_base64_encoding.py:32
        endpoint = os.environ["AZURE_AI_EMBEDDINGS_ENDPOINT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dd5eb6fe70cccd81 Environment-variable access.
pkgs/python/[email protected]/samples/sample_embeddings_with_base64_encoding.py:33
        key = os.environ["AZURE_AI_EMBEDDINGS_KEY"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #001ba616830da4a8 Environment-variable access.
pkgs/python/[email protected]/samples/sample_embeddings_with_defaults.py:33
        endpoint = os.environ["AZURE_AI_EMBEDDINGS_ENDPOINT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d7370cdb00938b4e Environment-variable access.
pkgs/python/[email protected]/samples/sample_embeddings_with_defaults.py:34
        key = os.environ["AZURE_AI_EMBEDDINGS_KEY"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #efcd725431bd16a1 Environment-variable access.
pkgs/python/[email protected]/samples/sample_get_model_info.py:30
        endpoint = os.environ["AZURE_AI_CHAT_ENDPOINT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4f6e9b6dba7a335f Environment-variable access.
pkgs/python/[email protected]/samples/sample_get_model_info.py:31
        key = os.environ["AZURE_AI_CHAT_KEY"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4b1e29ad8a33ebda Environment-variable access.
pkgs/python/[email protected]/samples/sample_image_embeddings.py:31
        endpoint = os.environ["AZURE_AI_IMAGE_EMBEDDINGS_ENDPOINT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e26af3b363edc01e Environment-variable access.
pkgs/python/[email protected]/samples/sample_image_embeddings.py:32
        key = os.environ["AZURE_AI_IMAGE_EMBEDDINGS_KEY"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4600fec4f48e1f20 Environment-variable access.
pkgs/python/[email protected]/samples/sample_image_embeddings_with_defaults.py:33
        endpoint = os.environ["AZURE_AI_IMAGE_EMBEDDINGS_ENDPOINT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #eacb6009735c78e1 Environment-variable access.
pkgs/python/[email protected]/samples/sample_image_embeddings_with_defaults.py:34
        key = os.environ["AZURE_AI_IMAGE_EMBEDDINGS_KEY"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3363132934c0ca5e Environment-variable access.
pkgs/python/[email protected]/samples/sample_load_client.py:30
        endpoint = os.environ["AZURE_AI_CHAT_ENDPOINT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #66a906c73020bd65 Environment-variable access.
pkgs/python/[email protected]/samples/sample_load_client.py:31
        key = os.environ["AZURE_AI_CHAT_KEY"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #52ce281804e85dda Filesystem access.
pkgs/python/[email protected]/setup.py:22
with open(os.path.join(package_folder_path, "_version.py"), "r") as fd:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b21649a3d259a45d Filesystem access.
pkgs/python/[email protected]/setup.py:33
    long_description=open("README.md", "r").read(),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

bedrock-agentcore

python dependency
medium telemetry dependency Excluded from app score #7b3343e0ddc09455 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/bedrock_agentcore/runtime/tracing.py:47
        from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #777ab2c73dd240a0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/bedrock_agentcore/runtime/tracing.py:83
        from opentelemetry.sdk.trace import SpanProcessor  # type: ignore[import]

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8388a8a05196014d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/bedrock_agentcore/runtime/tracing.py:121
                from opentelemetry import baggage as otel_baggage

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium pii_flow tooling reachable #9cefa5f71925ee62 PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/tests_integ/tools/test_code.py:257 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/tests_integ/tools/test_code.py:236 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/tests_integ/tools/test_code.py:257
    print(f"  Created interpreter: {interpreter_id}")

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #9fe94cbf2fc5430a PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/tests_integ/tools/test_code.py:269 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/tests_integ/tools/test_code.py:236 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/tests_integ/tools/test_code.py:269
    print(f"  Interpreter status: {info['status']}")

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow tooling reachable #11ae3ab88ffc0ca6 PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/tests_integ/tools/test_code.py:310 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/tests_integ/tools/test_code.py:236 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/tests_integ/tools/test_code.py:310
    print(f"  Cleaned up interpreter: {interpreter_id}")

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

expand_more 184 low-confidence finding(s)
low env_fs tooling reachable #d8fefad0a92f784e Filesystem access.
pkgs/python/[email protected]/scripts/bump_version.py:11
    content = Path("pyproject.toml").read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #4bc823514d3bbab6 Filesystem access.
pkgs/python/[email protected]/scripts/bump_version.py:56
    content = file_path.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #f7b6b9c2874eb63f Filesystem access.
pkgs/python/[email protected]/scripts/bump_version.py:67
        file_path.write_text(new_content)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #6d7d0e8f988d4c54 Filesystem access.
pkgs/python/[email protected]/scripts/bump_version.py:76
    content = pyproject.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #d38f71ac2642160b Filesystem access.
pkgs/python/[email protected]/scripts/bump_version.py:84
        pyproject.write_text(content)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #def9680158540400 Filesystem access.
pkgs/python/[email protected]/scripts/bump_version.py:163
        content = changelog_path.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #3a95a640a20f6001 Filesystem access.
pkgs/python/[email protected]/scripts/bump_version.py:191
    changelog_path.write_text(content)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #94644a06fcc753d0 Filesystem access.
pkgs/python/[email protected]/scripts/extract_api_model.py:276
    with open(args.out, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #90d95b5c524d61eb Filesystem access.
pkgs/python/[email protected]/scripts/render_adoc.py:243
    with open(args.model) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #49566b14a62424ea Filesystem access.
pkgs/python/[email protected]/scripts/render_adoc.py:252
        with open(path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #f14b8e14f8ef08e8 Filesystem access.
pkgs/python/[email protected]/scripts/render_adoc.py:258
    with open(manifest, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2cd2c033e05b4c09 Environment-variable access.
pkgs/python/[email protected]/src/bedrock_agentcore/_utils/endpoints.py:8
DP_ENDPOINT_OVERRIDE = os.getenv("BEDROCK_AGENTCORE_DP_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #05a144227e2d94ec Environment-variable access.
pkgs/python/[email protected]/src/bedrock_agentcore/_utils/endpoints.py:9
CP_ENDPOINT_OVERRIDE = os.getenv("BEDROCK_AGENTCORE_CP_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #188a22bdff7907b1 Environment-variable access.
pkgs/python/[email protected]/src/bedrock_agentcore/_utils/endpoints.py:10
DEFAULT_REGION = os.getenv("AWS_REGION") or os.getenv("AWS_DEFAULT_REGION") or "us-west-2"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c67ef2f364b2f38b Filesystem access.
pkgs/python/[email protected]/src/bedrock_agentcore/evaluation/runner/dataset_providers.py:74
            with open(self._file_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1cb5781bc91eef08 Filesystem access.
pkgs/python/[email protected]/src/bedrock_agentcore/evaluation/runner/dataset_providers.py:77
            with open(self._file_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #8aa61524d4003677 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/bedrock_agentcore/evaluation/runner/dataset_providers.py:139
            r = requests.get(download_url, timeout=60, stream=True)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #df93d59904ea478f Environment-variable access.
pkgs/python/[email protected]/src/bedrock_agentcore/identity/auth.py:290
        if os.getenv("DOCKER_CONTAINER") == "1":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #37ca6d12a075d53e Filesystem access.
pkgs/python/[email protected]/src/bedrock_agentcore/identity/auth.py:310
            with open(config_path, "r", encoding="utf-8") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f59aecbe6f4338a2 Filesystem access.
pkgs/python/[email protected]/src/bedrock_agentcore/identity/auth.py:331
        with open(config_path, "w", encoding="utf-8") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f983ada1d6671394 Environment-variable access.
pkgs/python/[email protected]/src/bedrock_agentcore/identity/auth.py:340
    region_env = os.getenv("AWS_REGION", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b928346a3ee0d2a6 Environment-variable access.
pkgs/python/[email protected]/src/bedrock_agentcore/memory/controlplane.py:37
        service_name = os.getenv("BEDROCK_AGENTCORE_CONTROL_SERVICE", "bedrock-agentcore-control")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bcb0a92121dbf08d Environment-variable access.
pkgs/python/[email protected]/src/bedrock_agentcore/memory/controlplane.py:39
        control_endpoint = os.getenv("BEDROCK_AGENTCORE_CONTROL_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #da22f0a0d10dc041 Environment-variable access.
pkgs/python/[email protected]/src/bedrock_agentcore/memory/session.py:179
            region_name or session_region or os.environ.get("AWS_REGION") or boto3.Session().region_name or "us-west-2"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #bd69e9351ef45ab0 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/bedrock_agentcore/payments/integrations/langgraph/tools.py:44
                    resp = client.request(method_upper, url, headers=request_headers)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #3fe9879c8ca1da7b Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/bedrock_agentcore/payments/integrations/langgraph/tools.py:46
                    resp = client.request(method_upper, url, headers=request_headers, content=body)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #0b13273c325f01c1 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/bedrock_agentcore/payments/integrations/langgraph/tools.py:48
                    resp = client.request(method_upper, url, headers=request_headers, json=body)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #db3a4b60d00863ef Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/bedrock_agentcore/payments/integrations/strands/plugin.py:799
                    resp = client.request(method_upper, url, headers=request_headers)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #e3c168883f6bd538 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/bedrock_agentcore/payments/integrations/strands/plugin.py:801
                    resp = client.request(method_upper, url, headers=request_headers, content=body)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #8c2bb26721a1f1fa Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/bedrock_agentcore/payments/integrations/strands/plugin.py:803
                    resp = client.request(method_upper, url, headers=request_headers, json=body)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #dfdcdf3cba44866a Environment-variable access.
pkgs/python/[email protected]/src/bedrock_agentcore/payments/manager.py:316
            region_name or session_region or os.environ.get("AWS_REGION") or boto3.Session().region_name or "us-west-2"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c49c64dcead7f754 Environment-variable access.
pkgs/python/[email protected]/src/bedrock_agentcore/runtime/a2a.py:217
    runtime_url = os.environ.get(AGENTCORE_RUNTIME_URL_ENV, "http://localhost:9000/")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9ad0c8dd5f3d3eaf Environment-variable access.
pkgs/python/[email protected]/src/bedrock_agentcore/runtime/a2a.py:221
    elif os.environ.get(AGENTCORE_RUNTIME_URL_ENV):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #89bc1f06fcce611b Environment-variable access.
pkgs/python/[email protected]/src/bedrock_agentcore/runtime/a2a.py:297
        if os.path.exists("/.dockerenv") or os.environ.get("DOCKER_CONTAINER"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #51c65fa4c690246c Environment-variable access.
pkgs/python/[email protected]/src/bedrock_agentcore/runtime/ag_ui.py:139
            if os.path.exists("/.dockerenv") or os.environ.get("DOCKER_CONTAINER"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4e6813fe719ff78a Environment-variable access.
pkgs/python/[email protected]/src/bedrock_agentcore/runtime/app.py:83
        otel_attrs = os.environ.get("OTEL_RESOURCE_ATTRIBUTES", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ff8d659d261eae71 Environment-variable access.
pkgs/python/[email protected]/src/bedrock_agentcore/runtime/app.py:658
            if os.path.exists("/.dockerenv") or os.environ.get("DOCKER_CONTAINER"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9ba74b3801f930ca Filesystem access.
pkgs/python/[email protected]/tests_integ/async/interactive_async_strands.py:159
            with open(self.result_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #91abeca5c5bc141a Filesystem access.
pkgs/python/[email protected]/tests_integ/async/interactive_async_strands.py:211
            with open(processor.result_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e055e5be6f64f320 Filesystem access.
pkgs/python/[email protected]/tests_integ/async/interactive_async_strands.py:333
        with open(result_file, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #3f1e375b0a714de1 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/tests_integ/async/test_async_status_example.py:26
            response = self.session.get(f"{self.base_url}/ping")

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #d97802801f2a466a Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/tests_integ/async/test_async_status_example.py:53
            response = self.session.post(f"{self.base_url}/invocations", json=payload)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #a433f652b033fb31 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/tests_integ/async/test_async_status_example.py:81
            response = self.session.post(f"{self.base_url}/invocations", json=request_payload)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #cba117f8e62bb7bf Environment-variable access.
pkgs/python/[email protected]/tests_integ/evaluation/integrations/strands_agents_evals/test_strands_evaluation.py:20
REGION = os.environ.get("BEDROCK_TEST_REGION", "us-west-2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0685fcc67df5b0e0 Environment-variable access.
pkgs/python/[email protected]/tests_integ/evaluation/integrations/strands_agents_evals/test_strands_evaluation.py:42
        cls.region = os.environ.get("BEDROCK_TEST_REGION", "us-west-2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ccf1affbda33449c Environment-variable access.
pkgs/python/[email protected]/tests_integ/evaluation/test_dataset_client.py:22
        cls.region = os.environ.get("BEDROCK_TEST_REGION", "us-west-2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6cb5a661649ae5ac Environment-variable access.
pkgs/python/[email protected]/tests_integ/evaluation/test_dataset_client.py:53
        cls.region = os.environ.get("BEDROCK_TEST_REGION", "us-west-2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cfa1fef05f4fda05 Environment-variable access.
pkgs/python/[email protected]/tests_integ/evaluation/test_evaluation_passthrough.py:18
        cls.region = os.environ.get("BEDROCK_TEST_REGION", "us-west-2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0cdc68a9ae024034 Environment-variable access.
pkgs/python/[email protected]/tests_integ/evaluation/test_evaluation_passthrough.py:54
        cls.region = os.environ.get("BEDROCK_TEST_REGION", "us-west-2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b109f6f2c1f08627 Environment-variable access.
pkgs/python/[email protected]/tests_integ/evaluation/test_evaluation_passthrough.py:131
        cls.region = os.environ.get("BEDROCK_TEST_REGION", "us-west-2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9d5c480949ea03c7 Environment-variable access.
pkgs/python/[email protected]/tests_integ/evaluation/test_evaluation_passthrough.py:132
        cls.role_arn = os.environ.get("EVAL_ROLE_ARN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #891da400fd942d4c Environment-variable access.
pkgs/python/[email protected]/tests_integ/evaluation/test_evaluation_passthrough.py:133
        cls.log_group = os.environ.get("EVAL_LOG_GROUP")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #91fdf91e60cc77af Environment-variable access.
pkgs/python/[email protected]/tests_integ/evaluation/test_runners_with_service_dataset.py:33
RUNTIME_ARN = os.environ.get("INTEG_AGENT_RUNTIME_ARN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0e0f49b61a31657f Environment-variable access.
pkgs/python/[email protected]/tests_integ/evaluation/test_runners_with_service_dataset.py:34
REGION = RUNTIME_ARN.split(":")[3] if RUNTIME_ARN else os.environ.get("BEDROCK_TEST_REGION", "us-west-2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #878b0b0204ea5a6a Environment-variable access.
pkgs/python/[email protected]/tests_integ/evaluation/test_runners_with_service_dataset.py:68
        cls.log_group = os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8ff7c0692b3b7d1f Environment-variable access.
pkgs/python/[email protected]/tests_integ/evaluation/test_runners_with_service_dataset.py:68
        cls.log_group = os.environ.get(
            "INTEG_AGENT_LOG_GROUP",
            f"/aws/bedrock-agentcore/runtimes/{cls.runtime_id}-DEFAULT",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d539bd334c65edb1 Environment-variable access.
pkgs/python/[email protected]/tests_integ/evaluation/test_service_dataset_provider.py:30
        cls.region = os.environ.get("BEDROCK_TEST_REGION", "us-west-2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8a720f85998fa78e Environment-variable access.
pkgs/python/[email protected]/tests_integ/gateway/integrations/test_agentcore_tool_search_plugin.py:157
        cls.region = os.environ.get("BEDROCK_TEST_REGION", "us-west-2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #aaaebcdc6eb9622b Environment-variable access.
pkgs/python/[email protected]/tests_integ/gateway/integrations/test_agentcore_tool_search_plugin.py:158
        cls.role_arn = os.environ.get("GATEWAY_ROLE_ARN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7db8428145cf9e18 Environment-variable access.
pkgs/python/[email protected]/tests_integ/gateway/integrations/test_agentcore_tool_search_plugin.py:159
        cls.lambda_arn = os.environ.get("GATEWAY_LAMBDA_ARN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d7b3488c5eb3f717 Environment-variable access.
pkgs/python/[email protected]/tests_integ/gateway/integrations/test_agentcore_tool_search_plugin.py:432
        cls.region = os.environ.get("BEDROCK_TEST_REGION", "us-west-2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d2d58219fc8e63e2 Environment-variable access.
pkgs/python/[email protected]/tests_integ/gateway/test_gateway_client.py:23
        cls.region = os.environ.get("BEDROCK_TEST_REGION", "us-west-2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #92662bd42f19adfc Environment-variable access.
pkgs/python/[email protected]/tests_integ/gateway/test_gateway_client.py:24
        cls.role_arn = os.environ.get("GATEWAY_ROLE_ARN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dfeb8a913338421a Environment-variable access.
pkgs/python/[email protected]/tests_integ/gateway/test_gateway_client.py:127
        cls.region = os.environ.get("BEDROCK_TEST_REGION", "us-west-2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #671d48437da979eb Environment-variable access.
pkgs/python/[email protected]/tests_integ/gateway/test_gateway_client.py:128
        cls.role_arn = os.environ.get("GATEWAY_ROLE_ARN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ff59d2416ea16660 Environment-variable access.
pkgs/python/[email protected]/tests_integ/gateway/test_gateway_client.py:129
        cls.lambda_arn = os.environ.get("GATEWAY_LAMBDA_ARN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fa934904f6aa7a63 Environment-variable access.
pkgs/python/[email protected]/tests_integ/gateway/test_gateway_kb_targets.py:25
        cls.region = os.environ.get("BEDROCK_TEST_REGION", "us-west-2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8a1f9241cc9d0451 Environment-variable access.
pkgs/python/[email protected]/tests_integ/gateway/test_gateway_kb_targets.py:26
        cls.gateway_role_arn = os.environ.get("GATEWAY_ROLE_ARN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6440cc84a8673d45 Environment-variable access.
pkgs/python/[email protected]/tests_integ/gateway/test_gateway_kb_targets.py:27
        cls.kb_role_arn = os.environ.get("KB_ROLE_ARN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #36e879f10545a37f Environment-variable access.
pkgs/python/[email protected]/tests_integ/identity/test_identity_client.py:22
        cls.region = os.environ.get("BEDROCK_TEST_REGION", "us-west-2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b338a7675c9dd3e7 Environment-variable access.
pkgs/python/[email protected]/tests_integ/identity/test_identity_client.py:79
        cls.region = os.environ.get("BEDROCK_TEST_REGION", "us-west-2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fc6aac0d48e96483 Environment-variable access.
pkgs/python/[email protected]/tests_integ/identity/test_identity_client.py:80
        cls.pool_id = os.environ.get("COGNITO_POOL_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8e470362c36a3bf6 Environment-variable access.
pkgs/python/[email protected]/tests_integ/identity/test_identity_client.py:81
        cls.client_id = os.environ.get("COGNITO_CLIENT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f639323749acf77b Environment-variable access.
pkgs/python/[email protected]/tests_integ/identity/test_identity_client.py:82
        cls.client_secret = os.environ.get("COGNITO_CLIENT_SECRET")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #292e5a205bd8fc6d Environment-variable access.
pkgs/python/[email protected]/tests_integ/knowledge_base/test_knowledge_base_client.py:25
        cls.region = os.environ.get("BEDROCK_TEST_REGION", "us-east-1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5d56d0540c77de7d Environment-variable access.
pkgs/python/[email protected]/tests_integ/knowledge_base/test_knowledge_base_client.py:26
        cls.role_arn = os.environ.get("KB_ROLE_ARN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #512a01b4d560c493 Environment-variable access.
pkgs/python/[email protected]/tests_integ/memory/integrations/test_session_manager.py:32
REGION = os.environ.get("BEDROCK_TEST_REGION", "us-east-1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8563203dd45a6673 Environment-variable access.
pkgs/python/[email protected]/tests_integ/memory/integrations/test_session_manager.py:42
        cls.region = os.environ.get("BEDROCK_TEST_REGION", "us-east-1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8f41991e9d641057 Environment-variable access.
pkgs/python/[email protected]/tests_integ/memory/test_controlplane.py:17
        cls.region = os.environ.get("BEDROCK_TEST_REGION", "us-west-2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5823aea12ad2acaa Environment-variable access.
pkgs/python/[email protected]/tests_integ/memory/test_memory_client.py:32
        cls.kinesis_stream_arn = os.environ.get("MEMORY_KINESIS_ARN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c5bd6cde7adaf44c Environment-variable access.
pkgs/python/[email protected]/tests_integ/memory/test_memory_client.py:33
        cls.execution_role_arn = os.environ.get("MEMORY_ROLE_ARN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #25a567f08b52ca34 Environment-variable access.
pkgs/python/[email protected]/tests_integ/memory/test_memory_client.py:38
        cls.prepopulated_memory_id = os.environ.get("MEMORY_PREPOPULATED_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a2eefa84834c0bd2 Environment-variable access.
pkgs/python/[email protected]/tests_integ/memory/test_memory_client.py:39
        cls.prepopulated_actor_id = os.environ.get("MEMORY_PREPOPULATED_ACTOR_ID", "integ-test-actor")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d30f5a04ac9ec436 Environment-variable access.
pkgs/python/[email protected]/tests_integ/memory/test_memory_client.py:40
        cls.prepopulated_session_id = os.environ.get("MEMORY_PREPOPULATED_SESSION_ID", "integ-test-session")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #acac747c93416a1d Environment-variable access.
pkgs/python/[email protected]/tests_integ/memory/test_memory_client.py:44
        cls.region = os.environ.get("BEDROCK_TEST_REGION", "us-west-2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0686a43336fbdaef Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_payment_tools_integration.py:38
        cls.region = os.environ.get("BEDROCK_TEST_REGION", "us-west-2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6a0820ea7c499344 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_payment_tools_integration.py:39
        cls.user_id = os.environ.get("TEST_USER_ID", f"test-user-{uuid.uuid4().hex[:8]}")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #308a53105031015e Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_payment_tools_integration.py:40
        cls.payment_manager_arn = os.environ.get("TEST_PAYMENT_MANAGER_ARN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #97e3e5386572235d Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_payment_tools_integration.py:41
        cls.payment_instrument_id = os.environ.get("TEST_PAYMENT_INSTRUMENT_ID", "payment-instrument-abcdefghijklmno")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #62c0eb7397b0ef03 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_payment_tools_integration.py:42
        cls.payment_session_id = os.environ.get("TEST_PAYMENT_SESSION_ID", "payment-session-abcdefghijklmno")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0fad247cf6ffe209 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_payment_tools_integration.py:191
        cls.region = os.environ.get("BEDROCK_TEST_REGION", "us-west-2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #71df45acc72ef63a Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_payment_tools_integration.py:192
        cls.user_id = os.environ.get("TEST_USER_ID", f"test-user-{uuid.uuid4().hex[:8]}")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f2108dda5a531bea Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_payment_tools_integration.py:193
        cls.payment_manager_arn = os.environ.get("TEST_PAYMENT_MANAGER_ARN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f6e82111b516b98a Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_payment_tools_integration.py:194
        cls.payment_instrument_id = os.environ.get("TEST_PAYMENT_INSTRUMENT_ID", "payment-instrument-abcdefghijklmno")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a438c31e8f7450a8 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_payment_tools_integration.py:195
        cls.payment_session_id = os.environ.get("TEST_PAYMENT_SESSION_ID", "payment-session-abcdefghijklmno")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8bfba01a292566bc Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_payment_tools_integration.py:286
        cls.region = os.environ.get("BEDROCK_TEST_REGION", "us-west-2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3d96425ad85a35ce Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_payment_tools_integration.py:287
        cls.user_id = os.environ.get("TEST_USER_ID", f"test-user-{uuid.uuid4().hex[:8]}")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6823f281ae7e3ac2 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_payment_tools_integration.py:288
        cls.payment_manager_arn = os.environ.get("TEST_PAYMENT_MANAGER_ARN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #85fbb7fa9e2256ed Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_payment_tools_integration.py:289
        cls.payment_instrument_id = os.environ.get("TEST_PAYMENT_INSTRUMENT_ID", "payment-instrument-abcdefghijklmno")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c5030b88b2b75923 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_payment_tools_integration.py:290
        cls.payment_session_id = os.environ.get("TEST_PAYMENT_SESSION_ID", "payment-session-abcdefghijklmno")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8d7375dbf167775c Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_plugin_integration.py:38
        cls.region = os.environ.get("BEDROCK_TEST_REGION", "us-west-2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #858c1ac163fcfc39 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_plugin_integration.py:39
        cls.user_id = os.environ.get("TEST_USER_ID", f"test-user-{uuid.uuid4().hex[:8]}")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5d2969c3017499d9 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_plugin_integration.py:81
                        instrument_id = os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6de166659b2fe8e1 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_plugin_integration.py:81
                        instrument_id = os.environ.get(
                            "TEST_PAYMENT_INSTRUMENT_ID", "payment-instrument-abcdefghijklmno"
                        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #857c3b02853965ae Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_plugin_integration.py:101
                        session_id = os.environ.get("TEST_PAYMENT_SESSION_ID", "payment-session-abcdefghijklmno")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e9bdded37f5fef4e Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_plugin_integration.py:118
                        session_id = os.environ.get("TEST_PAYMENT_SESSION_ID", "payment-session-abcdefghijklmno")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #28765f3a5fdfba55 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_plugin_integration.py:149
            payment_manager_arn=os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #30b77979fde4568f Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_plugin_integration.py:149
            payment_manager_arn=os.environ.get(
                "TEST_PAYMENT_MANAGER_ARN",
                "arn:aws:bedrock-agentcore:us-west-2:12345678910:payment-manager/mypaymentmanager-cyrc25gr4c",
            ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #99c8beee901e3420 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_plugin_integration.py:154
            payment_session_id=os.environ.get("TEST_PAYMENT_SESSION_ID", "payment-session-bWOGg4z2irAGbzA"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9304873b6cf16964 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_plugin_integration.py:155
            payment_instrument_id=os.environ.get("TEST_PAYMENT_INSTRUMENT_ID", "payment-instrument-vnL29CKAdyESdQ7"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #471e46e9b9f5a984 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_plugin_integration.py:194
        payment_manager_arn = os.environ.get("TEST_PAYMENT_MANAGER_ARN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #941a07a6ad249411 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_plugin_integration.py:425
        cls.region = os.environ.get("BEDROCK_TEST_REGION", "us-west-2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cb77415d1b1850a1 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_plugin_integration.py:426
        cls.user_id = os.environ.get("TEST_USER_ID", f"test-user-{uuid.uuid4().hex[:8]}")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2bac2d83e289c43a Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_plugin_integration.py:458
        payment_manager_arn = os.environ.get("TEST_PAYMENT_MANAGER_ARN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cf374c59a6bc546a Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_plugin_integration.py:468
            payment_instrument_id=os.environ.get("TEST_PAYMENT_INSTRUMENT_ID", "payment-instrument-test123"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e6986d82c31402af Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_plugin_integration.py:469
            payment_session_id=os.environ.get("TEST_PAYMENT_SESSION_ID", "payment-session-test456"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #38b14693ff66c154 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_plugin_integration.py:645
        cls.region = os.environ.get("BEDROCK_TEST_REGION", "us-west-2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3d3254a3dedb5571 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_plugin_integration.py:646
        cls.user_id = os.environ.get("TEST_USER_ID", f"test-user-{uuid.uuid4().hex[:8]}")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4fa19d1a683dbe71 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_plugin_integration.py:651
            payment_manager_arn=os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f86438e28db23bd1 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_plugin_integration.py:651
            payment_manager_arn=os.environ.get(
                "TEST_PAYMENT_MANAGER_ARN",
                "arn:aws:bedrock-agentcore:us-west-2:12345678910:payment-manager/mypaymentmanager-cyrc25gr4c",
            ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6b7f89e88073be15 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_plugin_integration.py:656
            payment_session_id=os.environ.get("TEST_PAYMENT_SESSION_ID", "payment-session-bWOGg4z2irAGbzA"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0b2a96c4c38ac344 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_plugin_integration.py:657
            payment_instrument_id=os.environ.get("TEST_PAYMENT_INSTRUMENT_ID", "payment-instrument-vnL29CKAdyESdQ7"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #677393e671766826 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_plugin_integration.py:670
            payment_manager_arn=os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #48abbcb72697ee36 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_plugin_integration.py:670
            payment_manager_arn=os.environ.get(
                "TEST_PAYMENT_MANAGER_ARN",
                "arn:aws:bedrock-agentcore:us-west-2:12345678910:payment-manager/mypaymentmanager-cyrc25gr4c",
            ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #20f8f5cfc85e76a1 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_plugin_integration.py:675
            payment_session_id=os.environ.get("TEST_PAYMENT_SESSION_ID", "payment-session-bWOGg4z2irAGbzA"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #890d7c3d3de03c44 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_plugin_integration.py:676
            payment_instrument_id=os.environ.get("TEST_PAYMENT_INSTRUMENT_ID", "payment-instrument-vnL29CKAdyESdQ7"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #26a5ba3f3f90ce4e Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_plugin_integration.py:692
            payment_manager_arn=os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f26f40d61bb90288 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_plugin_integration.py:692
            payment_manager_arn=os.environ.get(
                "TEST_PAYMENT_MANAGER_ARN",
                "arn:aws:bedrock-agentcore:us-west-2:12345678910:payment-manager/mypaymentmanager-cyrc25gr4c",
            ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8d89b43ccb9fb5e3 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_plugin_integration.py:697
            payment_session_id=os.environ.get("TEST_PAYMENT_SESSION_ID", "payment-session-bWOGg4z2irAGbzA"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1adb6c72db6c9342 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_plugin_integration.py:698
            payment_instrument_id=os.environ.get("TEST_PAYMENT_INSTRUMENT_ID", "payment-instrument-vnL29CKAdyESdQ7"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #303881df05a762de Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_plugin_integration.py:730
        cls.region = os.environ.get("BEDROCK_TEST_REGION", "us-west-2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #76fb276587609b3a Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/integrations/strands/test_plugin_integration.py:731
        cls.user_id = os.environ.get("TEST_USER_ID", f"test-user-{uuid.uuid4().hex[:8]}")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #80f982eacdd32374 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/test_payment_client.py:66
        cls.region = os.environ.get("BEDROCK_TEST_REGION", "us-west-2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8bb8d101f952aedc Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/test_payment_client.py:67
        cls.role_arn = os.environ.get("RUNTIME_ROLE_ARN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #15b9cc1f4ce67050 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/test_payment_client.py:271
        cls.region = os.environ.get("BEDROCK_TEST_REGION", "us-west-2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b4d5ac6f7eea7895 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/test_payment_client.py:280
        cls.api_key_secret = os.environ.get("PAYMENT_TEST_API_KEY_SECRET")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #79de8f01d3508ad1 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/test_payment_client.py:281
        cls.wallet_secret = os.environ.get("PAYMENT_TEST_WALLET_SECRET")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #adc24b1313c1556c Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/test_payment_client.py:283
        cls.role_arn = os.environ.get("RUNTIME_ROLE_ARN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b897633f20d8db72 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/test_payment_manager.py:64
        cls.region = os.environ.get("BEDROCK_TEST_REGION", "us-west-2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c891bd817a008840 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/test_payment_manager.py:66
        cls.payment_manager_arn = os.environ.get("TEST_PAYMENT_MANAGER_ARN", default_arn)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c75f7da59fd0c3e1 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/test_payment_manager.py:67
        cls.payment_connector_id = os.environ.get("TEST_PAYMENT_CONNECTOR_ID", "pc-test")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4cc4b8d4982e7d2f Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/test_payment_manager.py:68
        cls.user_id = os.environ.get("TEST_USER_ID", f"test-user-{uuid.uuid4().hex[:8]}")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #73a20d1b8d64dacf Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/test_payment_manager.py:99
        cls.region = os.environ.get("BEDROCK_TEST_REGION", "us-west-2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #003f1aca45f182e6 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/test_payment_manager.py:100
        cls.payment_manager_arn = os.environ.get("TEST_PAYMENT_MANAGER_ARN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7f54573d4ceaa8ca Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/test_payment_manager.py:101
        cls.payment_connector_id = os.environ.get("TEST_PAYMENT_CONNECTOR_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #60c6f2f469af0f6e Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/test_payment_manager.py:102
        cls.user_id = os.environ.get("TEST_USER_ID", f"test-user-{uuid.uuid4().hex[:8]}")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c4f708b4b2d5b527 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/test_payment_manager.py:126
        not os.environ.get("TEST_PAYMENT_MANAGER_ARN"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #62b97835dea345d0 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/test_payment_manager.py:188
        not os.environ.get("TEST_PAYMENT_MANAGER_ARN"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6e2ef8e059101975 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/test_payment_manager.py:220
        not os.environ.get("TEST_PAYMENT_MANAGER_ARN"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #463dbe56730e3d4b Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/test_payment_manager.py:238
        cls.region = os.environ.get("BEDROCK_TEST_REGION", "us-west-2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a95bfdc4a26e4ec9 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/test_payment_manager.py:239
        cls.payment_manager_arn = os.environ.get("TEST_PAYMENT_MANAGER_ARN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0c0dfbce4fae4e92 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/test_payment_manager.py:240
        cls.payment_connector_id = os.environ.get("TEST_PAYMENT_CONNECTOR_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2335278b2cbe65b0 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/test_payment_manager.py:241
        cls.user_id = os.environ.get("TEST_USER_ID", f"test-user-{uuid.uuid4().hex[:8]}")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6156a7fa3b13ae05 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/test_payment_manager.py:254
        not os.environ.get("TEST_PAYMENT_MANAGER_ARN"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ac9e907aac73e980 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/test_payment_manager.py:271
        not os.environ.get("TEST_PAYMENT_MANAGER_ARN"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #822b8ced33ab99fc Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/test_payment_manager.py:305
        cls.region = os.environ.get("BEDROCK_TEST_REGION", "us-west-2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #680dbb1af692c1d7 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/test_payment_manager.py:306
        cls.payment_manager_arn = os.environ.get("TEST_PAYMENT_MANAGER_ARN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #539200a202dca92f Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/test_payment_manager.py:307
        cls.payment_connector_id = os.environ.get("TEST_PAYMENT_CONNECTOR_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b081c1defab42903 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/test_payment_manager.py:308
        cls.user_id = os.environ.get("TEST_USER_ID", f"test-user-{uuid.uuid4().hex[:8]}")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #720926d7b8cd85f7 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/test_payment_manager.py:390
        not os.environ.get("TEST_PAYMENT_MANAGER_ARN"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6d97223a7576f561 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/test_payment_manager.py:469
        not os.environ.get("TEST_PAYMENT_MANAGER_ARN"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #838c20b89fbad602 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/test_payment_manager.py:554
        not os.environ.get("TEST_PAYMENT_MANAGER_ARN"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d899b5a6bd0213ac Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/test_payment_manager.py:608
        not os.environ.get("TEST_PAYMENT_MANAGER_ARN"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c52e446a5e11a8cd Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/test_payment_manager.py:672
        cls.region = os.environ.get("BEDROCK_TEST_REGION", "us-west-2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c840abf83a04aa11 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/test_payment_manager.py:674
        cls.payment_manager_arn = os.environ.get("TEST_PAYMENT_MANAGER_ARN", default_arn)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6210d5049683f58a Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/test_payment_manager.py:751
        not os.environ.get("TEST_PAYMENT_MANAGER_ARN"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d032da250b0f867f Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/test_payment_manager.py:766
        user_id = os.environ.get("TEST_USER_ID", f"test-user-{uuid.uuid4().hex[:8]}")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #62d727376de6d2f6 Environment-variable access.
pkgs/python/[email protected]/tests_integ/payments/test_payment_manager.py:798
        cls.region = os.environ.get("BEDROCK_TEST_REGION", "us-east-1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #9b50ced24afdab8d Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/tests_integ/payments/test_payment_manager.py:1023
        with urllib.request.urlopen(req) as resp:

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #d706b021ea699a23 Environment-variable access.
pkgs/python/[email protected]/tests_integ/policy/test_policy_engine_client.py:18
        cls.region = os.environ.get("BEDROCK_TEST_REGION", "us-west-2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #044475c68693f57d Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/tests_integ/runtime/http_client.py:34
            return requests.post(url, headers=headers, json=body, timeout=100, stream=True).text

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #7c1b8b3132c756c2 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/tests_integ/runtime/http_client.py:44
            return requests.get(url, timeout=2).text

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #15b78b3e19db4610 Environment-variable access.
pkgs/python/[email protected]/tests_integ/runtime/test_runtime_passthrough.py:24
        cls.region = os.environ.get("BEDROCK_TEST_REGION", "us-west-2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fbfae2f138cf5329 Environment-variable access.
pkgs/python/[email protected]/tests_integ/runtime/test_runtime_passthrough.py:52
        cls.region = os.environ.get("BEDROCK_TEST_REGION", "us-west-2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b72a4dc5cbcd1c23 Environment-variable access.
pkgs/python/[email protected]/tests_integ/runtime/test_runtime_passthrough.py:53
        cls.role_arn = os.environ.get("RUNTIME_ROLE_ARN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8fcfd64a1fe7ad0e Environment-variable access.
pkgs/python/[email protected]/tests_integ/runtime/test_runtime_passthrough.py:54
        cls.s3_code_uri = os.environ.get("RUNTIME_S3_CODE_URI")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f50ebc9d7ac4cdec Filesystem access.
pkgs/python/[email protected]/tests_integ/runtime/test_simple_agent.py:13
        with open(self.agent_module + ".py", "w") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #72b38ce0f7c0c26a Filesystem access.
pkgs/python/[email protected]/tests_integ/runtime/test_websocket_agent.py:18
        with open(self.agent_module + ".py", "w") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #eadb34683bb1782b Environment-variable access.
pkgs/python/[email protected]/tests_integ/services/test_resource_policy.py:45
        cls.resource_arn = os.environ.get("RESOURCE_POLICY_TEST_ARN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fda5a1f2c11b9a22 Environment-variable access.
pkgs/python/[email protected]/tests_integ/services/test_resource_policy.py:46
        cls.principal_arn = os.environ.get("RESOURCE_POLICY_TEST_PRINCIPAL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5ee6c16bd58d6a25 Environment-variable access.
pkgs/python/[email protected]/tests_integ/services/test_resource_policy.py:47
        cls.region = os.environ.get("BEDROCK_TEST_REGION", "us-west-2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #70992290b02e118f Environment-variable access.
pkgs/python/[email protected]/tests_integ/tools/test_code.py:236
secret_arn = os.environ.get("TEST_ROOT_CA_SECRET_ARN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #888680d5c0ea2dcd Environment-variable access.
pkgs/python/[email protected]/tests_integ/tools/test_code.py:237
execution_role_arn = os.environ.get("TEST_EXECUTION_ROLE_ARN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #469b2c0bfe89d12b Environment-variable access.
pkgs/python/[email protected]/tests_integ/tools/test_code_interpreter_client.py:40
        cls.region = os.environ.get("BEDROCK_TEST_REGION", "us-east-1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

crewai-core

python dependency
medium telemetry dependency Excluded from app score #46371d4fc3dc3e39 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/crewai_core/telemetry.py:22
from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1e5c454f602dc119 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/crewai_core/telemetry.py:23
from opentelemetry.exporter.otlp.proto.http.trace_exporter import OTLPSpanExporter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9ec935366bbbcb5a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/crewai_core/telemetry.py:24
from opentelemetry.sdk.resources import SERVICE_NAME, Resource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9d6cb46d6d24fb25 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/crewai_core/telemetry.py:25
from opentelemetry.sdk.trace import TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f398f062be753b3b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/crewai_core/telemetry.py:26
from opentelemetry.sdk.trace.export import (
    BatchSpanProcessor,
    SpanExportResult,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d3d7de1a860dc424 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/crewai_core/telemetry.py:30
from opentelemetry.trace import ProxyTracerProvider, Span, Status, StatusCode

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

expand_more 24 low-confidence finding(s)
low egress dependency Excluded from app score #75354d36a723d9a7 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_core/auth/oauth2.py:139
            response = httpx.post(
                self.oauth2_provider.get_token_url(), data=token_payload, timeout=30
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #5490a8b7d1dd5011 Environment-variable access.
pkgs/python/[email protected]/src/crewai_core/lock_store.py:33
_REDIS_URL: str | None = os.environ.get("REDIS_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9e38c711a82c923e Environment-variable access.
pkgs/python/[email protected]/src/crewai_core/paths.py:13
    return os.environ.get("CREWAI_STORAGE_DIR", Path.cwd().name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f734e217bf261a67 Environment-variable access.
pkgs/python/[email protected]/src/crewai_core/plus_api.py:175
            or os.getenv("CREWAI_PLUS_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #28b205b857b08512 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_core/plus_api.py:199
            return client.request(method, url, **request_kwargs)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #966fc39297cd67a9 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_core/plus_api.py:229
            return client.request(method, url, files=files, **request_kwargs)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #1074e64a94060cab Filesystem access.
pkgs/python/[email protected]/src/crewai_core/project.py:26
    with open(file_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #497585df0235140a Filesystem access.
pkgs/python/[email protected]/src/crewai_core/project.py:163
        with open(pyproject_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #511a180dc4c0ee4a Filesystem access.
pkgs/python/[email protected]/src/crewai_core/settings.py:97
                test_file.write_text("test")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0b1ca20a1e6ae775 Environment-variable access.
pkgs/python/[email protected]/src/crewai_core/telemetry.py:125
            os.getenv("OTEL_SDK_DISABLED", "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #831340b383c41ae8 Environment-variable access.
pkgs/python/[email protected]/src/crewai_core/telemetry.py:126
            or os.getenv("CREWAI_DISABLE_TELEMETRY", "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fd16bc171e456ab9 Environment-variable access.
pkgs/python/[email protected]/src/crewai_core/telemetry.py:127
            or os.getenv("CREWAI_DISABLE_TRACKING", "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #521c6c6d247339e0 Environment-variable access.
pkgs/python/[email protected]/src/crewai_core/token_manager.py:88
            base_path = os.environ.get("LOCALAPPDATA")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5615f8404c56a329 Filesystem access.
pkgs/python/[email protected]/src/crewai_core/token_manager.py:150
            with open(file_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bdf8535c3db4d4da Environment-variable access.
pkgs/python/[email protected]/src/crewai_core/tool_credentials.py:24
    env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #676e97af84ba787a Environment-variable access.
pkgs/python/[email protected]/src/crewai_core/tool_credentials.py:42
    env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d79e993df15bbb65 Filesystem access.
pkgs/python/[email protected]/src/crewai_core/user_data.py:39
            return cast(dict[str, Any], json.loads(p.read_text()))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fbb78dc181c710e5 Filesystem access.
pkgs/python/[email protected]/src/crewai_core/user_data.py:49
        p.write_text(json.dumps(data, indent=2))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #962c7330f4eef2f9 Environment-variable access.
pkgs/python/[email protected]/src/crewai_core/user_data.py:86
    if os.getenv("CREWAI_TRACING_ENABLED", "false").lower() in ("true", "1"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4697bcbc2c3a62db Filesystem access.
pkgs/python/[email protected]/src/crewai_core/version.py:117
            cache_data = json.loads(cache_file.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #b959553b80ac06d7 Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_core/version.py:125
        with request.urlopen(
            "https://pypi.org/pypi/crewai/json", timeout=timeout
        ) as response:

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #78419afec1ede76a Filesystem access.
pkgs/python/[email protected]/src/crewai_core/version.py:142
            cache_file.write_text(json.dumps(cache_data))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0ac04750db022f83 Filesystem access.
pkgs/python/[email protected]/src/crewai_core/version.py:154
            cache_data = json.loads(cache_file.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b5323b340e1759f2 Filesystem access.
pkgs/python/[email protected]/src/crewai_core/version.py:168
        cache_data = json.loads(cache_file.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

mem0ai

python dependency
medium pii_flow dependency Excluded from app score #04385a451867e45b A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/mem0/client/main.py:133 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/mem0/client/main.py:110 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/mem0/client/main.py:133
            self.client = httpx.Client(
                base_url=self.host,
                headers={
                    "Authorization": f"Token {self.api_key}",
                    "Mem0-User-ID": self.user_id,
                },
                timeout=300,
            )

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

medium pii_flow dependency Excluded from app score #d12c51729d837b1f A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/mem0/client/main.py:1025 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/mem0/client/main.py:1002 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/mem0/client/main.py:1025
            self.async_client = httpx.AsyncClient(
                base_url=self.host,
                headers={
                    "Authorization": f"Token {self.api_key}",
                    "Mem0-User-ID": self.user_id,
                },
                timeout=300,
            )

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

medium pii_flow dependency Excluded from app score #11580cf0e7f0d64f A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/mem0/client/main.py:1051 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/mem0/client/main.py:1054 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/mem0/client/main.py:1051
            response = requests.get(
                f"{self.host}/v1/ping/",
                headers={
                    "Authorization": f"Token {self.api_key}",
                    "Mem0-User-ID": self.user_id,
                },
                params=params,
            )

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

medium pii_flow dependency Excluded from app score #ba84313e018043de A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/mem0/llms/sarvam.py:81 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/mem0/llms/sarvam.py:47 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/mem0/llms/sarvam.py:81
            response = requests.post(url, headers=headers, json=params, timeout=30)

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

medium telemetry dependency Excluded from app score #51c328019c03d829 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/mem0/memory/telemetry.py:9
from posthog import Posthog

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

expand_more 104 low-confidence finding(s)
low env_fs dependency Excluded from app score #7946cfcedabff862 Environment-variable access.
pkgs/python/[email protected]/mem0/client/main.py:110
        self.api_key = api_key or os.getenv("MEM0_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #c73c479a11b60665 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/mem0/client/main.py:237
        response = self.client.get(f"/v1/memories/{_encode_path_segment(memory_id)}/", params=params)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #70ff9fa2f63d5590 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/mem0/client/main.py:375
        response = self.client.put(f"/v1/memories/{_encode_path_segment(memory_id)}/", json=payload, params=params)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #a2133601f6bbed76 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/mem0/client/main.py:460
        response = self.client.get(f"/v1/memories/{_encode_path_segment(memory_id)}/history/", params=params)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #7ca8bd193edd3363 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/mem0/client/main.py:710
        response = self.client.get(
            f"/api/v1/orgs/organizations/{self.org_id}/projects/{self.project_id}/",
            params=params,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #feff46cdb237f512 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/mem0/client/main.py:821
        response = self.client.get(f"api/v1/webhooks/projects/{project_id}/")

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #4b82af34806f75fa Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/mem0/client/main.py:849
        response = self.client.post(f"api/v1/webhooks/projects/{project_id}/", json=payload)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #c28328e81bdc21b4 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/mem0/client/main.py:883
        response = self.client.put(f"api/v1/webhooks/{webhook_id}/", json=payload)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #2b94e065e52df8a4 Environment-variable access.
pkgs/python/[email protected]/mem0/client/main.py:1002
        self.api_key = api_key or os.getenv("MEM0_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #7d40d1d32c703d05 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/mem0/client/main.py:1051
            response = requests.get(
                f"{self.host}/v1/ping/",
                headers={
                    "Authorization": f"Token {self.api_key}",
                    "Mem0-User-ID": self.user_id,
                },
                params=params,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #d04db15d799159fc Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/mem0/client/main.py:1160
        response = await self.async_client.get(f"/v1/memories/{_encode_path_segment(memory_id)}/", params=params)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #f8c9df4f11df3035 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/mem0/client/main.py:1298
        response = await self.async_client.put(
            f"/v1/memories/{_encode_path_segment(memory_id)}/", json=payload, params=params
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #13b74a1e30c2442a Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/mem0/client/main.py:1380
        response = await self.async_client.get(
            f"/v1/memories/{_encode_path_segment(memory_id)}/history/",
            params=params,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #0de434c32931b6de Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/mem0/client/main.py:1619
        response = await self.async_client.get(
            f"/api/v1/orgs/organizations/{self.org_id}/projects/{self.project_id}/",
            params=params,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #cbb97224138ac498 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/mem0/client/main.py:1726
        response = await self.async_client.get(f"api/v1/webhooks/projects/{project_id}/")

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #fc37588a6f99d379 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/mem0/client/main.py:1754
        response = await self.async_client.post(f"api/v1/webhooks/projects/{project_id}/", json=payload)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #a22ba47a2a381519 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/mem0/client/main.py:1788
        response = await self.async_client.put(f"api/v1/webhooks/{webhook_id}/", json=payload)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #a6a8d505badd09dc Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/mem0/client/project.py:344
        response = self._client.get(
            f"/api/v1/orgs/organizations/{self.config.org_id}/projects/{self.config.project_id}/",
            params=params,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #e6c43f3495163643 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/mem0/client/project.py:382
        response = self._client.post(
            f"/api/v1/orgs/organizations/{self.config.org_id}/projects/",
            json=payload,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #291473041094e1bc Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/mem0/client/project.py:507
        response = self._client.get(
            f"/api/v1/orgs/organizations/{self.config.org_id}/projects/{self.config.project_id}/members/",
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #adca39a259d18bd2 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/mem0/client/project.py:542
        response = self._client.post(
            f"/api/v1/orgs/organizations/{self.config.org_id}/projects/{self.config.project_id}/members/",
            json=payload,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #f1f551d9cb3087e7 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/mem0/client/project.py:578
        response = self._client.put(
            f"/api/v1/orgs/organizations/{self.config.org_id}/projects/{self.config.project_id}/members/",
            json=payload,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #8e9700ca6ca95c11 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/mem0/client/project.py:668
        response = await self._client.get(
            f"/api/v1/orgs/organizations/{self.config.org_id}/projects/{self.config.project_id}/",
            params=params,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #c8791a96dd4ea667 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/mem0/client/project.py:706
        response = await self._client.post(
            f"/api/v1/orgs/organizations/{self.config.org_id}/projects/",
            json=payload,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #d3a098c154869dfa Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/mem0/client/project.py:831
        response = await self._client.get(
            f"/api/v1/orgs/organizations/{self.config.org_id}/projects/{self.config.project_id}/members/",
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #f69cb4f67446e1cc Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/mem0/client/project.py:866
        response = await self._client.post(
            f"/api/v1/orgs/organizations/{self.config.org_id}/projects/{self.config.project_id}/members/",
            json=payload,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #36a28da32e6ec2f9 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/mem0/client/project.py:902
        response = await self._client.put(
            f"/api/v1/orgs/organizations/{self.config.org_id}/projects/{self.config.project_id}/members/",
            json=payload,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #bb6242491a8a1b05 Environment-variable access.
pkgs/python/[email protected]/mem0/configs/base.py:13
mem0_dir = os.environ.get("MEM0_DIR") or os.path.join(home_dir, ".mem0")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ef740ced5533bccc Environment-variable access.
pkgs/python/[email protected]/mem0/configs/embeddings/base.py:111
        self.aws_region = aws_region or os.environ.get("AWS_REGION") or "us-west-2"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4b8abf7bd4bdfba5 Environment-variable access.
pkgs/python/[email protected]/mem0/configs/llms/aws_bedrock.py:58
        self.aws_region = aws_region or os.getenv("AWS_REGION", "us-west-2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b586338d228ac826 Environment-variable access.
pkgs/python/[email protected]/mem0/configs/llms/aws_bedrock.py:101
            config["aws_access_key_id"] = self.aws_access_key_id or os.getenv("AWS_ACCESS_KEY_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c8a7b87d7a2560c4 Environment-variable access.
pkgs/python/[email protected]/mem0/configs/llms/aws_bedrock.py:104
            config["aws_secret_access_key"] = self.aws_secret_access_key or os.getenv("AWS_SECRET_ACCESS_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b6a3f91cb948a7c3 Environment-variable access.
pkgs/python/[email protected]/mem0/configs/llms/aws_bedrock.py:107
            config["aws_session_token"] = self.aws_session_token or os.getenv("AWS_SESSION_TOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5ce132637eb6eeb4 Environment-variable access.
pkgs/python/[email protected]/mem0/configs/llms/aws_bedrock.py:110
            config["profile_name"] = self.aws_profile or os.getenv("AWS_PROFILE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0aa718093393a515 Environment-variable access.
pkgs/python/[email protected]/mem0/configs/llms/gemini.py:61
            vertexai = os.getenv("GOOGLE_GENAI_USE_VERTEXAI", "").lower() in ("true", "1", "yes")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f376c266263fe36f Environment-variable access.
pkgs/python/[email protected]/mem0/configs/llms/gemini.py:63
        self.project = project or os.getenv("GOOGLE_CLOUD_PROJECT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8560a4ee8a88feb7 Environment-variable access.
pkgs/python/[email protected]/mem0/configs/llms/gemini.py:64
        self.location = location or os.getenv("GOOGLE_CLOUD_LOCATION", "us-central1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cdeacf6c66983819 Environment-variable access.
pkgs/python/[email protected]/mem0/configs/vector_stores/pinecone.py:27
        if not api_key and not client and "PINECONE_API_KEY" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #570d982ad29b6545 Environment-variable access.
pkgs/python/[email protected]/mem0/configs/vector_stores/turbopuffer.py:26
        if not api_key and "TURBOPUFFER_API_KEY" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0f722609237d4406 Environment-variable access.
pkgs/python/[email protected]/mem0/configs/vector_stores/upstash_vector.py:27
        url = values.get("url") or os.environ.get("UPSTASH_VECTOR_REST_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6fdfa4e962cc1d94 Environment-variable access.
pkgs/python/[email protected]/mem0/configs/vector_stores/upstash_vector.py:28
        token = values.get("token") or os.environ.get("UPSTASH_VECTOR_REST_TOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #78a4b1508114ea3b Environment-variable access.
pkgs/python/[email protected]/mem0/embeddings/aws_bedrock.py:28
        aws_access_key = os.environ.get("AWS_ACCESS_KEY_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d2bcba16c4b74cab Environment-variable access.
pkgs/python/[email protected]/mem0/embeddings/aws_bedrock.py:29
        aws_secret_key = os.environ.get("AWS_SECRET_ACCESS_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #701aacb756cf0989 Environment-variable access.
pkgs/python/[email protected]/mem0/embeddings/aws_bedrock.py:30
        aws_session_token = os.environ.get("AWS_SESSION_TOKEN", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #90b5f20fee80ef7c Environment-variable access.
pkgs/python/[email protected]/mem0/embeddings/azure_openai.py:17
        api_key = self.config.azure_kwargs.api_key or os.getenv("EMBEDDING_AZURE_OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8d4a0de536c0f673 Environment-variable access.
pkgs/python/[email protected]/mem0/embeddings/azure_openai.py:18
        azure_deployment = self.config.azure_kwargs.azure_deployment or os.getenv("EMBEDDING_AZURE_DEPLOYMENT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3f170fa4c25e8f9b Environment-variable access.
pkgs/python/[email protected]/mem0/embeddings/azure_openai.py:19
        azure_endpoint = self.config.azure_kwargs.azure_endpoint or os.getenv("EMBEDDING_AZURE_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9dff70e34738f6f8 Environment-variable access.
pkgs/python/[email protected]/mem0/embeddings/azure_openai.py:20
        api_version = self.config.azure_kwargs.api_version or os.getenv("EMBEDDING_AZURE_API_VERSION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #43504c1723f64cc6 Environment-variable access.
pkgs/python/[email protected]/mem0/embeddings/gemini.py:18
        api_key = self.config.api_key or os.getenv("GOOGLE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2769b05c781c233a Environment-variable access.
pkgs/python/[email protected]/mem0/embeddings/openai.py:21
        api_key = self.config.api_key or os.getenv("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ec91006284c6ccaa Environment-variable access.
pkgs/python/[email protected]/mem0/embeddings/openai.py:24
            or os.getenv("OPENAI_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ec6547cbfb521055 Environment-variable access.
pkgs/python/[email protected]/mem0/embeddings/openai.py:25
            or os.getenv("OPENAI_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #eda777d0ea7fa95a Environment-variable access.
pkgs/python/[email protected]/mem0/embeddings/openai.py:28
        if os.environ.get("OPENAI_API_BASE"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #34ef2cf329727c03 Environment-variable access.
pkgs/python/[email protected]/mem0/embeddings/together.py:15
        api_key = self.config.api_key or os.getenv("TOGETHER_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f3e5d1ceba6f1021 Environment-variable access.
pkgs/python/[email protected]/mem0/embeddings/vertexai.py:36
                os.environ["GOOGLE_APPLICATION_CREDENTIALS"] = credentials_path

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7aacf96ab05a974f Environment-variable access.
pkgs/python/[email protected]/mem0/embeddings/vertexai.py:37
            elif not os.getenv("GOOGLE_APPLICATION_CREDENTIALS"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3a0dbc0181750f25 Environment-variable access.
pkgs/python/[email protected]/mem0/llms/anthropic.py:40
        api_key = self.config.api_key or os.getenv("ANTHROPIC_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #11525763d0d61ba1 Environment-variable access.
pkgs/python/[email protected]/mem0/llms/anthropic.py:41
        base_url = self.config.anthropic_base_url or os.getenv("ANTHROPIC_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #55d375495dd4a104 Environment-variable access.
pkgs/python/[email protected]/mem0/llms/azure_openai.py:46
        api_key = self.config.azure_kwargs.api_key or os.getenv("LLM_AZURE_OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d998990617c24aeb Environment-variable access.
pkgs/python/[email protected]/mem0/llms/azure_openai.py:47
        azure_deployment = self.config.azure_kwargs.azure_deployment or os.getenv("LLM_AZURE_DEPLOYMENT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f227e04867930204 Environment-variable access.
pkgs/python/[email protected]/mem0/llms/azure_openai.py:48
        azure_endpoint = self.config.azure_kwargs.azure_endpoint or os.getenv("LLM_AZURE_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3b241aa1e19ba689 Environment-variable access.
pkgs/python/[email protected]/mem0/llms/azure_openai.py:49
        api_version = self.config.azure_kwargs.api_version or os.getenv("LLM_AZURE_API_VERSION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #89cbaeff9556ece9 Environment-variable access.
pkgs/python/[email protected]/mem0/llms/azure_openai_structured.py:24
        api_key = self.config.azure_kwargs.api_key or os.getenv("LLM_AZURE_OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bd9c0a338eaac767 Environment-variable access.
pkgs/python/[email protected]/mem0/llms/azure_openai_structured.py:25
        azure_deployment = self.config.azure_kwargs.azure_deployment or os.getenv("LLM_AZURE_DEPLOYMENT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c5fe28ebf4974173 Environment-variable access.
pkgs/python/[email protected]/mem0/llms/azure_openai_structured.py:26
        azure_endpoint = self.config.azure_kwargs.azure_endpoint or os.getenv("LLM_AZURE_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6754abeef8fcc2f2 Environment-variable access.
pkgs/python/[email protected]/mem0/llms/azure_openai_structured.py:27
        api_version = self.config.azure_kwargs.api_version or os.getenv("LLM_AZURE_API_VERSION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #53d87d9af6cd8b6a Environment-variable access.
pkgs/python/[email protected]/mem0/llms/deepseek.py:39
        api_key = self.config.api_key or os.getenv("DEEPSEEK_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6b72ac1d5aee82e2 Environment-variable access.
pkgs/python/[email protected]/mem0/llms/deepseek.py:40
        base_url = self.config.deepseek_base_url or os.getenv("DEEPSEEK_API_BASE") or "https://api.deepseek.com"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1a966dac3286d599 Environment-variable access.
pkgs/python/[email protected]/mem0/llms/gemini.py:42
            api_key = self.config.api_key or os.getenv("GOOGLE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3a85945b087bedeb Environment-variable access.
pkgs/python/[email protected]/mem0/llms/groq.py:25
        api_key = self.config.api_key or os.getenv("GROQ_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #153a813990df22f9 Environment-variable access.
pkgs/python/[email protected]/mem0/llms/minimax.py:39
        api_key = self.config.api_key or os.getenv("MINIMAX_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9fd16cdd085966b3 Environment-variable access.
pkgs/python/[email protected]/mem0/llms/minimax.py:42
            or os.getenv("MINIMAX_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1cd08ab7c161e92c Environment-variable access.
pkgs/python/[email protected]/mem0/llms/openai.py:42
        if os.environ.get("OPENROUTER_API_KEY"):  # Use OpenRouter

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a0d30090003ba9a4 Environment-variable access.
pkgs/python/[email protected]/mem0/llms/openai.py:44
                api_key=os.environ.get("OPENROUTER_API_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b4a98eef1a30f938 Environment-variable access.
pkgs/python/[email protected]/mem0/llms/openai.py:46
                or os.getenv("OPENROUTER_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2c494002e6f3d13a Environment-variable access.
pkgs/python/[email protected]/mem0/llms/openai.py:50
            api_key = self.config.api_key or os.getenv("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bfa2d5bc4f247ac1 Environment-variable access.
pkgs/python/[email protected]/mem0/llms/openai.py:51
            base_url = self.config.openai_base_url or os.getenv("OPENAI_BASE_URL") or "https://api.openai.com/v1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d56d2e2f9f85b6dc Environment-variable access.
pkgs/python/[email protected]/mem0/llms/openai.py:113
        if os.getenv("OPENROUTER_API_KEY"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e50803b6fc501b46 Environment-variable access.
pkgs/python/[email protected]/mem0/llms/openai_structured.py:17
        api_key = self.config.api_key or os.getenv("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #461b8cf260bdbb31 Environment-variable access.
pkgs/python/[email protected]/mem0/llms/openai_structured.py:18
        base_url = self.config.openai_base_url or os.getenv("OPENAI_API_BASE") or "https://api.openai.com/v1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8273d88403f00e73 Environment-variable access.
pkgs/python/[email protected]/mem0/llms/sarvam.py:19
        self.api_key = self.config.api_key or os.getenv("SARVAM_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9b3dc771104ddfe3 Environment-variable access.
pkgs/python/[email protected]/mem0/llms/sarvam.py:28
            getattr(self.config, "sarvam_base_url", None) or os.getenv("SARVAM_API_BASE") or "https://api.sarvam.ai/v1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #dca22f58bca1b2a5 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/mem0/llms/sarvam.py:81
            response = requests.post(url, headers=headers, json=params, timeout=30)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #ac0572ca99254463 Environment-variable access.
pkgs/python/[email protected]/mem0/llms/together.py:22
        api_key = self.config.api_key or os.getenv("TOGETHER_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #92a20e1222258c14 Environment-variable access.
pkgs/python/[email protected]/mem0/llms/vllm.py:39
        self.config.api_key = self.config.api_key or os.getenv("VLLM_API_KEY") or "vllm-api-key"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2af1286a1b0a3ed4 Environment-variable access.
pkgs/python/[email protected]/mem0/llms/vllm.py:40
        base_url = self.config.vllm_base_url or os.getenv("VLLM_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #91defda12dfec160 Environment-variable access.
pkgs/python/[email protected]/mem0/llms/xai.py:39
        api_key = self.config.api_key or os.getenv("XAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dd861e789fa9316d Environment-variable access.
pkgs/python/[email protected]/mem0/llms/xai.py:40
        base_url = self.config.xai_base_url or os.getenv("XAI_API_BASE") or "https://api.x.ai/v1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #055b51376f359c17 Environment-variable access.
pkgs/python/[email protected]/mem0/memory/setup.py:11
mem0_dir = os.environ.get("MEM0_DIR") or os.path.join(home_dir, ".mem0")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #33983a7e8f4a5f5d Filesystem access.
pkgs/python/[email protected]/mem0/memory/setup.py:27
        with open(path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0a90d96bfb5324a2 Environment-variable access.
pkgs/python/[email protected]/mem0/memory/telemetry.py:14
MEM0_TELEMETRY = os.environ.get("MEM0_TELEMETRY", "True")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3fa870756f5856b9 Environment-variable access.
pkgs/python/[email protected]/mem0/memory/telemetry.py:48
MEM0_TELEMETRY_SAMPLE_RATE = _parse_sample_rate(os.environ.get("MEM0_TELEMETRY_SAMPLE_RATE", str(_DEFAULT_SAMPLE_RATE)))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dbb7b6f6c11b76d9 Environment-variable access.
pkgs/python/[email protected]/mem0/reranker/cohere_reranker.py:30
        self.api_key = config.api_key or os.getenv("COHERE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4493526a8728d1b7 Environment-variable access.
pkgs/python/[email protected]/mem0/reranker/zero_entropy_reranker.py:30
        self.api_key = config.api_key or os.getenv("ZERO_ENTROPY_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #82bf2b3640726ecc Filesystem access.
pkgs/python/[email protected]/mem0/utils/gcp_auth.py:60
            with open(credentials_path, 'r') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ecb8ada56232a7f1 Environment-variable access.
pkgs/python/[email protected]/mem0/utils/gcp_auth.py:65
        elif os.getenv("GOOGLE_APPLICATION_CREDENTIALS"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5fd87c4ed4ec7922 Environment-variable access.
pkgs/python/[email protected]/mem0/utils/gcp_auth.py:66
            env_path = os.getenv("GOOGLE_APPLICATION_CREDENTIALS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f7076f0fac3087a8 Filesystem access.
pkgs/python/[email protected]/mem0/utils/gcp_auth.py:72
                with open(env_path, 'r') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c91a5b6e3f7152e9 Environment-variable access.
pkgs/python/[email protected]/mem0/utils/gcp_auth.py:126
        final_project_id = project_id or detected_project_id or os.getenv("GOOGLE_CLOUD_PROJECT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4dfbffcdc61cf68a Filesystem access.
pkgs/python/[email protected]/mem0/vector_stores/faiss.py:76
    with open(file_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ea190dc9a30214e8 Filesystem access.
pkgs/python/[email protected]/mem0/vector_stores/faiss.py:194
                with open(json_docstore_path, "r", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1756548d3c93551f Filesystem access.
pkgs/python/[email protected]/mem0/vector_stores/faiss.py:245
            with open(json_docstore_path, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a649064ef2e202fe Environment-variable access.
pkgs/python/[email protected]/mem0/vector_stores/pinecone.py:61
            api_key = api_key or os.environ.get("PINECONE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #aae7168170c4e0ae Environment-variable access.
pkgs/python/[email protected]/mem0/vector_stores/turbopuffer.py:49
        api_key = api_key or os.environ.get("TURBOPUFFER_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

a2a-sdk

python dependency
medium telemetry dependency Excluded from app score #2b1d2f1a7f03d5ff Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/a2a/utils/telemetry.py:81
    from opentelemetry.trace import (
        SpanKind as SpanKindType,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #eb77c458e6bdeb2d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/a2a/utils/telemetry.py:90
    from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cf8786e353d024fc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/a2a/utils/telemetry.py:91
    from opentelemetry.trace import (
        SpanKind as _SpanKind,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b4f1c5ec22103558 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/a2a/utils/telemetry.py:94
    from opentelemetry.trace import (
        StatusCode,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

expand_more 13 low-confidence finding(s)
low env_fs dependency Excluded from app score #bbdf9197fcd0d5f8 Environment-variable access.
pkgs/python/[email protected]/itk/main.py:55
log_level_str = os.environ.get('ITK_LOG_LEVEL', 'INFO').upper()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #72b0f21a0fc85f00 Environment-variable access.
pkgs/python/[email protected]/src/a2a/a2a_db_cli.py:144
        os.environ['DATABASE_URL'] = db_url

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #a50e7e81989e0a22 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/a2a/client/card_resolver.py:184
            response = await self.httpx_client.get(
                target_url,
                **(http_kwargs or {}),
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #90cbb136a8b24a61 Environment-variable access.
pkgs/python/[email protected]/src/a2a/migrations/env.py:25
db_url = os.getenv('DATABASE_URL')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #d38af1edc98c936c Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/a2a/server/tasks/base_push_notification_sender.py:89
            response = await self._client.post(
                url,
                json=MessageToDict(to_stream_response(event)),
                headers=headers,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #9c1108425742ddf4 Environment-variable access.
pkgs/python/[email protected]/src/a2a/utils/telemetry.py:112
env_value = os.getenv(ENABLED_ENV_VAR, 'true')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5c0e676ca719b4d2 Environment-variable access.
pkgs/python/[email protected]/tck/sut_agent.py:145
    http_port = int(os.environ.get('HTTP_PORT', '41241'))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6f89b4e13790466a Environment-variable access.
pkgs/python/[email protected]/tck/sut_agent.py:147
    grpc_port = int(os.environ.get('GRPC_PORT', '50051'))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d67cca697729b95e Environment-variable access.
pkgs/python/[email protected]/tck/sut_agent_with_vertex_task_store.py:20
    project = os.environ.get('VERTEX_PROJECT')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #932f9260169929eb Environment-variable access.
pkgs/python/[email protected]/tck/sut_agent_with_vertex_task_store.py:21
    location = os.environ.get('VERTEX_LOCATION')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #03182d695aa36e97 Environment-variable access.
pkgs/python/[email protected]/tck/sut_agent_with_vertex_task_store.py:22
    base_url = os.environ.get('VERTEX_BASE_URL')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4250e77321d26dd2 Environment-variable access.
pkgs/python/[email protected]/tck/sut_agent_with_vertex_task_store.py:23
    api_version = os.environ.get('VERTEX_API_VERSION')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b0823857e356a66f Environment-variable access.
pkgs/python/[email protected]/tck/sut_agent_with_vertex_task_store.py:24
    agent_engine_resource_id = os.environ.get('AGENT_ENGINE_RESOURCE_ID')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

e2b

python dependency
medium pii_flow dependency Excluded from app score #024a59bbcb4e4905 A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/e2b/api/client/client.py:232 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/e2b/api/client/client.py:230 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/e2b/api/client/client.py:232
            self._client = httpx.Client(
                base_url=self._base_url,
                cookies=self._cookies,
                headers=self._headers,
                timeout=self._timeout,
                verify=self._verify_ssl,
                follow_redirects=self._follow_redirects,
                **self._httpx_args,
            )

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

medium pii_flow dependency Excluded from app score #eb80d69cab7f040f A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/e2b/api/client/client.py:268 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/e2b/api/client/client.py:266 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/e2b/api/client/client.py:268
            self._async_client = httpx.AsyncClient(
                base_url=self._base_url,
                cookies=self._cookies,
                headers=self._headers,
                timeout=self._timeout,
                verify=self._verify_ssl,
                follow_redirects=self._follow_redirects,
                **self._httpx_args,
            )

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

medium pii_flow dependency Excluded from app score #2d97a5f069d055fe A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/e2b/volume/client/client.py:232 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/e2b/volume/client/client.py:230 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/e2b/volume/client/client.py:232
            self._client = httpx.Client(
                base_url=self._base_url,
                cookies=self._cookies,
                headers=self._headers,
                timeout=self._timeout,
                verify=self._verify_ssl,
                follow_redirects=self._follow_redirects,
                **self._httpx_args,
            )

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

medium pii_flow dependency Excluded from app score #a49589a3e53fe5b1 A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/e2b/volume/client/client.py:268 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/e2b/volume/client/client.py:266 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/e2b/volume/client/client.py:268
            self._async_client = httpx.AsyncClient(
                base_url=self._base_url,
                cookies=self._cookies,
                headers=self._headers,
                timeout=self._timeout,
                verify=self._verify_ssl,
                follow_redirects=self._follow_redirects,
                **self._httpx_args,
            )

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

expand_more 31 low-confidence finding(s)
low env_fs dependency Excluded from app score #ec259c5af94a3e5e Environment-variable access.
pkgs/python/[email protected]/e2b/api/__init__.py:66
    max_keepalive_connections=int(os.getenv("E2B_MAX_KEEPALIVE_CONNECTIONS", "20")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #46ef1e6b9e7e91ec Environment-variable access.
pkgs/python/[email protected]/e2b/api/__init__.py:67
    max_connections=int(os.getenv("E2B_MAX_CONNECTIONS", "2000")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ef60c5aa6e17cb0f Environment-variable access.
pkgs/python/[email protected]/e2b/api/__init__.py:68
    keepalive_expiry=int(os.getenv("E2B_KEEPALIVE_EXPIRY", "300")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #765848683f6b13b0 Environment-variable access.
pkgs/python/[email protected]/e2b/api/__init__.py:71
connection_retries = int(os.getenv("E2B_CONNECTION_RETRIES", "3"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e2fe211b7e137281 Environment-variable access.
pkgs/python/[email protected]/e2b/connection_config.py:98
        return os.getenv("E2B_DOMAIN") or "e2b.app"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #484923dfb8a04237 Environment-variable access.
pkgs/python/[email protected]/e2b/connection_config.py:102
        return os.getenv("E2B_DEBUG", "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #183ee29a6f026439 Environment-variable access.
pkgs/python/[email protected]/e2b/connection_config.py:106
        return os.getenv("E2B_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #60dd63a52c507812 Environment-variable access.
pkgs/python/[email protected]/e2b/connection_config.py:110
        return os.getenv("E2B_VALIDATE_API_KEY", "true").lower() != "false"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c08c1d4ed994f28a Environment-variable access.
pkgs/python/[email protected]/e2b/connection_config.py:114
        return os.getenv("E2B_API_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7aed663c19ce1099 Environment-variable access.
pkgs/python/[email protected]/e2b/connection_config.py:118
        return os.getenv("E2B_SANDBOX_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3f251ce886870710 Environment-variable access.
pkgs/python/[email protected]/e2b/connection_config.py:122
        return os.getenv("E2B_ACCESS_TOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #e693dfc5e0d6f321 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/e2b/sandbox_async/filesystem/filesystem.py:382
                    r = await self._envd_api.post(
                        ENVD_API_FILES_ROUTE,
                        content=to_upload_body_async(file_data, gzip),
                        headers=headers,
                        params=params,
                        timeout=upload_timeout,
                    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #ed5810395354c5a5 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/e2b/sandbox_async/filesystem/filesystem.py:425
                r = await self._envd_api.post(
                    ENVD_API_FILES_ROUTE,
                    files=httpx_files,
                    params=params,
                    headers=extra_headers,
                    timeout=upload_timeout,
                )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #59fc2647bc77aa0b Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/e2b/sandbox_sync/filesystem/filesystem.py:397
                    r = self._envd_api.post(
                        ENVD_API_FILES_ROUTE,
                        content=to_upload_body(file_data, gzip),
                        headers=headers,
                        params=params,
                        timeout=upload_timeout,
                    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #e9fae8ac305a9782 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/e2b/sandbox_sync/filesystem/filesystem.py:434
                r = self._envd_api.post(
                    ENVD_API_FILES_ROUTE,
                    files=httpx_files,
                    params=params,
                    headers=extra_headers,
                    timeout=upload_timeout,
                )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #479f2728a83fef65 Filesystem access.
pkgs/python/[email protected]/e2b/template/dockerfile_parser.py:71
        with open(dockerfile_content_or_path, "r", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #556f6c9a939a3367 Filesystem access.
pkgs/python/[email protected]/e2b/template/dockerfile_parser.py:81
        with open(dockerfile_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3160d8cdd7538127 Filesystem access.
pkgs/python/[email protected]/e2b/template/utils.py:117
    with open(dockerignore_path, "r", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #250a007247fb65d5 Filesystem access.
pkgs/python/[email protected]/e2b/template/utils.py:251
            with open(file, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b50ff93ee1d294b7 Filesystem access.
pkgs/python/[email protected]/e2b/template/utils.py:421
        with open(
            os.path.join(context_path, path_or_content), "r", encoding="utf-8"
        ) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #545a515cd8930530 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/e2b/template_async/build_api.py:138
                response = await client.put(
                    url,
                    content=aiter_io_chunks(tar_file),
                    headers={"Content-Length": str(size)},
                )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #7a1e68966c472d74 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/e2b/template_sync/build_api.py:134
                response = client.put(url, content=tar_file)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #5a0197b70effb82b Environment-variable access.
pkgs/python/[email protected]/e2b/volume/client_async/__init__.py:17
    max_keepalive_connections=int(os.getenv("E2B_MAX_KEEPALIVE_CONNECTIONS", "20")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #78e8abae7906127b Environment-variable access.
pkgs/python/[email protected]/e2b/volume/client_async/__init__.py:18
    max_connections=int(os.getenv("E2B_MAX_CONNECTIONS", "2000")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #95ce8175b2a9f166 Environment-variable access.
pkgs/python/[email protected]/e2b/volume/client_async/__init__.py:19
    keepalive_expiry=int(os.getenv("E2B_KEEPALIVE_EXPIRY", "300")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #73a46b9cec248200 Environment-variable access.
pkgs/python/[email protected]/e2b/volume/client_sync/__init__.py:16
    max_keepalive_connections=int(os.getenv("E2B_MAX_KEEPALIVE_CONNECTIONS", "20")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f4d53c9b7e34ae37 Environment-variable access.
pkgs/python/[email protected]/e2b/volume/client_sync/__init__.py:17
    max_connections=int(os.getenv("E2B_MAX_CONNECTIONS", "2000")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #00123da3d53606af Environment-variable access.
pkgs/python/[email protected]/e2b/volume/client_sync/__init__.py:18
    keepalive_expiry=int(os.getenv("E2B_KEEPALIVE_EXPIRY", "300")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #001ad590fdee50dd Environment-variable access.
pkgs/python/[email protected]/e2b/volume/connection_config.py:58
        return os.getenv("E2B_DOMAIN") or "e2b.app"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0f8fa873e3a8d2ac Environment-variable access.
pkgs/python/[email protected]/e2b/volume/connection_config.py:62
        return os.getenv("E2B_DEBUG", "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #aae5007fdbe69304 Environment-variable access.
pkgs/python/[email protected]/e2b/volume/connection_config.py:66
        return os.getenv("E2B_VOLUME_API_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

firecrawl-py

python dependency
medium pii_flow dependency Excluded from app score #ac8a045dee9875a5 A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/firecrawl/firecrawl.backup.py:687 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/firecrawl/firecrawl.backup.py:689 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/firecrawl/firecrawl.backup.py:687
        response = requests.post(
            f"{self.api_url}/v1/search",
            headers={"Authorization": f"Bearer {self.api_key}"},
            json=params_dict
        )

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

medium pii_flow dependency Excluded from app score #d8819566f6fe34d2 A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/firecrawl/firecrawl.backup.py:1253 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/firecrawl/firecrawl.backup.py:1255 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/firecrawl/firecrawl.backup.py:1253
        response = requests.post(
            f"{self.api_url}/v1/map",
            headers={"Authorization": f"Bearer {self.api_key}"},
            json=params_dict
        )

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

medium pii_flow dependency Excluded from app score #293c6c76b2732901 A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/firecrawl/v1/client.py:765 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/firecrawl/v1/client.py:767 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/firecrawl/v1/client.py:765
        response = requests.post(
            f"{self.api_url}/v1/search",
            headers={"Authorization": f"Bearer {self.api_key}"},
            json=params_dict
        )

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

medium pii_flow dependency Excluded from app score #ac28b80c9c97286a A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/firecrawl/v1/client.py:1418 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/firecrawl/v1/client.py:1420 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/firecrawl/v1/client.py:1418
        response = requests.post(
            f"{self.api_url}/v1/map",
            headers={"Authorization": f"Bearer {self.api_key}"},
            json=params_dict
        )

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

expand_more 172 low-confidence finding(s)
low env_fs dependency Excluded from app score #97de81e455eb42c0 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__init__.py:52
    if not (env := os.getenv("FIRECRAWL_LOGGING_LEVEL", "").upper()):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #799abb9d2792e9f6 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/conftest.py:38
    missing_vars = [var for var in required_vars if not os.getenv(var)]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #45ee4860fda70858 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/conftest.py:49
    key = os.getenv("API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #b470430f39d3ce57 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/conftest.py:58
    url = os.getenv("API_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #42bbc1a106d2e364 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_crawl.py:11
if not os.getenv("API_KEY"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #a13ab51fed7d4ea1 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_crawl.py:14
if not os.getenv("API_URL"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #c39b02a3a11ffe06 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_crawl.py:20
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #4e1db9a8487ebdb7 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_crawl.py:35
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #0b5743e5889d7f7e Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_crawl.py:80
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #57a9a14fbbb2d975 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_crawl.py:87
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #8ffb1d3121e13217 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_crawl.py:94
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #4c69ddd75ca7610c Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_crawl.py:105
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #98ac475682609746 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_crawl.py:113
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #4d9deadd7a402288 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_crawl.py:121
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #8a52adfe15f4cbf7 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_crawl.py:129
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #cc3b0cde07b00d9d Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_crawl.py:138
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #e52e649a1dc9d286 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_crawl.py:146
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #03ee3bbdb0fb781b Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_crawl.py:156
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #d5726f5a2fa4cdba Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_crawl.py:163
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #422cbff7562d138d Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_crawl.py:175
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #3c574593aaac274e Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_extract.py:9
if not os.getenv("API_KEY"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #dca2b1ac13416fbe Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_extract.py:12
if not os.getenv("API_URL"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #75119fbbaf75b06a Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_extract.py:18
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #d49dea8abf57bd25 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_extract.py:25
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #1253bc4500d40af2 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_map.py:9
if not os.getenv("API_KEY"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #d51e76507af1c651 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_map.py:12
if not os.getenv("API_URL"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #7524bffae24ea8c3 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_map.py:18
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #cffa394f5550a9af Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_map.py:29
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #286420ec4166ea49 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_parse.py:8
API_KEY = (os.getenv("API_KEY") or "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #89d0fac4c380700d Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_parse.py:9
API_URL = (os.getenv("API_URL") or "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #174ca588d14fb301 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_scrape.py:10
if not os.getenv("API_KEY"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #032961a4f4822b2e Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_scrape.py:13
if not os.getenv("API_URL"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #a4788ae834b0f1c9 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_scrape.py:19
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #4fadc5e6a9227f7f Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_scrape.py:35
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #70845d3ab42d219a Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_scrape.py:74
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #2daaaea085d0c45d Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_scrape.py:86
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #c6f53e71cb29bc80 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_scrape.py:104
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #9053d324fbde80aa Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_scrape.py:123
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #4c8595e090bb9160 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_scrape.py:135
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #bec14ef01c2a077f Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_search.py:17
firecrawl = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #1448a9025b6687b1 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_usage.py:9
if not os.getenv("API_KEY"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #aed436ef34aa7641 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_usage.py:12
if not os.getenv("API_URL"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #d8547876693698c6 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_usage.py:18
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #cdcf19d91e30afef Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_usage.py:25
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #708dcc7a8888d57c Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_usage.py:32
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #6a49ed325bd607e2 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_usage.py:39
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #39c078cdf00abd5f Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_watcher.py:11
if not os.getenv("API_KEY"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #584453461a4bec10 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_watcher.py:14
if not os.getenv("API_URL"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #5616e9e09efe7dac Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_watcher.py:20
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #21cf18771e643b41 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_watcher.py:32
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #a8e2942b973d43e1 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/conftest.py:10
    idmux_url = os.getenv("IDMUX_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #a83cb45f9234e829 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/conftest.py:13
    run_number = int(os.getenv("GITHUB_RUN_NUMBER") or 0)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #a7d48ed982de0c11 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/conftest.py:15
        "refName": os.getenv("GITHUB_REF_NAME") or "local",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling reachable #930157882a4d386c Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/conftest.py:20
    resp = requests.post(idmux_url + "/", json=payload)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling reachable #f8631b5e29c7cbd1 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/conftest.py:28
        os.getenv("TEST_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #782565459bf5a278 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/conftest.py:29
        or os.getenv("FIRECRAWL_API_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #b5511257a485fa40 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/conftest.py:30
        or os.getenv("API_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #ad7be4b353b70178 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/conftest.py:37
    os.getenv("TEST_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #fe985c69039d99ba Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/conftest.py:38
    or os.getenv("FIRECRAWL_API_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #8ca207193b31e53b Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/conftest.py:39
    or os.getenv("API_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #2e30b3f85544b1e2 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/conftest.py:43
_IDMUX_URL = os.getenv("IDMUX_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #490ff0e01e0bf6ba Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/conftest.py:45
    run_name = os.getenv("PYTEST_RUN_NAME") or "py-e2e"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #c4187315c63d874c Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/conftest.py:48
    os.environ["API_KEY"] = _IDENTITY.get("apiKey", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #c36d86e31f5f2321 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/conftest.py:49
    os.environ["API_URL"] = _API_URL

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #e1a6e72da2167127 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/conftest.py:53
    return _IDENTITY or {"apiKey": os.getenv("API_KEY") or "", "teamId": os.getenv("TEST_TEAM_ID") or os.getenv("TEAM_ID") or ""}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #b98715158db826c2 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_async.py:12
if not os.getenv("API_KEY"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #42f367eec7a64753 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_async.py:15
if not os.getenv("API_URL"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #bcfce7e342c2febf Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_async.py:21
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #39f0b80ef1177584 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_async.py:30
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #0b785fb31224cdd1 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_async.py:46
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #166d87605ff4ad78 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_async.py:64
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #a03a6681b4aef0b7 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_batch_scrape.py:10
if not os.getenv("API_KEY"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #1e7c9e775eca6c64 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_batch_scrape.py:13
if not os.getenv("API_URL"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #7cdaab396d871ba1 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_batch_scrape.py:21
        self.client = Firecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #1f2038c1b9e5bcdd Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_crawl.py:10
if not os.getenv("API_KEY"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #43c8a8d5deffc4a8 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_crawl.py:13
if not os.getenv("API_URL"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #d1ad25778baf9c55 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_crawl.py:21
        self.client = Firecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #c90ad232d8ec86d7 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_extract.py:7
if not os.getenv("API_KEY"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #65aa904be5fe70b1 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_extract.py:10
if not os.getenv("API_URL"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #9abd21b425a2888e Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_extract.py:18
        self.client = Firecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #0c18d27332f3ce1a Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_map.py:8
if not os.getenv("API_KEY"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #191d293ba7444a20 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_map.py:11
if not os.getenv("API_URL"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #73cbae1b940cbe95 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_map.py:22
        self.client = Firecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #52cf26e7fdce34ee Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_parse.py:8
API_KEY = (os.getenv("API_KEY") or "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #10b6b23171f0bb9e Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_parse.py:9
API_URL = (os.getenv("API_URL") or "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #4872b1da5d46e31b Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_scrape.py:11
if not os.getenv("API_KEY"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #78b4c8f6fa5ef5f8 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_scrape.py:14
if not os.getenv("API_URL"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #0330a6c489af8ab3 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_scrape.py:22
        self.client = Firecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #a80c3fa3f5d3d20d Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_search.py:8
firecrawl = Firecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #9c8d3c044f721773 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_usage.py:11
        self.client = Firecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #6e03bc7bbbf198b5 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_watcher.py:8
if not os.getenv("API_KEY"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #5a96c539c4027bfc Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_watcher.py:11
if not os.getenv("API_URL"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #7dce432782a8f25c Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_watcher.py:18
        self.client = Firecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #c307416c974e7e73 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/unit/test_recursive_schema_v1.py:14
        self.app = V1FirecrawlApp(api_key=os.environ.get('TEST_API_KEY', 'test-key'))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #023a8cf0d3b623ed Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/unit/test_recursive_schema_v1.py:96
        self.app = V1FirecrawlApp(api_key=os.environ.get('TEST_API_KEY', 'test-key'))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #bdda489c503804cb Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/unit/test_recursive_schema_v1.py:169
        self.app = V1FirecrawlApp(api_key=os.environ.get('TEST_API_KEY', 'test-key'))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #d75f599e2eadc348 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/unit/test_recursive_schema_v1.py:306
        self.app = V1FirecrawlApp(api_key=os.environ.get('TEST_API_KEY', 'test-key'))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #6367457b17f98f53 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/unit/test_recursive_schema_v1.py:434
        self.app = V1FirecrawlApp(api_key=os.environ.get('TEST_API_KEY', 'test-key'))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #06f610ddcd9c27d5 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/unit/test_recursive_schema_v1.py:523
        self.app = V1FirecrawlApp(api_key=os.environ.get('TEST_API_KEY', 'test-key'))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #066d85ffedaf1bf9 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/unit/test_recursive_schema_v1.py:594
        self.app = V1FirecrawlApp(api_key=os.environ.get('TEST_API_KEY', 'test-key'))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #1e86db867dde5265 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/unit/test_recursive_schema_v1.py:638
        self.app = V1FirecrawlApp(api_key=os.environ.get('TEST_API_KEY', 'test-key'))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #734bd0bc4db1cc9c Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/unit/test_recursive_schema_v1.py:750
        self.app = V1FirecrawlApp(api_key=os.environ.get('TEST_API_KEY', 'test-key'))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #5e09382236c170fd Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/unit/test_recursive_schema_v1.py:839
        self.app = V1FirecrawlApp(api_key=os.environ.get('TEST_API_KEY', 'test-key'))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #620916b9e4d44944 Filesystem access.
pkgs/python/[email protected]/firecrawl/__tests__/unit/v2/methods/test_parse_request_preparation.py:41
        file_path.write_text("<html><body>Path Upload</body></html>")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c1cb114b8e9623a3 Filesystem access.
pkgs/python/[email protected]/firecrawl/firecrawl.backup.py:32
      version_file = Path(os.path.join(package_path, '__init__.py')).read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f0aecb64488e1977 Environment-variable access.
pkgs/python/[email protected]/firecrawl/firecrawl.backup.py:447
        self.api_key = api_key or os.getenv('FIRECRAWL_API_KEY')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f827cd0f0c938cf9 Environment-variable access.
pkgs/python/[email protected]/firecrawl/firecrawl.backup.py:448
        self.api_url = api_url or os.getenv('FIRECRAWL_API_URL', 'https://api.firecrawl.dev')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #f0254b11379ac999 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/firecrawl.backup.py:591
        response = requests.post(
            f'{self.api_url}/v1/scrape',
            headers=_headers,
            json=scrape_params,
            timeout=(timeout / 1000.0 + 5 if timeout is not None else None)
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #947db8e657033304 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/firecrawl.backup.py:687
        response = requests.post(
            f"{self.api_url}/v1/search",
            headers={"Authorization": f"Bearer {self.api_key}"},
            json=params_dict
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #ffb0f42705a4e465 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/firecrawl.backup.py:1253
        response = requests.post(
            f"{self.api_url}/v1/map",
            headers={"Authorization": f"Bearer {self.api_key}"},
            json=params_dict
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #cff3ba9ff11ba8cf Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/firecrawl.backup.py:2207
            response = requests.post(url, headers=headers, json=data, timeout=((data["timeout"] / 1000.0 + 5) if "timeout" in data and data["timeout"] is not None else None))

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #957bcc99c02f8afb Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/firecrawl.backup.py:2236
            response = requests.get(url, headers=headers)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #ee53a11cba055e3a Filesystem access.
pkgs/python/[email protected]/firecrawl/v1/client.py:33
      version_file = Path(os.path.join(package_path, '__init__.py')).read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #93bda0d7e88dc3df Environment-variable access.
pkgs/python/[email protected]/firecrawl/v1/client.py:529
        self.api_key = api_key or os.getenv('FIRECRAWL_API_KEY')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c69777d9abbd940c Environment-variable access.
pkgs/python/[email protected]/firecrawl/v1/client.py:530
        self.api_url = api_url or os.getenv('FIRECRAWL_API_URL', 'https://api.firecrawl.dev')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #b3da97fb16fe77b0 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v1/client.py:669
        response = requests.post(
            f'{self.api_url}/v1/scrape',
            headers=_headers,
            json=scrape_params,
            timeout=(timeout / 1000.0 + 5 if timeout is not None else None)
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #7b8da0fa0bcd83c7 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v1/client.py:765
        response = requests.post(
            f"{self.api_url}/v1/search",
            headers={"Authorization": f"Bearer {self.api_key}"},
            json=params_dict
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #3f0449203298a0c8 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v1/client.py:1418
        response = requests.post(
            f"{self.api_url}/v1/map",
            headers={"Authorization": f"Bearer {self.api_key}"},
            json=params_dict
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #93e8bd021b4b46ab Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v1/client.py:2438
            response = requests.post(url, headers=headers, json=data, timeout=((data["timeout"] / 1000.0 + 5) if "timeout" in data and data["timeout"] is not None else None))

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #61d0c263dc5bb583 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v1/client.py:2467
            response = requests.get(url, headers=headers)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #0720c2da9e8e896e Environment-variable access.
pkgs/python/[email protected]/firecrawl/v2/client.py:115
            api_key = os.getenv("FIRECRAWL_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #65d37b50b567a485 Environment-variable access.
pkgs/python/[email protected]/firecrawl/v2/client_async.py:83
            api_key = os.getenv("FIRECRAWL_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #2d634dd037b82558 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/methods/agent.py:96
    resp = client.get(f"/v2/agent/{job_id}")

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #86f2f1b05b7dec43 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/methods/aio/agent.py:96
    resp = await client.get(f"/v2/agent/{job_id}")

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #d62fe7512534e184 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/methods/aio/batch.py:90
    response = await client.get(f"/v2/batch/scrape/{job_id}")

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #fb6dc105505932b1 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/methods/aio/batch.py:138
    response = await client.get(next_url, timeout=request_timeout)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #430974871ebc36df Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/methods/aio/batch.py:192
        response = await client.get(current_url)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #dcfa05b6040c99f8 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/methods/aio/batch.py:234
    response = await client.get(f"/v2/batch/scrape/{job_id}/errors")

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #32b2dca9a328257b Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/methods/aio/browser.py:136
    resp = await client.post(f"/v2/browser/{session_id}/execute", body)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #cbf18ac7d08419b2 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/methods/aio/browser.py:177
    resp = await client.get(endpoint)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #061a7f5417d421b4 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/methods/aio/crawl.py:143
    response = await client.get(f"/v2/crawl/{job_id}", timeout=request_timeout)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #3c05376f645a51b4 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/methods/aio/crawl.py:193
    response = await client.get(next_url, timeout=request_timeout)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #fb75bf9d6b4b6588 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/methods/aio/crawl.py:250
        response = await client.get(current_url, timeout=request_timeout)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #d80366e9a7393add Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/methods/aio/crawl.py:373
    response = await client.get(f"/v2/crawl/{crawl_id}/errors")

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #6138c1304f4950d3 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/methods/aio/extract.py:109
    resp = await client.get(f"/v2/extract/{job_id}")

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #12b9457606dec558 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/methods/aio/monitor.py:100
        response = await client.get(current_url)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #5e500b9b791b3a18 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/methods/aio/monitor.py:134
    data = await _data_or_error(await client.get(f"/v2/monitor{suffix}"), "list monitors")

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #64ea3415deb838c3 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/methods/aio/monitor.py:139
    data = await _data_or_error(await client.get(f"/v2/monitor/{monitor_id}"), "get monitor")

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #bb8bedc5174cbadf Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/methods/aio/monitor.py:159
    data = await _data_or_error(await client.post(f"/v2/monitor/{monitor_id}/run", {}), "run monitor")

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #6186c4bf6b071cec Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/methods/aio/monitor.py:176
    data = await _data_or_error(await client.get(f"/v2/monitor/{monitor_id}/checks{suffix}"), "list monitor checks")

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #d5f34cd14d54083a Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/methods/aio/monitor.py:198
    data = await _monitor_check_data_or_error(await client.get(f"/v2/monitor/{monitor_id}/checks/{check_id}{suffix}"), "get monitor check")

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #93fbd636b60afa7a Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/methods/aio/research.py:30
    response = await client.get(path)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #35d08dde86585096 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/methods/aio/scrape.py:69
    response = await client.post(f"/v2/scrape/{job_id}/interact", payload)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #39505cb6756e6c4e Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/methods/batch.py:123
    response = client.get(f"/v2/batch/scrape/{job_id}")

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #61a3f9ad353355da Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/methods/batch.py:175
    response = client.get(next_url, timeout=request_timeout)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #cd76c8e334b1ef3e Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/methods/batch.py:232
        response = client.get(current_url)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #e4e27b59013bd415 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/methods/batch.py:543
    response = client.get(f"/v2/batch/scrape/{job_id}/errors")

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #4be1d1d9c98509cf Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/methods/browser.py:130
    resp = client.post(f"/v2/browser/{session_id}/execute", body)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #825729ef00b803c7 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/methods/browser.py:184
    resp = client.get(endpoint)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #addeb4c38361b623 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/methods/crawl.py:196
    response = client.get(f"/v2/crawl/{job_id}", timeout=request_timeout)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #bd86e1487b32ab3c Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/methods/crawl.py:256
    response = client.get(next_url, timeout=request_timeout)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #5ffd831296a32b16 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/methods/crawl.py:316
        response = client.get(current_url, timeout=request_timeout)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #76623503f420a99c Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/methods/crawl.py:597
    response = http_client.get(f"/v2/crawl/{crawl_id}/errors")

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #6e40311f786aeb6e Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/methods/extract.py:133
    resp = client.get(f"/v2/extract/{job_id}")

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #7fdee6ca9f0f163c Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/methods/monitor.py:99
        response = client.get(current_url)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #eae7a2d0f4313de7 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/methods/monitor.py:133
    data = _data_or_error(client.get(f"/v2/monitor{suffix}"), "list monitors")

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #c1812fdc7e50c619 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/methods/monitor.py:138
    data = _data_or_error(client.get(f"/v2/monitor/{monitor_id}"), "get monitor")

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #ab616f51b755dc00 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/methods/monitor.py:158
    data = _data_or_error(client.post(f"/v2/monitor/{monitor_id}/run", {}), "run monitor")

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #cfb7786bf326fc83 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/methods/monitor.py:175
    data = _data_or_error(client.get(f"/v2/monitor/{monitor_id}/checks{suffix}"), "list monitor checks")

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #5f83338d6fae123a Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/methods/monitor.py:197
    data = _monitor_check_data_or_error(client.get(f"/v2/monitor/{monitor_id}/checks/{check_id}{suffix}"), "get monitor check")

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #c6c383407bc474ae Filesystem access.
pkgs/python/[email protected]/firecrawl/v2/methods/parse.py:91
        file_bytes = file_path.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #c0cb495d69ed79ef Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/methods/research.py:29
    response = client.get(path)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #6960a808bbfdaaa1 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/methods/scrape.py:120
    response = client.post(f"/v2/scrape/{job_id}/interact", body)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #ec721be9af17e1bd Filesystem access.
pkgs/python/[email protected]/firecrawl/v2/utils/get_version.py:8
        version_file = (package_path / "__init__.py").read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #99db46e8a21a36e5 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/utils/http_client.py:100
                response = requests.post(
                    url,
                    headers=headers,
                    json=payload,
                    timeout=timeout
                )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #94767f8131889c66 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/utils/http_client.py:152
                response = requests.post(
                    url,
                    headers=multipart_headers,
                    data=data,
                    files=files,
                    timeout=timeout,
                )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #2ec0a573d4dc39df Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/utils/http_client.py:199
                response = requests.get(
                    url,
                    headers=headers,
                    timeout=timeout
                )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #bd6b515bc1b09141 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/utils/http_client_async.py:68
                response = await self._client.post(
                    endpoint,
                    json=payload,
                    headers={**self._headers(), **(headers or {})},
                    timeout=timeout,
                )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #eb1b61a6573ad983 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/utils/http_client_async.py:109
                response = await self._client.post(
                    endpoint,
                    data=data,
                    files=files,
                    headers={**self._headers(), **(headers or {})},
                    timeout=timeout,
                )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #46da2c9919d015bc Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/firecrawl/v2/utils/http_client_async.py:149
                response = await self._client.get(
                    endpoint,
                    headers={**self._headers(), **(headers or {})},
                    timeout=timeout,
                )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #fbd028ed4f484961 Filesystem access.
pkgs/python/[email protected]/setup.py:7
long_description_content = (this_directory / "README.md").read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1b2db5b50cf6bffe Filesystem access.
pkgs/python/[email protected]/setup.py:12
    version_file = (this_directory / "firecrawl" / "__init__.py").read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

scrapfly-sdk

python dependency
medium telemetry dependency Excluded from app score #d7b139401c4e8a0f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/scrapfly/reporter/sentry.py:42
            import sentry_sdk  # noqa: F401  # validate the dependency is present

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8e0049ca2b3c6bea Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/scrapfly/reporter/sentry.py:55
        from sentry_sdk import capture_exception, push_scope

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1c849cf0c323ed8d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/scrapfly/reporter/sentry.py:57
        with push_scope() as scope:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #79de66c6de2090a6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/scrapfly/reporter/sentry.py:75
                capture_exception(error)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

expand_more 10 low-confidence finding(s)
low env_fs dependency Excluded from app score #a132033ee6d9c331 Filesystem access.
pkgs/python/[email protected]/scrapfly/api_response.py:611
            file = open(file_path, 'wb')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0e02fb3da31f7acf Filesystem access.
pkgs/python/[email protected]/scrapfly/client.py:1154
        with open(file_path, 'wb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9fa6551e26f73d5c Filesystem access.
pkgs/python/[email protected]/scrapfly/client.py:1230
            file = open(file_path, 'wb')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5d8b66adf51c1042 Filesystem access.
pkgs/python/[email protected]/scrapfly/client.py:1840
            with open(save_path, 'wb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f49352b93440e763 Filesystem access.
pkgs/python/[email protected]/scrapfly/client.py:1892
        with open(file_path, 'rb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #0f9b7ada33211c06 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/scrapfly/crawler/crawl.py:698
        response = requests.post(
            url,
            params=params,
            data=body.encode('utf-8'),
            headers={'Content-Type': 'text/plain'},
            verify=self._client.verify
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #999a40d6528322d9 Filesystem access.
pkgs/python/[email protected]/scrapfly/crawler/crawler_response.py:502
        with open(filepath, 'wb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7bde0dc764c3bda4 Environment-variable access.
pkgs/python/[email protected]/scrapfly/scrapy/spider.py:114
        return environ.get('SPIDER_RUN_ID') or str(uuid.uuid4())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ae09d69e8dfed7fc Filesystem access.
pkgs/python/[email protected]/setup.py:24
txt = (HERE / MODULE / '__init__.py').read_text('utf-8')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6987947abeb22c6f Filesystem access.
pkgs/python/[email protected]/setup.py:41
    return (HERE / f).read_text('utf-8').strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

azure-identity

python dependency
medium pii_flow dependency Excluded from app score #996f8d64165cf338 PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/azure/identity/_credentials/environment.py:99 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/azure/identity/_credentials/environment.py:66 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/azure/identity/_credentials/environment.py:99
            _LOGGER.info("Environment is configured for %s", self._credential.__class__.__name__)

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

medium pii_flow dependency Excluded from app score #8693a4dbf87dd3eb PII-bearing data is written to a log/print sink. Logged PII is a privacy concern even when it does not leave the process.
pkgs/python/[email protected]/azure/identity/aio/_credentials/environment.py:77 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/azure/identity/aio/_credentials/environment.py:60 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/azure/identity/aio/_credentials/environment.py:77
            _LOGGER.info("Environment is configured for %s", self._credential.__class__.__name__)

PII-bearing data is written to a log/print sink — it stays in-process and does not leave the application, but logged PII is still a privacy concern.

Fix: Avoid logging user identifiers; redact or omit PII from log/print statements.

expand_more 105 low-confidence finding(s)
low env_fs dependency Excluded from app score #dc0d141adb306536 Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/app_service.py:22
    url = os.environ.get(EnvironmentVariables.IDENTITY_ENDPOINT)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #00b452984c68577f Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/app_service.py:23
    secret = os.environ.get(EnvironmentVariables.IDENTITY_HEADER)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8d24bbf9ed76112e Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/azd_cli.py:239
        path = os.environ.get("SYSTEMROOT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6aaf9c2f877a7071 Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/azd_cli.py:322
            "env": dict(os.environ, NO_COLOR="true"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b97e8bae93b66162 Filesystem access.
pkgs/python/[email protected]/azure/identity/_credentials/azure_arc.py:52
    with open(key_file, "r", encoding="utf-8") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d3728ed7447c73dc Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/azure_arc.py:74
        program_data_path = os.environ.get("PROGRAMDATA")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9a5ee378554fd397 Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/azure_cli.py:240
        path = os.environ.get("SYSTEMROOT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e715aba3edd0beb9 Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/azure_cli.py:278
            "env": dict(os.environ, AZURE_CORE_NO_COLOR="true"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e6614981fa8aba3f Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/azure_ml.py:23
    url = os.environ.get(EnvironmentVariables.MSI_ENDPOINT)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f1f7658041443d3e Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/azure_ml.py:24
    secret = os.environ.get(EnvironmentVariables.MSI_SECRET)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4d4fbfafbaa145e4 Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/azure_pipelines.py:25
    base_uri = os.environ[SYSTEM_OIDCREQUESTURI].rstrip("/")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3a031df772c3dc02 Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/azure_pipelines.py:37
    if SYSTEM_OIDCREQUESTURI not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #893b5ea747bf5ab7 Filesystem access.
pkgs/python/[email protected]/azure/identity/_credentials/certificate.py:149
        with open(certificate_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4bfe6c986cfb0586 Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/cloud_shell.py:34
        url = os.environ.get(EnvironmentVariables.MSI_ENDPOINT)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4fc8d0e8b1a7d1ea Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/default.py:154
            "interactive_browser_tenant_id", os.environ.get(EnvironmentVariables.AZURE_TENANT_ID)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7027dc854081146f Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/default.py:158
            "managed_identity_client_id", os.environ.get(EnvironmentVariables.AZURE_CLIENT_ID)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #058688511c4d4f9f Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/default.py:162
            "workload_identity_tenant_id", os.environ.get(EnvironmentVariables.AZURE_TENANT_ID)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #692ae6a8b427ddb4 Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/default.py:166
        broker_tenant_id = kwargs.pop("broker_tenant_id", os.environ.get(EnvironmentVariables.AZURE_TENANT_ID))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #234ae996bc126f55 Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/default.py:169
        shared_cache_username = kwargs.pop("shared_cache_username", os.environ.get(EnvironmentVariables.AZURE_USERNAME))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fd409084a7b47f1f Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/default.py:171
            "shared_cache_tenant_id", os.environ.get(EnvironmentVariables.AZURE_TENANT_ID)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #244d0167dfea1ae6 Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/default.py:176
        token_credentials_env = os.environ.get(EnvironmentVariables.AZURE_TOKEN_CREDENTIALS, "").strip().lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #97d65d5129dcc6a5 Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/default.py:268
                        token_file_path=os.environ.get(EnvironmentVariables.AZURE_FEDERATED_TOKEN_FILE),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #065e244564f0dee6 Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/environment.py:63
        if all(os.environ.get(v) is not None for v in EnvironmentVariables.CLIENT_SECRET_VARS):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b25ce522abca086d Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/environment.py:65
                client_id=os.environ[EnvironmentVariables.AZURE_CLIENT_ID],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #db6469bc9bde8cef Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/environment.py:66
                client_secret=os.environ[EnvironmentVariables.AZURE_CLIENT_SECRET],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #08ca98416324de2f Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/environment.py:67
                tenant_id=os.environ[EnvironmentVariables.AZURE_TENANT_ID],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a3880abad4d6b291 Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/environment.py:70
        elif all(os.environ.get(v) is not None for v in EnvironmentVariables.CERT_VARS):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #12d65ea698c65b5d Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/environment.py:72
                client_id=os.environ[EnvironmentVariables.AZURE_CLIENT_ID],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9d2c2b8c09012739 Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/environment.py:73
                tenant_id=os.environ[EnvironmentVariables.AZURE_TENANT_ID],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6908c290fcd217e3 Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/environment.py:74
                certificate_path=os.environ[EnvironmentVariables.AZURE_CLIENT_CERTIFICATE_PATH],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #33459c816b006f66 Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/environment.py:75
                password=os.environ.get(EnvironmentVariables.AZURE_CLIENT_CERTIFICATE_PASSWORD),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #126ff72abc9195bd Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/environment.py:77
                    os.environ.get(EnvironmentVariables.AZURE_CLIENT_SEND_CERTIFICATE_CHAIN, False)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #49b4aab28f17a5c5 Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/environment.py:81
        elif all(os.environ.get(v) is not None for v in EnvironmentVariables.USERNAME_PASSWORD_VARS):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #31808b222e18d002 Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/environment.py:83
                client_id=os.environ[EnvironmentVariables.AZURE_CLIENT_ID],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e39c107214ce4740 Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/environment.py:84
                username=os.environ[EnvironmentVariables.AZURE_USERNAME],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d66355ea090c5c1a Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/environment.py:85
                password=os.environ[EnvironmentVariables.AZURE_PASSWORD],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ed0b924e56a84892 Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/environment.py:86
                tenant_id=os.environ.get(EnvironmentVariables.AZURE_TENANT_ID),  # optional for username/password auth

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #94245fd2303816a3 Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/environment.py:106
            set_variables = [v for v in expected_variables if v in os.environ]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #54ec72175fc1a1ea Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/imds.py:60
        os.environ.get(EnvironmentVariables.AZURE_POD_IDENTITY_AUTHORITY_HOST, IMDS_AUTHORITY).strip("/")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #42471da7a089f335 Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/imds.py:90
        if EnvironmentVariables.AZURE_POD_IDENTITY_AUTHORITY_HOST in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #820dc675451a4872 Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/managed_identity.py:82
        if os.environ.get(EnvironmentVariables.IDENTITY_ENDPOINT):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f285ec4aa948385d Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/managed_identity.py:83
            if os.environ.get(EnvironmentVariables.IDENTITY_HEADER):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a5f663b3b27a1418 Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/managed_identity.py:84
                if os.environ.get(EnvironmentVariables.IDENTITY_SERVER_THUMBPRINT):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e4d91e646d971fa2 Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/managed_identity.py:98
            elif os.environ.get(EnvironmentVariables.IMDS_ENDPOINT):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9c1841eb14d83326 Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/managed_identity.py:103
        elif os.environ.get(EnvironmentVariables.MSI_ENDPOINT):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3a2beb2b6beb3e99 Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/managed_identity.py:104
            if os.environ.get(EnvironmentVariables.MSI_SECRET):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #593bbd39e2beb039 Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/managed_identity.py:115
            all(os.environ.get(var) for var in EnvironmentVariables.WORKLOAD_IDENTITY_VARS)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #47ba66dbfab5eb00 Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/managed_identity.py:120
            workload_client_id = client_id or os.environ.get(EnvironmentVariables.AZURE_CLIENT_ID)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #833f1ae7685d3b4e Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/managed_identity.py:131
                tenant_id=os.environ[EnvironmentVariables.AZURE_TENANT_ID],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2790d51b37dccb8d Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/managed_identity.py:133
                token_file_path=os.environ[EnvironmentVariables.AZURE_FEDERATED_TOKEN_FILE],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8b33893986aa727b Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/service_fabric.py:42
    url = os.environ.get(EnvironmentVariables.IDENTITY_ENDPOINT)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #19c11e8634ddfad9 Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/service_fabric.py:43
    secret = os.environ.get(EnvironmentVariables.IDENTITY_HEADER)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2c673db507055e32 Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/service_fabric.py:44
    thumbprint = os.environ.get(EnvironmentVariables.IDENTITY_SERVER_THUMBPRINT)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #acab6327e75dd692 Filesystem access.
pkgs/python/[email protected]/azure/identity/_credentials/vscode.py:50
            with open(expanded_path, "r", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0986f462b27cbf50 Filesystem access.
pkgs/python/[email protected]/azure/identity/_credentials/workload_identity.py:33
            with open(self._token_file_path, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #848bd69654879ac7 Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/workload_identity.py:79
        tenant_id = tenant_id or os.environ.get(EnvironmentVariables.AZURE_TENANT_ID)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #284cceae05beccf8 Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/workload_identity.py:80
        client_id = client_id or os.environ.get(EnvironmentVariables.AZURE_CLIENT_ID)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b141207f10ab3122 Environment-variable access.
pkgs/python/[email protected]/azure/identity/_credentials/workload_identity.py:81
        token_file_path = token_file_path or os.environ.get(EnvironmentVariables.AZURE_FEDERATED_TOKEN_FILE)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ba06f88ce64a50af Environment-variable access.
pkgs/python/[email protected]/azure/identity/_internal/msal_credentials.py:39
        self._regional_authority = os.environ.get(EnvironmentVariables.AZURE_REGIONAL_AUTHORITY_NAME)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7172a404c5ac5cb4 Environment-variable access.
pkgs/python/[email protected]/azure/identity/_internal/utils.py:90
    authority = os.environ.get(EnvironmentVariables.AZURE_AUTHORITY_HOST, KnownAuthorities.AZURE_PUBLIC_CLOUD)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8990598aac025083 Environment-variable access.
pkgs/python/[email protected]/azure/identity/_internal/utils.py:151
    if default_tenant == "adfs" or os.environ.get(EnvironmentVariables.AZURE_IDENTITY_DISABLE_MULTITENANTAUTH):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0f53e1544c78af30 Environment-variable access.
pkgs/python/[email protected]/azure/identity/_internal/utils.py:207
    token_credentials_env = os.environ.get(EnvironmentVariables.AZURE_TOKEN_CREDENTIALS, "").strip().lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #278f1bf29b0d84e6 Environment-variable access.
pkgs/python/[email protected]/azure/identity/_persistent_cache.py:88
    if sys.platform.startswith("win") and "LOCALAPPDATA" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3c63789293fe31ad Environment-variable access.
pkgs/python/[email protected]/azure/identity/_persistent_cache.py:89
        cache_location = os.path.join(os.environ["LOCALAPPDATA"], ".IdentityService", cache_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d03be61e8ef217f9 Environment-variable access.
pkgs/python/[email protected]/azure/identity/aio/_credentials/azd_cli.py:221
            env=dict(os.environ, NO_COLOR="true"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e3e6c65945748237 Environment-variable access.
pkgs/python/[email protected]/azure/identity/aio/_credentials/azure_arc.py:19
        url = os.environ.get(EnvironmentVariables.IDENTITY_ENDPOINT)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8de238def8b246c7 Environment-variable access.
pkgs/python/[email protected]/azure/identity/aio/_credentials/azure_arc.py:20
        imds = os.environ.get(EnvironmentVariables.IMDS_ENDPOINT)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c22dd5cb092b3b83 Environment-variable access.
pkgs/python/[email protected]/azure/identity/aio/_credentials/azure_cli.py:226
            env=dict(os.environ, AZURE_CORE_NO_COLOR="true"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #406b775ad6c063ad Environment-variable access.
pkgs/python/[email protected]/azure/identity/aio/_credentials/cloud_shell.py:21
        url = os.environ.get(EnvironmentVariables.MSI_ENDPOINT)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2203d7d3cbe2a84c Environment-variable access.
pkgs/python/[email protected]/azure/identity/aio/_credentials/default.py:135
        shared_cache_username = kwargs.pop("shared_cache_username", os.environ.get(EnvironmentVariables.AZURE_USERNAME))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #44554b88a24d461c Environment-variable access.
pkgs/python/[email protected]/azure/identity/aio/_credentials/default.py:137
            "shared_cache_tenant_id", os.environ.get(EnvironmentVariables.AZURE_TENANT_ID)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c43013797a3db3b6 Environment-variable access.
pkgs/python/[email protected]/azure/identity/aio/_credentials/default.py:141
            "managed_identity_client_id", os.environ.get(EnvironmentVariables.AZURE_CLIENT_ID)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #de1c4bd01636086e Environment-variable access.
pkgs/python/[email protected]/azure/identity/aio/_credentials/default.py:145
            "workload_identity_tenant_id", os.environ.get(EnvironmentVariables.AZURE_TENANT_ID)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ef4ffc360d5d359d Environment-variable access.
pkgs/python/[email protected]/azure/identity/aio/_credentials/default.py:150
        token_credentials_env = os.environ.get(EnvironmentVariables.AZURE_TOKEN_CREDENTIALS, "").strip().lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #72f358faec84b8d7 Environment-variable access.
pkgs/python/[email protected]/azure/identity/aio/_credentials/default.py:231
                        token_file_path=os.environ.get(EnvironmentVariables.AZURE_FEDERATED_TOKEN_FILE),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3b66a4dd72000869 Environment-variable access.
pkgs/python/[email protected]/azure/identity/aio/_credentials/environment.py:57
        if all(os.environ.get(v) is not None for v in EnvironmentVariables.CLIENT_SECRET_VARS):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4e4d701f739c30f5 Environment-variable access.
pkgs/python/[email protected]/azure/identity/aio/_credentials/environment.py:59
                client_id=os.environ[EnvironmentVariables.AZURE_CLIENT_ID],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0d3da7fc05f84c4f Environment-variable access.
pkgs/python/[email protected]/azure/identity/aio/_credentials/environment.py:60
                client_secret=os.environ[EnvironmentVariables.AZURE_CLIENT_SECRET],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2065e341e1d0f768 Environment-variable access.
pkgs/python/[email protected]/azure/identity/aio/_credentials/environment.py:61
                tenant_id=os.environ[EnvironmentVariables.AZURE_TENANT_ID],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fa283b8c63e3c6e6 Environment-variable access.
pkgs/python/[email protected]/azure/identity/aio/_credentials/environment.py:64
        elif all(os.environ.get(v) is not None for v in EnvironmentVariables.CERT_VARS):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9a08a3e9bed13931 Environment-variable access.
pkgs/python/[email protected]/azure/identity/aio/_credentials/environment.py:66
                client_id=os.environ[EnvironmentVariables.AZURE_CLIENT_ID],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #96277c50b6efb1ca Environment-variable access.
pkgs/python/[email protected]/azure/identity/aio/_credentials/environment.py:67
                tenant_id=os.environ[EnvironmentVariables.AZURE_TENANT_ID],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #383f17094d9c6730 Environment-variable access.
pkgs/python/[email protected]/azure/identity/aio/_credentials/environment.py:68
                certificate_path=os.environ[EnvironmentVariables.AZURE_CLIENT_CERTIFICATE_PATH],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #80e213a01fe2ef4a Environment-variable access.
pkgs/python/[email protected]/azure/identity/aio/_credentials/environment.py:69
                password=os.environ.get(EnvironmentVariables.AZURE_CLIENT_CERTIFICATE_PASSWORD),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d4bb76683c618c0f Environment-variable access.
pkgs/python/[email protected]/azure/identity/aio/_credentials/environment.py:71
                    os.environ.get(EnvironmentVariables.AZURE_CLIENT_SEND_CERTIFICATE_CHAIN, False)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #20d9c6b31cd80002 Environment-variable access.
pkgs/python/[email protected]/azure/identity/aio/_credentials/environment.py:80
            set_variables = [v for v in expected_variables if v in os.environ]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0755442fc30755c4 Environment-variable access.
pkgs/python/[email protected]/azure/identity/aio/_credentials/imds.py:54
        if EnvironmentVariables.AZURE_POD_IDENTITY_AUTHORITY_HOST in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #53ba44bd6fd9f50b Environment-variable access.
pkgs/python/[email protected]/azure/identity/aio/_credentials/managed_identity.py:54
        if os.environ.get(EnvironmentVariables.IDENTITY_ENDPOINT):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #35df29f810af1a38 Environment-variable access.
pkgs/python/[email protected]/azure/identity/aio/_credentials/managed_identity.py:55
            if os.environ.get(EnvironmentVariables.IDENTITY_HEADER):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #48dc8f9f1598a7e6 Environment-variable access.
pkgs/python/[email protected]/azure/identity/aio/_credentials/managed_identity.py:56
                if os.environ.get(EnvironmentVariables.IDENTITY_SERVER_THUMBPRINT):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #23429eef207a62ae Environment-variable access.
pkgs/python/[email protected]/azure/identity/aio/_credentials/managed_identity.py:70
            elif os.environ.get(EnvironmentVariables.IMDS_ENDPOINT):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e17c805bd93a3d18 Environment-variable access.
pkgs/python/[email protected]/azure/identity/aio/_credentials/managed_identity.py:75
        elif os.environ.get(EnvironmentVariables.MSI_ENDPOINT):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #70cc6d6825b4862d Environment-variable access.
pkgs/python/[email protected]/azure/identity/aio/_credentials/managed_identity.py:76
            if os.environ.get(EnvironmentVariables.MSI_SECRET):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0e85cc50deb002d1 Environment-variable access.
pkgs/python/[email protected]/azure/identity/aio/_credentials/managed_identity.py:87
            all(os.environ.get(var) for var in EnvironmentVariables.WORKLOAD_IDENTITY_VARS)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b5151f9e6e00d13a Environment-variable access.
pkgs/python/[email protected]/azure/identity/aio/_credentials/managed_identity.py:92
            workload_client_id = client_id or os.environ.get(EnvironmentVariables.AZURE_CLIENT_ID)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b14cc7087ec8af98 Environment-variable access.
pkgs/python/[email protected]/azure/identity/aio/_credentials/managed_identity.py:103
                tenant_id=os.environ[EnvironmentVariables.AZURE_TENANT_ID],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #11becfe13e1bc82c Environment-variable access.
pkgs/python/[email protected]/azure/identity/aio/_credentials/managed_identity.py:105
                token_file_path=os.environ[EnvironmentVariables.AZURE_FEDERATED_TOKEN_FILE],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2bd473cda324b925 Environment-variable access.
pkgs/python/[email protected]/azure/identity/aio/_credentials/workload_identity.py:57
        tenant_id = tenant_id or os.environ.get(EnvironmentVariables.AZURE_TENANT_ID)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #14fd15cc79d6cc28 Environment-variable access.
pkgs/python/[email protected]/azure/identity/aio/_credentials/workload_identity.py:58
        client_id = client_id or os.environ.get(EnvironmentVariables.AZURE_CLIENT_ID)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #eb7f05c4f72cf3b5 Environment-variable access.
pkgs/python/[email protected]/azure/identity/aio/_credentials/workload_identity.py:59
        token_file_path = token_file_path or os.environ.get(EnvironmentVariables.AZURE_FEDERATED_TOKEN_FILE)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9f948638c5508da3 Environment-variable access.
pkgs/python/[email protected]/samples/control_interactive_prompts.py:17
VAULT_URL = os.environ.get("VAULT_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e4905f62c6442943 Environment-variable access.
pkgs/python/[email protected]/samples/credential_creation_code_snippets.py:360
        system_access_token=os.environ["SYSTEM_ACCESSTOKEN"],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c4a4abf2b9c68a73 Environment-variable access.
pkgs/python/[email protected]/samples/credential_creation_code_snippets.py:374
        system_access_token=os.environ["SYSTEM_ACCESSTOKEN"],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4904441c5b5a1a02 Environment-variable access.
pkgs/python/[email protected]/samples/key_vault_cert.py:19
VAULT_URL = os.environ["VAULT_URL"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5d9c637ada1b7746 Environment-variable access.
pkgs/python/[email protected]/samples/user_authentication.py:14
VAULT_URL = os.environ.get("VAULT_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

databricks-sdk

python dependency
medium pii_flow dependency Excluded from app score #8cb1c406c114e738 A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/databricks/sdk/credentials_provider.py:341 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/databricks/sdk/credentials_provider.py:340 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/databricks/sdk/credentials_provider.py:341
    resp = requests.get(
        f"{arm}{cfg.azure_workspace_resource_id}?api-version=2018-04-01",
        headers={"Authorization": f"Bearer {token.access_token}"},
    )

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

medium pii_flow dependency Excluded from app score #13bc163d10805e72 A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/databricks/sdk/oidc_token_supplier.py:23 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/databricks/sdk/oidc_token_supplier.py:21 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/databricks/sdk/oidc_token_supplier.py:23
        response = requests.get(endpoint, headers=headers)

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

expand_more 60 low-confidence finding(s)
low egress dependency Excluded from app score #d45a52dee40b5735 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/databricks/sdk/_base_client.py:284
        response = self._session.request(
            method,
            url,
            params=self._fix_query_string(query),
            json=body,
            headers=headers,
            files=files,
            data=data,
            auth=auth,
            stream=raw,
            timeout=self._http_timeout_seconds,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #d29a6761e70f7c1a Environment-variable access.
pkgs/python/[email protected]/databricks/sdk/config.py:565
            if attr.env and os.environ.get(attr.env):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #283a327c1e21336c Environment-variable access.
pkgs/python/[email protected]/databricks/sdk/config.py:569
                    if os.environ.get(alias):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #13a818c496efa51d Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/databricks/sdk/config.py:602
            response = requests.get(f"{self.host}/api/2.0/preview/scim/v2/Me", headers=headers)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #eff8c1b62e05fa42 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/databricks/sdk/config.py:698
        resp = requests.get(login_url, allow_redirects=False)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #98487a591e098a36 Environment-variable access.
pkgs/python/[email protected]/databricks/sdk/config.py:731
            value = os.environ.get(attr.env)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5ded17e2ae0d9ace Environment-variable access.
pkgs/python/[email protected]/databricks/sdk/config.py:734
                    value = os.environ.get(alias)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ca83541c77151920 Environment-variable access.
pkgs/python/[email protected]/databricks/sdk/credentials_provider.py:159
    if "DATABRICKS_RUNTIME_VERSION" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d43cf0fc47e6917e Environment-variable access.
pkgs/python/[email protected]/databricks/sdk/credentials_provider.py:203
    if "DATABRICKS_RUNTIME_VERSION" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #e8175b8bfcee7fac Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/databricks/sdk/credentials_provider.py:341
    resp = requests.get(
        f"{arm}{cfg.azure_workspace_resource_id}?api-version=2018-04-01",
        headers={"Authorization": f"Bearer {token.access_token}"},
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #50161c4365d21dcd Environment-variable access.
pkgs/python/[email protected]/databricks/sdk/credentials_provider.py:538
    if "ACTIONS_ID_TOKEN_REQUEST_TOKEN" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2fb803b18c46a412 Filesystem access.
pkgs/python/[email protected]/databricks/sdk/credentials_provider.py:593
        with io.open(cfg.google_credentials, "r", encoding="utf-8") as json_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b103e5a047881dc2 Environment-variable access.
pkgs/python/[email protected]/databricks/sdk/credentials_provider.py:1195
        for dir in os.getenv("PATH", default="").split(os.path.pathsep):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #68a496f1225b2fac Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/databricks/sdk/credentials_provider.py:1264
        resp = requests.get(
            self.url,
            timeout=self._metadata_service_timeout,
            headers={
                self.METADATA_SERVICE_VERSION_HEADER: self.METADATA_SERVICE_VERSION,
                self.METADATA_SERVICE_HOST_HEADER: self.host,
            },
            proxies={
                # Explicitly exclude localhost from being proxied. This is necessary
                # for Metadata URLs which typically point to localhost.
                "no_proxy": "localhost,127.0.0.1"
            },
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #6b12c1da7378e18b Environment-variable access.
pkgs/python/[email protected]/databricks/sdk/credentials_provider.py:1329
            os.environ.get("IS_IN_DB_MODEL_SERVING_ENV")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #da164afafbbaeae5 Environment-variable access.
pkgs/python/[email protected]/databricks/sdk/credentials_provider.py:1330
            or os.environ.get("IS_IN_DATABRICKS_MODEL_SERVING_ENV")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d8bd1138bf4ee090 Filesystem access.
pkgs/python/[email protected]/databricks/sdk/credentials_provider.py:1343
            with open(ModelServingAuthProvider._MODEL_DEPENDENCY_OAUTH_TOKEN_FILE_PATH) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5dfed5412c247fef Environment-variable access.
pkgs/python/[email protected]/databricks/sdk/credentials_provider.py:1379
        host = os.environ.get("DATABRICKS_MODEL_SERVING_HOST_URL") or os.environ.get("DB_MODEL_SERVING_HOST_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #38b09fd9914da8c5 Environment-variable access.
pkgs/python/[email protected]/databricks/sdk/dbutils.py:275
    value = os.getenv("DATABRICKS_SOURCE_FILE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #999b879c48e0cb59 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/databricks/sdk/mixins/files.py:1017
            response = session.request(
                "HEAD",
                probe_url,
                headers=headers,
                timeout=self._STORAGE_PROXY_PROBE_TIMEOUT,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #8a0c52b557a57236 Filesystem access.
pkgs/python/[email protected]/databricks/sdk/mixins/files.py:1165
        with open(destination, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8e20b4501aab5ca9 Filesystem access.
pkgs/python/[email protected]/databricks/sdk/mixins/files.py:1204
                    with open(temp_file, "r+b") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8e035ab4863a1219 Filesystem access.
pkgs/python/[email protected]/databricks/sdk/mixins/files.py:1505
            with open(source_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #74c9153e1e5ee128 Filesystem access.
pkgs/python/[email protected]/databricks/sdk/mixins/files.py:1654
                with open(ctx.source_file_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ff63f32588413af1 Filesystem access.
pkgs/python/[email protected]/databricks/sdk/mixins/files.py:1669
            with open(ctx.source_file_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0684a9fd0526a265 Filesystem access.
pkgs/python/[email protected]/databricks/sdk/mixins/files.py:1694
        with open(ctx.source_file_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #00c2b99887f3271f Filesystem access.
pkgs/python/[email protected]/databricks/sdk/mixins/files.py:1883
                with open(part.ctx.source_file_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #4c91a9fb0a0e7045 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/databricks/sdk/mixins/files.py:1971
                return self._cloud_provider_session().request(
                    "PUT",
                    presigned.url,
                    headers=presigned.headers,
                    data=part_content,
                    timeout=self._config.files_ext_network_transfer_inactivity_timeout_seconds,
                )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #7b99360969fd7806 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/databricks/sdk/mixins/files.py:2079
                    return self._cloud_provider_session().request(
                        "PUT",
                        presigned.url,
                        headers=presigned.headers,
                        data=chunk,
                        timeout=self._config.files_ext_network_transfer_inactivity_timeout_seconds,
                    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #cb5fe24a13ae6f13 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/databricks/sdk/mixins/files.py:2284
                        return self._cloud_provider_session().request(
                            "PUT",
                            resumable_upload_url,
                            headers={"Content-Range": "bytes */*"},
                            data=b"",
                            timeout=self._config.files_ext_network_transfer_inactivity_timeout_seconds,
                        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #a5ff76a88f50c619 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/databricks/sdk/mixins/files.py:2299
                    upload_response = self._cloud_provider_session().request(
                        "PUT",
                        resumable_upload_url,
                        headers=headers,
                        data=BytesIO(buffer[:actual_chunk_length]),
                        timeout=self._config.files_ext_network_transfer_inactivity_timeout_seconds,
                    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #cc334e0e085a7f18 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/databricks/sdk/mixins/files.py:2434
            return self._cloud_provider_session().request(
                "DELETE",
                abort_info.url,
                headers=abort_info.headers,
                data=b"",
                timeout=self._config.files_ext_network_transfer_inactivity_timeout_seconds,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #d1c0acb9e585443b Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/databricks/sdk/mixins/files.py:2451
            return self._cloud_provider_session().request(
                "DELETE",
                resumable_upload_url,
                headers=headers,
                data=b"",
                timeout=self._config.files_ext_network_transfer_inactivity_timeout_seconds,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #d400ae94ac343c33 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/databricks/sdk/mixins/files.py:2612
            return self._cloud_provider_session().request(
                "GET",
                url_and_headers.url,
                headers=merged_headers,
                timeout=self._config.files_ext_network_transfer_inactivity_timeout_seconds,
                stream=True,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #8d9112f07410f6f4 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/databricks/sdk/oauth.py:209
    resp = requests.post(token_url, params, auth=auth, headers=headers)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #92d754c4c1bf7ccd Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/databricks/sdk/oauth.py:548
    res = requests.get(f"{host}/oidc/oauth2/v2.0/authorize", allow_redirects=False)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #9dd15341d98438af Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/databricks/sdk/oauth.py:916
        resp = requests.post(token_exchange_url, params)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #1f4a9f9e2f3af967 Filesystem access.
pkgs/python/[email protected]/databricks/sdk/oauth.py:980
            with open(self.filename, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5bf3edfec3950901 Filesystem access.
pkgs/python/[email protected]/databricks/sdk/oauth.py:997
        with open(self.filename, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cc3b96858867ddcb Environment-variable access.
pkgs/python/[email protected]/databricks/sdk/oidc.py:78
        token = os.getenv(self.env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #65ac67a3acb52d4e Filesystem access.
pkgs/python/[email protected]/databricks/sdk/oidc.py:114
            with open(self.path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cf3ac7d30e5a53c8 Environment-variable access.
pkgs/python/[email protected]/databricks/sdk/oidc_token_supplier.py:17
        if "ACTIONS_ID_TOKEN_REQUEST_TOKEN" not in os.environ or "ACTIONS_ID_TOKEN_REQUEST_URL" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a6d503f2a207aa3a Environment-variable access.
pkgs/python/[email protected]/databricks/sdk/oidc_token_supplier.py:21
        headers = {"Authorization": f"Bearer {os.environ['ACTIONS_ID_TOKEN_REQUEST_TOKEN']}"}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b9d48075c104d361 Environment-variable access.
pkgs/python/[email protected]/databricks/sdk/oidc_token_supplier.py:22
        endpoint = f"{os.environ['ACTIONS_ID_TOKEN_REQUEST_URL']}&audience={audience}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #064758e2f41676c9 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/databricks/sdk/oidc_token_supplier.py:23
        response = requests.get(endpoint, headers=headers)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #78937d235886b9c0 Environment-variable access.
pkgs/python/[email protected]/databricks/sdk/oidc_token_supplier.py:46
        self.access_token = os.environ.get("SYSTEM_ACCESSTOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3f62f0fdbbdba901 Environment-variable access.
pkgs/python/[email protected]/databricks/sdk/oidc_token_supplier.py:47
        self.collection_uri = os.environ.get("SYSTEM_TEAMFOUNDATIONCOLLECTIONURI")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a9b37e383e8af513 Environment-variable access.
pkgs/python/[email protected]/databricks/sdk/oidc_token_supplier.py:48
        self.project_id = os.environ.get("SYSTEM_TEAMPROJECTID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c5e0353810d95eda Environment-variable access.
pkgs/python/[email protected]/databricks/sdk/oidc_token_supplier.py:49
        self.plan_id = os.environ.get("SYSTEM_PLANID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #afad333b6985e242 Environment-variable access.
pkgs/python/[email protected]/databricks/sdk/oidc_token_supplier.py:50
        self.job_id = os.environ.get("SYSTEM_JOBID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1fa8218920b377e9 Environment-variable access.
pkgs/python/[email protected]/databricks/sdk/oidc_token_supplier.py:51
        self.hub_name = os.environ.get("SYSTEM_HOSTTYPE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #7df2d1afb6925370 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/databricks/sdk/oidc_token_supplier.py:93
            response = requests.post(endpoint, headers=headers)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #618981f1ca1b3ce7 Environment-variable access.
pkgs/python/[email protected]/databricks/sdk/useragent.py:119
    product = os.getenv("DATABRICKS_SDK_UPSTREAM")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f4357bc98d32bbb7 Environment-variable access.
pkgs/python/[email protected]/databricks/sdk/useragent.py:120
    version = os.getenv("DATABRICKS_SDK_UPSTREAM_VERSION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dc5fb55cd6c91006 Environment-variable access.
pkgs/python/[email protected]/databricks/sdk/useragent.py:128
    if "DATABRICKS_RUNTIME_VERSION" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #13d592c03a0bfdb2 Environment-variable access.
pkgs/python/[email protected]/databricks/sdk/useragent.py:129
        runtime_version = os.environ["DATABRICKS_RUNTIME_VERSION"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #932ba41629e6266c Environment-variable access.
pkgs/python/[email protected]/databricks/sdk/useragent.py:222
            v = os.getenv(envvar)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ab570aac7e27d62e Environment-variable access.
pkgs/python/[email protected]/databricks/sdk/useragent.py:312
    matches = [a.product for a in _KNOWN_AGENTS if a.env_var in os.environ]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #027091704b3f73df Environment-variable access.
pkgs/python/[email protected]/databricks/sdk/useragent.py:332
    v = os.environ.get("AGENT") or os.environ.get("AI_AGENT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #75bb7fdb95b630df Environment-variable access.
pkgs/python/[email protected]/databricks/sdk/useragent.py:362
    matches = [h.product for h in _KNOWN_META_HARNESSES if h.env_var in os.environ]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

snowflake-connector-python

python dependency
medium telemetry dependency Excluded from app score #69472ca20b7a3905 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/snowflake/connector/aio/_network.py:220
            from opentelemetry.trace.propagation.tracecontext import (
                TraceContextTextMapPropagator,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1318d57c552f4a2a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/snowflake/connector/network.py:486
            from opentelemetry.trace.propagation.tracecontext import (
                TraceContextTextMapPropagator,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

expand_more 185 low-confidence finding(s)
low env_fs dependency Excluded from app score #2adb356e4991474f Filesystem access.
pkgs/python/[email protected]/setup.py:18
    with open(
        os.path.join(CONNECTOR_SRC_DIR, "generated_version.py"), encoding="utf-8"
    ) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b0a563e84b11d0fc Filesystem access.
pkgs/python/[email protected]/setup.py:23
    with open(os.path.join(CONNECTOR_SRC_DIR, "version.py"), encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #46601aa28936d028 Environment-variable access.
pkgs/python/[email protected]/setup.py:47
    os.environ.get("SNOWFLAKE_DISABLE_COMPILE_ARROW_EXTENSIONS", "false").lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ce58c674bfad4aae Environment-variable access.
pkgs/python/[email protected]/setup.py:51
    os.environ.get("SNOWFLAKE_NO_BOTO", "false").lower() in _POSITIVE_VALUES

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f82387a9460a90bd Environment-variable access.
pkgs/python/[email protected]/setup.py:140
                    if "std=" not in os.environ.get("CXXFLAGS", ""):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c4c8d276e11cfbfb Environment-variable access.
pkgs/python/[email protected]/setup.py:145
                        and "macosx-version-min" not in os.environ.get("CXXFLAGS", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7b2d845961db43ea Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/_utils.py:125
    if not os.environ.get(_SPCS_ENV_VAR):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #952b40257acc2bda Filesystem access.
pkgs/python/[email protected]/src/snowflake/connector/_utils.py:128
        with open(_SPCS_TOKEN_PATH, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a1296c3096fc7064 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/_utils.py:298
        value = str(os.getenv("SNOWFLAKE_DISABLE_MINICORE", None)).lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ad62d16062eeae2f Filesystem access.
pkgs/python/[email protected]/src/snowflake/connector/aio/_azure_storage_client.py:181
            or open(self.meta.real_src_file_name, "rb")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8c81cbae0018ee11 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/aio/_connection.py:236
        if "SF_OCSP_RESPONSE_CACHE_SERVER_URL" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a783b4fa15ea08b5 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/aio/_connection.py:239
                os.environ["SF_OCSP_RESPONSE_CACHE_SERVER_URL"],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7f7dd8644495414f Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/aio/_connection.py:247
            if "SF_OCSP_RESPONSE_CACHE_SERVER_URL" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #44e5e00f7d624851 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/aio/_connection.py:248
                del os.environ["SF_OCSP_RESPONSE_CACHE_SERVER_URL"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f6f39d0a38ec5509 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/aio/_connection.py:804
        if os.environ.get(_DISABLE_CONNECTION_SHAPE_ENV, "").lower() == "true":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4e180c74ec6053fb Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/aio/_connection.py:1241
            os.environ["SF_OCSP_RESPONSE_CACHE_SERVER_URL"] = ocsp_cache_server

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #98039d3da86cc26e Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/aio/_ocsp_snowflake.py:92
                test_timeout = os.getenv(
                    "SF_TEST_OCSP_CACHE_SERVER_CONNECTION_TIMEOUT", None
                )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8ab7fce81b00fcee Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/aio/_ocsp_snowflake.py:95
                sf_cache_server_url = os.getenv("SF_TEST_OCSP_CACHE_SERVER_URL", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #3aacc6d690fb1dae Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/snowflake/connector/aio/_ocsp_snowflake.py:106
                    response = await session.get(
                        url,
                        timeout=sf_timeout,  # socket timeout
                        headers=headers,
                    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #d09b446429fbea80 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/aio/_ocsp_snowflake.py:153
        self.test_mode = os.getenv("SF_OCSP_TEST_MODE", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #eb421d8a67a6fde4 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/aio/_ocsp_snowflake.py:168
        if os.getenv("SF_OCSP_FAIL_OPEN") is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d6779204be23b5de Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/aio/_ocsp_snowflake.py:171
            self.FAIL_OPEN = os.getenv("SF_OCSP_FAIL_OPEN").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cd289ad2d68cf811 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/aio/_ocsp_snowflake.py:525
            test_ocsp_url = os.getenv("SF_TEST_OCSP_URL", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d79ee2a823f8cdfc Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/aio/_ocsp_snowflake.py:526
            test_timeout = os.getenv(
                "SF_TEST_CA_OCSP_RESPONDER_CONNECTION_TIMEOUT", None
            )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #4edcb9093c6239d3 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/snowflake/connector/aio/_result_batch.py:215
            response = await http_session.get(**request_data)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #7465b67449562f98 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/snowflake/connector/aio/_session_manager.py:227
            return await session.get(
                url, headers=headers, timeout=timeout_obj, **kwargs
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #f350fccde138efdc Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/snowflake/connector/aio/_session_manager.py:274
            return await session.post(
                url,
                headers=headers,
                timeout=timeout_obj,
                data=data,
                json=json,
                **kwargs,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #cc267014d6ca1289 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/snowflake/connector/aio/_session_manager.py:295
            return await session.put(
                url, headers=headers, timeout=timeout_obj, data=data, **kwargs
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #af192156047585d1 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/snowflake/connector/aio/_storage_client.py:201
                        response = await session.request(verb, url, **rest_kwargs)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #954d4435f0e2ed05 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/snowflake/connector/aio/_storage_client.py:211
                    response = await session_manager.request(verb, url, **rest_kwargs)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #2f17665033aac508 Filesystem access.
pkgs/python/[email protected]/src/snowflake/connector/aio/_storage_client.py:284
            or open(self.data_file, "rb")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fdda515d8c1bc3eb Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/aio/_wif_util.py:60
    region = os.environ.get("AWS_REGION") or os.environ.get("AWS_DEFAULT_REGION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8e7255230a2dde7f Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/aio/_wif_util.py:312
    _federated_token_file = os.environ.get("AZURE_FEDERATED_TOKEN_FILE", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #66faa92fc86f8538 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/aio/_wif_util.py:315
            os.environ.get("AZURE_CLIENT_ID"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #aa0576a9b9809351 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/aio/_wif_util.py:316
            os.environ.get("AZURE_TENANT_ID"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a98bb2af50d0aa36 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/aio/_wif_util.py:348
        identity_endpoint = os.environ.get("IDENTITY_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f806d3620c774100 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/aio/_wif_util.py:349
        identity_header = os.environ.get("IDENTITY_HEADER")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6b004a74d18c3cdf Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/aio/_wif_util.py:366
        managed_identity_client_id = os.environ.get("MANAGED_IDENTITY_CLIENT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #25dd30165955d66c Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/aio/auth/_webbrowser.py:88
        if os.getenv("SNOWFLAKE_AUTH_SOCKET_REUSE_PORT", "False").lower() == "true":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ba7173df47d448eb Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/aio/auth/_webbrowser.py:97
            hostname = os.getenv("SF_AUTH_SOCKET_ADDR", "localhost")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #89b4d934b98dc1b3 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/aio/auth/_webbrowser.py:102
                        int(os.getenv("SF_AUTH_SOCKET_PORT", 0)),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3354867e2ffae06c Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/aio/auth/_webbrowser.py:153
                or os.getenv("SNOWFLAKE_AUTH_FORCE_SERVER", "False").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #43f449c1a0e0bf62 Filesystem access.
pkgs/python/[email protected]/src/snowflake/connector/auth/_auth.py:632
    with open(privatekey_path, "rb") as key:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9d41d31195894761 Filesystem access.
pkgs/python/[email protected]/src/snowflake/connector/auth/_auth.py:655
    with open(private_key_file, "rb") as key:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c1b213f5b6d5f88c Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/auth/_http_server.py:24
    if os.getenv("SNOWFLAKE_AUTH_SOCKET_MSG_DONTWAIT", "false").lower() != "true":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e4f689dc8fdc56ef Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/auth/_http_server.py:79
        if os.getenv("SNOWFLAKE_AUTH_SOCKET_REUSE_PORT", "False").lower() == "true":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9f10dba7a7a6adab Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/auth/by_plugin.py:74
                int(getenv("MAX_CON_RETRY_ATTEMPTS", DEFAULT_MAX_CON_RETRY_ATTEMPTS)),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8d1a45c8490c3a6b Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/auth/keypair.py:67
                os.getenv(
                    "JWT_CNXN_RETRY_ATTEMPTS", AuthByKeyPair.DEFAULT_JWT_RETRY_ATTEMPTS
                )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8113dedd54cc9651 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/auth/keypair.py:78
                    os.getenv(
                        "JWT_CNXN_WAIT_TIME",
                        AuthByKeyPair.DEFAULT_JWT_CNXN_WAIT_TIME,
                    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1d94bd14a7da5982 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/auth/keypair.py:93
            seconds=int(os.getenv("JWT_LIFETIME_IN_SECONDS", lifetime_in_seconds))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4861d6f8595d0d39 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/auth/webbrowser.py:118
        if os.getenv("SNOWFLAKE_AUTH_SOCKET_REUSE_PORT", "False").lower() == "true":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2b019cf0eccf18e0 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/auth/webbrowser.py:127
            hostname = os.getenv("SF_AUTH_SOCKET_ADDR", "localhost")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f9c02ee897baf3d1 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/auth/webbrowser.py:132
                        int(os.getenv("SF_AUTH_SOCKET_PORT", 0)),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #23ab1008d4287584 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/auth/webbrowser.py:183
                or os.getenv("SNOWFLAKE_AUTH_FORCE_SERVER", "False").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6384f16c52364b6d Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/auth/webbrowser.py:231
                    os.getenv("SNOWFLAKE_AUTH_SOCKET_MSG_DONTWAIT", "false").lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #009d7bc0a707daaf Filesystem access.
pkgs/python/[email protected]/src/snowflake/connector/azure_storage_client.py:234
            or open(self.meta.real_src_file_name, "rb")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6da04c0c2052bc3e Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/cache.py:29
test_mode = os.getenv(ENV_VAR_TEST_MODE, "").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4ad0c411a91f7ca5 Filesystem access.
pkgs/python/[email protected]/src/snowflake/connector/cache.py:436
            with open(tmp_file, "w") as w_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3e86a63bb18ab579 Filesystem access.
pkgs/python/[email protected]/src/snowflake/connector/cache.py:440
                with open(tmp_file_path) as r_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #392d94d031ebeec7 Filesystem access.
pkgs/python/[email protected]/src/snowflake/connector/cache.py:508
            with open(self.file_path, "rb") as r_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d0df36909ece12a5 Filesystem access.
pkgs/python/[email protected]/src/snowflake/connector/cache.py:576
                    with open(tmp_file, "wb") as w_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cf5b7d1ef1f0f44b Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/config_manager.py:45
    if SKIP_WARNING_ENV_VAR in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d4dcd0c3746d085d Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/config_manager.py:46
        return os.getenv(SKIP_WARNING_ENV_VAR, "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #31808b2d3e12ea3a Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/config_manager.py:47
    if SPCS_INJECTED_SKIP_WARNING_ENV_VAR in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6911c803fbbabc50 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/config_manager.py:48
        return os.getenv(SPCS_INJECTED_SKIP_WARNING_ENV_VAR, "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d3588e0151870b44 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/config_manager.py:50
    if DEPRECATED_SKIP_WARNING_ENV_VAR in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #60959a48359f3ce1 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/config_manager.py:54
        return os.getenv(DEPRECATED_SKIP_WARNING_ENV_VAR, "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8b6f7740921c1552 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/config_manager.py:190
        env_var = os.environ.get(env_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #17d88555a260b433 Filesystem access.
pkgs/python/[email protected]/src/snowflake/connector/config_manager.py:412
                read_config_piece = tomlkit.parse(filep.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #690331b4fd776486 Filesystem access.
pkgs/python/[email protected]/src/snowflake/connector/connection.py:197
    with open(private_key_file, "rb") as key:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #670f9f4e9314afd0 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/connection.py:1383
        os.environ["SF_OCSP_RESPONSE_CACHE_SERVER_URL"] = ocsp_cache_server

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #384b5ef62ac35344 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/connection.py:1403
        if "SF_OCSP_RESPONSE_CACHE_SERVER_URL" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #232549cc9af20005 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/connection.py:1406
                os.environ["SF_OCSP_RESPONSE_CACHE_SERVER_URL"],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #eb752c28bb457ce8 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/connection.py:1412
            if "SF_OCSP_RESPONSE_CACHE_SERVER_URL" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8735310cea289edf Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/connection.py:1413
                del os.environ["SF_OCSP_RESPONSE_CACHE_SERVER_URL"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e3768f00a508f729 Filesystem access.
pkgs/python/[email protected]/src/snowflake/connector/connection.py:1801
            with open(token_file_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #85d3385ed515a64d Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/connection.py:2645
        if os.environ.get(_DISABLE_CONNECTION_SHAPE_ENV, "").lower() == "true":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cfb7a92cf0dcdce6 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/connection.py:2709
        if ENV_VAR_PARTNER in os.environ.keys():

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d5042e77a2313f6e Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/connection.py:2710
            return os.environ[ENV_VAR_PARTNER]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2cade620f79f8a6f Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/connection_diagnostic.py:120
            proxy_url = os.getenv("HTTPS_PROXY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #66c36b1facfe91bd Filesystem access.
pkgs/python/[email protected]/src/snowflake/connector/connection_diagnostic.py:318
            results_file = open(self.full_connection_diag_allowlist_path)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cf5a7a679b852fa3 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/connection_diagnostic.py:508
            if proxy_key in os.environ.keys():

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2d464306717a7258 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/connection_diagnostic.py:509
                env_proxy_backup[proxy_key] = os.environ.get(proxy_key)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5b73ce12220732ed Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/connection_diagnostic.py:510
                del os.environ[proxy_key]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #055782fe90166e1a Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/connection_diagnostic.py:538
            os.environ[restore_key] = env_proxy_backup[restore_key]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #0bfcbf641600fcdb Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/src/snowflake/connector/connection_diagnostic.py:598
            resp = self._session_manager.get(
                "https://nonexistentdomain.invalid", use_pooling=False, **request_kwargs
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #2b3c9af3fee88151 Filesystem access.
pkgs/python/[email protected]/src/snowflake/connector/connection_diagnostic.py:698
        self.report_file.write_text(message)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3c2b32e25a4b171e Filesystem access.
pkgs/python/[email protected]/src/snowflake/connector/crl_cache.py:337
                    with open(crl_file_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cb2c709621e05383 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/crl_cache.py:709
    if "USERPROFILE" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3b32ac07890f41c2 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/crl_cache.py:710
        return Path(os.environ["USERPROFILE"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c6b2730ca551caad Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/crl_cache.py:711
    if "HOMEDRIVE" in os.environ and "HOMEPATH" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #97f7d563a252e794 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/crl_cache.py:712
        return Path(os.environ["HOMEDRIVE"]) / os.environ["HOMEPATH"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #10ef99a0f154603c Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/crl_cache.py:713
    if "LOCALAPPDATA" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4b933b0016ff045e Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/crl_cache.py:714
        return Path(os.environ["LOCALAPPDATA"]).parent.parent

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #be77d0b50a652210 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/crl_cache.py:715
    if "APPDATA" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6bc155b5a86c1269 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/crl_cache.py:716
        return Path(os.environ["APPDATA"]).parent.parent

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c6625b398cfce4b7 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/cursor.py:2057
        if "NANOARROW_USAGE" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #59cd2eadfc44fece Filesystem access.
pkgs/python/[email protected]/src/snowflake/connector/encryption_util.py:141
        with open(in_filename, "rb") as infile:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cb81df14ec0672e3 Filesystem access.
pkgs/python/[email protected]/src/snowflake/connector/encryption_util.py:215
        with open(in_filename, "rb") as infile:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7c2e7a5c49f64fc6 Filesystem access.
pkgs/python/[email protected]/src/snowflake/connector/encryption_util.py:216
            with open(temp_output_file, "wb", opener=file_opener) as outfile:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #69734e411dea784c Filesystem access.
pkgs/python/[email protected]/src/snowflake/connector/file_transfer_agent.py:1171
                        with open(file_name, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4df5177b173ac90a Filesystem access.
pkgs/python/[email protected]/src/snowflake/connector/file_util.py:79
        with open(file_name, "rb") as fr:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2b28850c3c7488fb Filesystem access.
pkgs/python/[email protected]/src/snowflake/connector/file_util.py:97
        with open(gzip_file_name, "r+b") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ea51a2a325667e8c Filesystem access.
pkgs/python/[email protected]/src/snowflake/connector/file_util.py:148
        with open(file_name, "rb") as src:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2435ed86054e08b8 Filesystem access.
pkgs/python/[email protected]/src/snowflake/connector/local_storage_client.py:55
        with open(self.stage_file_name, "rb") as sfd:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c4c742747b61c75e Filesystem access.
pkgs/python/[email protected]/src/snowflake/connector/local_storage_client.py:56
            with open(
                os.path.join(
                    self.meta.local_location,
                    os.path.basename(self.intermediate_dst_path),
                ),
                "rb+",
            ) as tfd:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fdbc3a27f4e2f562 Filesystem access.
pkgs/python/[email protected]/src/snowflake/connector/local_storage_client.py:80
        with open(self.full_dst_file_name, "wb+") as fd:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b66ec813b1cd1af1 Filesystem access.
pkgs/python/[email protected]/src/snowflake/connector/local_storage_client.py:84
        with open(self.full_dst_file_name, "rb+") as tfd:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #595e6cad8bf696cc Filesystem access.
pkgs/python/[email protected]/src/snowflake/connector/ocsp_asn1crypto.py:88
        with open(ca_bundle_file, "rb") as all_certs:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9af3d01cdd8f6bbc Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/ocsp_asn1crypto.py:247
                ocsp_load_failure = getenv("SF_TEST_OCSP_FORCE_BAD_OCSP_RESPONSE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #38b1512a25604e01 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/ocsp_asn1crypto.py:324
            test_cert_status = getenv("SF_TEST_OCSP_CERT_STATUS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5902ac2199c22bb5 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/ocsp_snowflake.py:416
    MAX_RETRY = int(os.getenv("OCSP_MAX_RETRY", "3"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #908a3c9af6365b64 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/ocsp_snowflake.py:434
            self.CACHE_SERVER_URL = os.getenv(
                "SF_OCSP_RESPONSE_CACHE_SERVER_URL",
                "{}/{}".format(
                    self.DEFAULT_CACHE_SERVER_URL,
                    OCSPCache.OCSP_RESPONSE_CACHE_FILE_NAME,
                ),
            )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7b759aea6c9c2698 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/ocsp_snowflake.py:442
            self.CACHE_SERVER_URL = os.getenv("SF_OCSP_RESPONSE_CACHE_SERVER_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #668af50f8a635e4d Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/ocsp_snowflake.py:445
            os.getenv("SF_OCSP_RESPONSE_CACHE_SERVER_ENABLED", "true") != "false"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #311f4ae984336d7c Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/ocsp_snowflake.py:453
        return os.getenv("SF_OCSP_ACTIVATE_NEW_ENDPOINT", "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #953cb48592acbace Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/ocsp_snowflake.py:542
                test_timeout = os.getenv(
                    "SF_TEST_OCSP_CACHE_SERVER_CONNECTION_TIMEOUT", None
                )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8f6e6bdfd93747f9 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/ocsp_snowflake.py:545
                sf_cache_server_url = os.getenv("SF_TEST_OCSP_CACHE_SERVER_URL", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #77b55c9d021e33ba Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/snowflake/connector/ocsp_snowflake.py:560
                    response = session.get(
                        url,
                        timeout=sf_timeout,  # socket timeout
                        headers=headers,
                    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #5f393444b6ea6248 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/ocsp_snowflake.py:640
        OCSPCache.CACHE_DIR = os.getenv("SF_OCSP_RESPONSE_CACHE_DIR")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2db3c2c609d056b5 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/ocsp_snowflake.py:1044
        self.test_mode = os.getenv("SF_OCSP_TEST_MODE", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #edd58c0ea5a05541 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/ocsp_snowflake.py:1059
        if os.getenv("SF_OCSP_FAIL_OPEN") is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #09935f3a3e143a21 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/ocsp_snowflake.py:1062
            self.FAIL_OPEN = os.getenv("SF_OCSP_FAIL_OPEN").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #940356db40dff0f6 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/ocsp_snowflake.py:1196
        return os.getenv("SF_OCSP_DO_RETRY", "true") == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #009dc51c1618c122 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/ocsp_snowflake.py:1431
                    ca_bundle = environ.get("REQUESTS_CA_BUNDLE") or environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5b1015320893cab6 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/ocsp_snowflake.py:1431
                    ca_bundle = environ.get("REQUESTS_CA_BUNDLE") or environ.get(
                        "CURL_CA_BUNDLE"
                    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f5044c86e5f7f61d Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/ocsp_snowflake.py:1513
            force_validity_fail = os.getenv("SF_TEST_OCSP_FORCE_BAD_RESPONSE_VALIDITY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #48051656e7ec435d Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/ocsp_snowflake.py:1619
            test_ocsp_url = os.getenv("SF_TEST_OCSP_URL", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a943cb8ac232b467 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/ocsp_snowflake.py:1620
            test_timeout = os.getenv(
                "SF_TEST_CA_OCSP_RESPONDER_CONNECTION_TIMEOUT", None
            )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c3c7544efcc8d51c Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/ocsp_snowflake.py:1752
            test_cert_status = os.getenv("SF_TEST_OCSP_CERT_STATUS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8d98353d55d26608 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/options.py:110
        if "ARROW_DEFAULT_MEMORY_POOL" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b2b8050248c94990 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/options.py:111
            os.environ["ARROW_DEFAULT_MEMORY_POOL"] = "system"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6a3745ce0a3d9cf6 Filesystem access.
pkgs/python/[email protected]/src/snowflake/connector/os_details.py:45
    with open("/etc/os-release", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c9894d5dcc5ee672 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/platform_detection.py:121
        if "LAMBDA_TASK_ROOT" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #ba921c7d7907a34c Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/src/snowflake/connector/platform_detection.py:196
        token_resp = session_manager.get(
            "http://169.254.169.254/metadata/instance?api-version=2021-02-01",
            headers={"Metadata": "true"},
            timeout=platform_detection_timeout_seconds,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #7c00a6e82045b8a0 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/platform_detection.py:231
        if all(var in os.environ for var in service_vars)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #34d08c59dab7fc8d Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/platform_detection.py:275
    return bool(os.environ.get("IDENTITY_HEADER"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #4911553d41859801 Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/src/snowflake/connector/platform_detection.py:329
        response = session_manager.get(
            "http://metadata.google.internal",
            timeout=platform_detection_timeout_seconds,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #2f7bcf86f65bc3cd Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/platform_detection.py:358
        if all(var in os.environ for var in service_vars)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ef7363c3e2513b54 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/platform_detection.py:377
        if all(var in os.environ for var in job_vars)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #f4365382eccf8540 Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/src/snowflake/connector/platform_detection.py:399
        response = session_manager.get(
            "http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/default/email",
            headers={"Metadata-Flavor": "Google"},
            timeout=platform_detection_timeout_seconds,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #5947e371f920f0f3 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/platform_detection.py:427
        if "GITHUB_ACTIONS" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #171e19e2098e71aa Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/platform_detection.py:442
        if os.environ.get("SNOWFLAKE_ENABLE_AWS_WIF_OUTBOUND_TOKEN", "false").lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7bcd0cea828dfecd Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/platform_detection.py:472
            os.environ.get(ENV_VAR_DISABLE_PLATFORM_DETECTION, "").lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #669c6c0b6575a324 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/snowflake/connector/result_batch.py:391
                            response = session.request("get", **request_data)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #ab0c443ddc6d9891 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/snowflake/connector/result_batch.py:397
                            response = session.request("get", **request_data)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #8c36c200471b1ef7 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/secret_detector.py:15
MIN_TOKEN_LEN = os.getenv("MIN_TOKEN_LEN", 32)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d7f4a3e6ee5014da Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/secret_detector.py:16
MIN_PWD_LEN = os.getenv("MIN_PWD_LEN", 8)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #da6d6c5ea47c5f8b Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/snowflake/connector/session_manager.py:288
            return session.get(url, headers=headers, timeout=timeout, **kwargs)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #d2ea9d4031c0ddda Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/snowflake/connector/session_manager.py:326
            return session.post(
                url,
                headers=headers,
                timeout=timeout,
                data=data,
                json=json,
                **kwargs,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #3e3e57691a712fea Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/snowflake/connector/session_manager.py:346
            return session.put(
                url, headers=headers, timeout=timeout, data=data, **kwargs
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #02730a6ed5770072 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/sf_dirs.py:31
        os.environ.get("SNOWFLAKE_HOME", "~/.snowflake/"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #34d474911f3f262b Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/ssl_wrap_socket.py:65
    return os.environ.get("REQUESTS_CA_BUNDLE") or os.environ.get("SSL_CERT_FILE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #3451754f9b2c68d4 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/snowflake/connector/storage_client.py:294
                        response = session.request(verb, url, **rest_kwargs)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #e7a59c92974dc435 Filesystem access.
pkgs/python/[email protected]/src/snowflake/connector/storage_client.py:428
            or open(self.data_file, "rb")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #b532254452b8cd96 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/snowflake/connector/telemetry_oob.py:491
                response = session.post(
                    self.deployment.url,
                    data=payload,
                    headers=headers,
                    timeout=REQUEST_TIMEOUT,
                )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #abb6d3d911e6e2ff Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/test_util.py:10
RUNNING_ON_JENKINS = os.getenv("JENKINS_HOME") is not None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0d17f97c9bf181cc Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/test_util.py:11
REGRESSION_TEST_LOG_DIR = os.getenv("CLIENT_LOG_DIR_PATH_DOCKER")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ea0afb4fd95598d9 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/token_cache.py:291
            env_val = os.getenv(env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b40c74305d7411e2 Filesystem access.
pkgs/python/[email protected]/src/snowflake/connector/tool/dump_certs.py:43
        open(f)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #94ac4cdb255332ef Filesystem access.
pkgs/python/[email protected]/src/snowflake/connector/tool/dump_ocsp_response_cache.py:177
    with open(hostname_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #56b6ebc52fb01c34 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/vendored/requests/sessions.py:768
                    os.environ.get("REQUESTS_CA_BUNDLE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #26e20463ccd61c7b Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/vendored/requests/sessions.py:769
                    or os.environ.get("CURL_CA_BUNDLE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #97e6bddc7f254ee7 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/vendored/requests/utils.py:210
    netrc_file = os.environ.get("NETRC")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c73259e89bab47b6 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/vendored/requests/utils.py:743
        old_value = os.environ.get(env_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #71834d26092964ac Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/vendored/requests/utils.py:744
        os.environ[env_name] = value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a6d8b043b732d073 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/vendored/requests/utils.py:750
                del os.environ[env_name]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #31ba1b7f8394eccf Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/vendored/requests/utils.py:752
                os.environ[env_name] = old_value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a462bafba48e38e0 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/vendored/requests/utils.py:765
        return os.environ.get(key) or os.environ.get(key.upper())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #fe82dd466e5d1a84 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/snowflake/connector/vendored/urllib3/__init__.py:193
    return _DEFAULT_POOL.request(
        method,
        url,
        body=body,
        fields=fields,
        headers=headers,
        preload_content=preload_content,
        decode_content=decode_content,
        redirect=redirect,
        retries=retries,
        timeout=timeout,
        json=json,
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #4246a4cd963c83dd Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/snowflake/connector/vendored/urllib3/connectionpool.py:210
            self.pool.put(None)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #57f2a769d07b9970 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/snowflake/connector/vendored/urllib3/connectionpool.py:310
                self.pool.put(conn, block=False)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #8af9d1f3fc99fa50 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/snowflake/connector/vendored/urllib3/connectionpool.py:493
            conn.request(
                method,
                url,
                body=body,
                headers=headers,
                chunked=chunked,
                preload_content=preload_content,
                decode_content=decode_content,
                enforce_content_length=enforce_content_length,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #b6843a270655aee4 Filesystem access.
pkgs/python/[email protected]/src/snowflake/connector/vendored/urllib3/contrib/emscripten/fetch.py:204
        streaming_worker_code = (
            files(__package__)
            .joinpath("emscripten_fetch_worker.js")
            .read_text(encoding="utf-8")
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6a13ba713409c8e9 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/vendored/urllib3/util/ssl_.py:317
    if "SSLKEYLOGFILE" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #15e06b5cc7b002b1 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/vendored/urllib3/util/ssl_.py:318
        sslkeylogfile = os.path.expandvars(os.environ.get("SSLKEYLOGFILE"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0682323a305f8ff6 Filesystem access.
pkgs/python/[email protected]/src/snowflake/connector/vendored/urllib3/util/ssl_.py:452
    with open(key_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #efa5a78b299cbd34 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/wif_util.py:105
    region = os.environ.get("AWS_REGION") or os.environ.get("AWS_DEFAULT_REGION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #67454ff31c369a15 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/wif_util.py:211
        os.environ.get("SNOWFLAKE_ENABLE_AWS_WIF_OUTBOUND_TOKEN", "false").lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a7c075f59d9d81d5 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/wif_util.py:436
    _federated_token_file = os.environ.get("AZURE_FEDERATED_TOKEN_FILE", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5e03b38aa69298da Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/wif_util.py:439
            os.environ.get("AZURE_CLIENT_ID"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #10189f5d552f6e62 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/wif_util.py:440
            os.environ.get("AZURE_TENANT_ID"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8a493115e07e7f85 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/wif_util.py:472
        identity_endpoint = os.environ.get("IDENTITY_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2a2c464df2945145 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/wif_util.py:473
        identity_header = os.environ.get("IDENTITY_HEADER")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #333ad0fad5660966 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/connector/wif_util.py:490
        managed_identity_client_id = os.environ.get("MANAGED_IDENTITY_CLIENT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

mcp

python dependency
medium pii_flow dependency Excluded from app score #05fade46dcadaf5d A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/src/mcp/client/auth/oauth2.py:452 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/src/mcp/client/auth/oauth2.py:433 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/src/mcp/client/auth/oauth2.py:452
        return httpx.Request("POST", token_url, data=refresh_data, headers=headers)

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

expand_more 39 low-confidence finding(s)
low env_fs tooling reachable #29a7aa4a76989029 Environment-variable access.
pkgs/python/[email protected]/.github/actions/conformance/client.py:72
    context_json = os.environ.get("MCP_CONFORMANCE_CONTEXT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling reachable #4035e46ed7c68810 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/.github/actions/conformance/client.py:118
            response = await client.get(
                authorization_url,
                follow_redirects=False,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling reachable #f12c5b8b8ffc17ca Environment-variable access.
pkgs/python/[email protected]/.github/actions/conformance/client.py:281
    context_json = os.environ.get("MCP_CONFORMANCE_CONTEXT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #681c6ec928ab4b54 Environment-variable access.
pkgs/python/[email protected]/.github/actions/conformance/client.py:349
    scenario = os.environ.get("MCP_CONFORMANCE_SCENARIO")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #b301c511b49c52cc Environment-variable access.
pkgs/python/[email protected]/examples/clients/conformance-auth-client/mcp_conformance_auth_client/__init__.py:50
    context_json = os.environ.get("MCP_CONFORMANCE_CONTEXT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling reachable #c0dbda45586401f0 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/examples/clients/conformance-auth-client/mcp_conformance_auth_client/__init__.py:113
            response = await client.get(
                authorization_url,
                follow_redirects=False,  # Don't follow redirects automatically
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling reachable #cbc546f1fe900928 Environment-variable access.
pkgs/python/[email protected]/examples/clients/simple-auth-client/mcp_simple_auth_client/main.py:343
    server_url = os.getenv("MCP_SERVER_PORT", 8000)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #d98e5020b6c4c5ed Environment-variable access.
pkgs/python/[email protected]/examples/clients/simple-auth-client/mcp_simple_auth_client/main.py:344
    transport_type = os.getenv("MCP_TRANSPORT_TYPE", "streamable-http")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #daf1175f136a1a0e Environment-variable access.
pkgs/python/[email protected]/examples/clients/simple-auth-client/mcp_simple_auth_client/main.py:345
    client_metadata_url = os.getenv("MCP_CLIENT_METADATA_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #fc57aff8ebd54d43 Environment-variable access.
pkgs/python/[email protected]/examples/clients/simple-chatbot/mcp_simple_chatbot/main.py:24
        self.api_key = os.getenv("LLM_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #1a4226514514031b Filesystem access.
pkgs/python/[email protected]/examples/clients/simple-chatbot/mcp_simple_chatbot/main.py:45
        with open(file_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #fd1783c36b9187ab Environment-variable access.
pkgs/python/[email protected]/examples/clients/simple-chatbot/mcp_simple_chatbot/main.py:83
            env={**os.environ, **self.config["env"]} if self.config.get("env") else None,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling reachable #835e2c0a3a2c94c0 Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/examples/clients/simple-chatbot/mcp_simple_chatbot/main.py:251
                response = client.post(url, headers=headers, json=payload)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling reachable #acc48b9f02f05b2e Filesystem access.
pkgs/python/[email protected]/examples/fastmcp/icons_demo.py:14
icon_data = base64.standard_b64encode(icon_path.read_bytes()).decode()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #62ae310ecad436c7 Environment-variable access.
pkgs/python/[email protected]/examples/fastmcp/memory.py:52
PROFILE_DIR = (Path.home() / ".fastmcp" / os.environ.get("USER", "anon") / "memory").resolve()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling reachable #21f51fdd43cc5646 Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/examples/fastmcp/text_me.py:49
        response = client.post(
            "https://api.surgemsg.com/messages",
            headers={
                "Authorization": f"Bearer {surge_settings.api_key}",
                "Surge-Account": surge_settings.account_id,
                "Content-Type": "application/json",
            },
            json={
                "body": text_content,
                "conversation": {
                    "contact": {
                        "first_name": surge_settings.my_first_name,
                        "last_name": surge_settings.my_last_name,
                        "phone_number": surge_settings.my_phone_number,
                    }
                },
            },
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress tooling reachable #3ee17b94aedfff00 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/examples/servers/simple-auth/mcp_simple_auth/token_verifier.py:53
                response = await client.post(
                    self.introspection_endpoint,
                    data={"token": token},
                    headers={"Content-Type": "application/x-www-form-urlencoded"},
                )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress tooling reachable #ded7fc52f27cc05e Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/examples/servers/simple-tool/mcp_simple_tool/server.py:16
        response = await client.get(url)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling reachable #4d34ed71cf611dde Environment-variable access.
pkgs/python/[email protected]/examples/snippets/clients/completion_client.py:17
    env={"UV_INDEX": os.environ.get("UV_INDEX", "")},

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #4aac86fe809c87e6 Environment-variable access.
pkgs/python/[email protected]/examples/snippets/clients/display_utilities.py:17
    env={"UV_INDEX": os.environ.get("UV_INDEX", "")},

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #a9c86a5c2e5476c3 Environment-variable access.
pkgs/python/[email protected]/examples/snippets/clients/stdio_client.py:19
    env={"UV_INDEX": os.environ.get("UV_INDEX", "")},

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #b43de9f01baf5adc Filesystem access.
pkgs/python/[email protected]/examples/snippets/servers/binary_resources.py:9
    with open("logo.png", "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #ec37ca2b1df85e49 Filesystem access.
pkgs/python/[email protected]/examples/snippets/servers/embedded_resource_results.py:10
    with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #c27412a75b4b1bc8 Filesystem access.
pkgs/python/[email protected]/examples/snippets/servers/embedded_resource_results_binary.py:12
    with open(path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #2fdf91db72fdf567 Filesystem access.
pkgs/python/[email protected]/examples/snippets/servers/prompt_embedded_resources.py:11
    file_content = open(filename).read()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #619e3ce0a2bbac09 Filesystem access.
pkgs/python/[email protected]/examples/snippets/servers/tool_errors.py:27
    with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #b5575983476235cc Filesystem access.
pkgs/python/[email protected]/scripts/update_doc_snippets.py:53
        code = file.read_text().rstrip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #6ba046bca9ab58d6 Filesystem access.
pkgs/python/[email protected]/scripts/update_doc_snippets.py:109
    content = doc_path.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #e6c6de3ad46bbe75 Filesystem access.
pkgs/python/[email protected]/scripts/update_doc_snippets.py:134
            doc_path.write_text(updated_content)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c63a1e64638aaa1c Environment-variable access.
pkgs/python/[email protected]/src/mcp/cli/claude.py:24
        path = Path(os.environ.get("XDG_CONFIG_HOME", Path.home() / ".config"), "Claude")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #49a9f5a9a8cb6c4c Filesystem access.
pkgs/python/[email protected]/src/mcp/cli/claude.py:77
            config_file.write_text("{}")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a6ce26fc8b9151c6 Filesystem access.
pkgs/python/[email protected]/src/mcp/cli/claude.py:88
        config = json.loads(config_file.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ec8f6fc1d11dc42a Filesystem access.
pkgs/python/[email protected]/src/mcp/cli/claude.py:135
        config_file.write_text(json.dumps(config, indent=2))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6eb5edeede34f9e0 Environment-variable access.
pkgs/python/[email protected]/src/mcp/cli/cli.py:282
            env=dict(os.environ.items()),  # Convert to list of tuples for env update

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #bd128b5d375590e8 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/mcp/client/sse.py:138
                                    response = await client.post(
                                        endpoint_url,
                                        json=session_message.message.model_dump(
                                            by_alias=True,
                                            mode="json",
                                            exclude_none=True,
                                        ),
                                    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #3acbb244e1eff8ad Environment-variable access.
pkgs/python/[email protected]/src/mcp/client/stdio/__init__.py:59
        value = os.environ.get(key)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #b12ab8255f6c30d0 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/mcp/server/fastmcp/resources/types.py:161
            response = await client.get(self.url)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #7b6ea401929443e8 Filesystem access.
pkgs/python/[email protected]/src/mcp/server/fastmcp/utilities/types.py:47
            with open(self.path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5c8f1cbccad29106 Filesystem access.
pkgs/python/[email protected]/src/mcp/server/fastmcp/utilities/types.py:94
            with open(self.path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

singlestoredb

python dependency
medium pii_flow dependency Excluded from app score #e0b75f1e2ccb3f36 A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/singlestoredb/fusion/graphql.py:173 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/singlestoredb/fusion/graphql.py:172 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/singlestoredb/fusion/graphql.py:173
        res = requests.post(
            self.api_url,
            headers={
                'Content-Type': 'application/json',
                'Authorization': f'Bearer {api_token}',
            },
            json={
                'query': type(self).get_query(),
                'variables': variables or {},
            },
        )

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

expand_more 123 low-confidence finding(s)
low env_fs dependency Excluded from app score #fe9f0dd62c4474d7 Environment-variable access.
pkgs/python/[email protected]/setup.py:15
build_extension = bool(int(os.environ.get('SINGLESTOREDB_BUILD_EXTENSION', '1')))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8138e297da1f86a2 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/ai/chat.py:47
        base_url = os.environ.get('SINGLESTOREDB_INFERENCE_API_BASE_URL')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2b68a564e6ff21ba Environment-variable access.
pkgs/python/[email protected]/singlestoredb/ai/chat.py:49
        hosting_platform = os.environ.get('SINGLESTOREDB_INFERENCE_API_HOSTING_PLATFORM')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #38aead5c6fd76fc2 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/ai/chat.py:114
            token_env_val = os.environ.get('SINGLESTOREDB_USER_TOKEN')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3f57dd88d774da93 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/ai/chat.py:155
    token_env = os.environ.get('SINGLESTOREDB_USER_TOKEN')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2f0ed7932795a797 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/ai/embeddings.py:46
        base_url = os.environ.get('SINGLESTOREDB_INFERENCE_API_BASE_URL')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #61f58c33dfd1c88a Environment-variable access.
pkgs/python/[email protected]/singlestoredb/ai/embeddings.py:48
        hosting_platform = os.environ.get('SINGLESTOREDB_INFERENCE_API_HOSTING_PLATFORM')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #86bf417531315262 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/ai/embeddings.py:113
            token_env_val = os.environ.get('SINGLESTOREDB_USER_TOKEN')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #72905eb956e56e8f Environment-variable access.
pkgs/python/[email protected]/singlestoredb/ai/embeddings.py:145
    token_env = os.environ.get('SINGLESTOREDB_USER_TOKEN')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6ad4aa90ec34deda Environment-variable access.
pkgs/python/[email protected]/singlestoredb/apps/_config.py:20
        value = os.environ.get(name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1ee21a9889d788c6 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/apps/_config.py:36
        workload_type = os.environ.get('SINGLESTOREDB_WORKLOAD_TYPE')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a8e0b1e947279e61 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/apps/_config.py:39
        is_gateway_enabled = 'SINGLESTOREDB_NOVA_GATEWAY_ENDPOINT' in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4287a587363dde08 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/apps/_config.py:41
        app_token = os.environ.get('SINGLESTOREDB_APP_TOKEN')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3953b045be20f283 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/apps/_config.py:42
        user_token = os.environ.get('SINGLESTOREDB_USER_TOKEN')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8010f158ab420832 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/apps/_python_udfs.py:100
    gateway_url = os.environ.get('SINGLESTOREDB_NOVA_GATEWAY_ENDPOINT')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c64218ce02e716c8 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/apps/_python_udfs.py:102
        gateway_url = os.environ.get('SINGLESTOREDB_NOVA_GATEWAY_DEV_ENDPOINT')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dea944c49453b963 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/apps/_python_udfs.py:112
    raw = os.environ.get('SINGLESTOREDB_UDF_KEEPALIVE_TIMEOUT')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3e9fb5199e33a444 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/config.py:448
    os.environ.get('SINGLESTOREDB_URL') or None,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #07c38aa6d4ad2416 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/functions/ext/asgi.py:98
num_processes = max(0, int(os.environ.get('SINGLESTOREDB_EXT_NUM_PROCESSES', 0)))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cb0563d70d5231c1 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/functions/ext/asgi.py:1119
                x for x in os.environ.keys()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #acb06816d757272f Environment-variable access.
pkgs/python/[email protected]/singlestoredb/functions/ext/asgi.py:1123
                specs = [os.environ[x] for x in env_vars]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a13b391054f72024 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/functions/ext/asgi.py:1998
            elif os.environ.get('SINGLESTOREDB_WORKSPACE_GROUP'):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bb3f29b0c4350abe Environment-variable access.
pkgs/python/[email protected]/singlestoredb/functions/ext/asgi.py:2000
                    os.environ['SINGLESTOREDB_WORKSPACE_GROUP'],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #53afce41729edd58 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/functions/ext/asgi.py:2211
                elif os.environ.get('SINGLESTOREDB_WORKSPACE_GROUP'):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ec85380de043505d Environment-variable access.
pkgs/python/[email protected]/singlestoredb/functions/ext/asgi.py:2213
                        os.environ['SINGLESTOREDB_WORKSPACE_GROUP'],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9e3129dd814c467e Environment-variable access.
pkgs/python/[email protected]/singlestoredb/functions/ext/mmap.py:230
            default=os.environ.get('SINGLESTOREDB_URL', ''),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f3d6f1753992c990 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/functions/ext/mmap.py:272
                elif os.environ.get('SINGLESTOREDB_WORKSPACE_GROUP'):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #76201787a5c0fca7 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/functions/ext/mmap.py:274
                        os.environ['SINGLESTOREDB_WORKSPACE_GROUP'],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f0e49092214021de Environment-variable access.
pkgs/python/[email protected]/singlestoredb/functions/ext/plugin/__main__.py:34
        default=os.environ.get('PLUGIN_NAME', ''),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9450700a5fc26300 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/functions/ext/plugin/__main__.py:42
        default=os.environ.get('PLUGIN_SEARCH_PATH', ''),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fc31c8dc09dce866 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/functions/ext/plugin/__main__.py:50
        default=os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #03b5638634ebee86 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/functions/ext/plugin/__main__.py:50
        default=os.environ.get(
            'PLUGIN_SOCKET_PATH',
            os.path.join(
                tempfile.gettempdir(),
                f'singlestore-udf-{os.getpid()}-{secrets.token_hex(4)}.sock',
            ),
        ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #76ed13dd57e58e34 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/functions/ext/plugin/__main__.py:65
        default=int(os.environ.get('PLUGIN_N_WORKERS', '0')),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #21f48707a7d8e88d Environment-variable access.
pkgs/python/[email protected]/singlestoredb/functions/ext/plugin/__main__.py:74
        default=int(os.environ.get('PLUGIN_MAX_CONNECTIONS', '32')),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #98c0831bb0eeb0ff Environment-variable access.
pkgs/python/[email protected]/singlestoredb/functions/ext/plugin/__main__.py:82
        default=os.environ.get('PLUGIN_LOG_LEVEL', 'info'),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bef6426777c7f44a Environment-variable access.
pkgs/python/[email protected]/singlestoredb/functions/ext/plugin/__main__.py:91
        default=os.environ.get('PLUGIN_PROCESS_MODE', 'process'),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cfb5f9c268d1b80f Environment-variable access.
pkgs/python/[email protected]/singlestoredb/functions/ext/plugin/connection.py:48
_PROFILE = os.environ.get('SINGLESTOREDB_UDF_PROFILE', '') == '1'

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d0b48eefb9a345c6 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/functions/signature.py:1567
    host = os.environ.get('SINGLESTOREDB_EXT_HOST', '127.0.0.1')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #16791c10fc9ebd46 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/functions/signature.py:1568
    port = os.environ.get('SINGLESTOREDB_EXT_PORT', '8000')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4525a1512fbeff8f Environment-variable access.
pkgs/python/[email protected]/singlestoredb/fusion/graphql.py:172
        api_token = self.api_token or os.environ.get('SINGLESTOREDB_BACKEND_TOKEN')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #bf5f74b46cf8cc16 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/singlestoredb/fusion/graphql.py:173
        res = requests.post(
            self.api_url,
            headers={
                'Content-Type': 'application/json',
                'Authorization': f'Bearer {api_token}',
            },
            json={
                'query': type(self).get_query(),
                'variables': variables or {},
            },
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #f6e1716bf9e1c636 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/fusion/handler.py:626
                os.environ.get('SINGLESTOREDB_FUSION_ENABLE_HIDDEN', '0').lower() not in \

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ef50bddcf6c1d28f Environment-variable access.
pkgs/python/[email protected]/singlestoredb/fusion/handlers/utils.py:92
    if os.environ.get('SINGLESTOREDB_WORKSPACE_GROUP'):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #578df440b8da2811 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/fusion/handlers/utils.py:95
                os.environ['SINGLESTOREDB_WORKSPACE_GROUP'],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c208f78f94c37548 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/fusion/handlers/utils.py:101
                    f'{os.environ["SINGLESTOREDB_WORKSPACE_GROUP"]}',

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #60fae8f976dc5c89 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/fusion/handlers/utils.py:105
    if os.environ.get('SINGLESTOREDB_CLUSTER'):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b4befd9012d6ba56 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/fusion/handlers/utils.py:159
    if os.environ.get('SINGLESTOREDB_WORKSPACE'):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d5204b7cc447a851 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/fusion/handlers/utils.py:162
                os.environ['SINGLESTOREDB_WORKSPACE'],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #06a497fb771ab763 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/fusion/handlers/utils.py:168
                    f'{os.environ["SINGLESTOREDB_WORKSPACE"]}',

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #38a786031748db81 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/fusion/handlers/utils.py:172
    if os.environ.get('SINGLESTOREDB_CLUSTER'):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fc7cc0e7e456de2f Environment-variable access.
pkgs/python/[email protected]/singlestoredb/fusion/handlers/utils.py:272
    if os.environ.get('SINGLESTOREDB_WORKSPACE_GROUP'):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e7c62137b5679461 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/fusion/handlers/utils.py:275
                os.environ['SINGLESTOREDB_WORKSPACE_GROUP'],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #14448912ed7b84a3 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/fusion/handlers/utils.py:281
                    f'{os.environ["SINGLESTOREDB_WORKSPACE_GROUP"]}',

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #272ea7f7a14c6139 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/fusion/handlers/utils.py:286
    if os.environ.get('SINGLESTOREDB_CLUSTER'):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #64eed8a666e01de0 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/fusion/handlers/utils.py:289
                os.environ['SINGLESTOREDB_CLUSTER'],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6fc27d77cd1c91f7 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/fusion/handlers/utils.py:295
                    f'{os.environ["SINGLESTOREDB_CLUSTER"]}',

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ce3144b8247edb70 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/http/connection.py:996
        if 'SINGLESTOREDB_WORKLOAD_TYPE' in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2025341d7b3717f0 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/http/connection.py:997
            client_version += '+' + os.environ['SINGLESTOREDB_WORKLOAD_TYPE']

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0ebc4bd8a5b0cba7 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/http/connection.py:1078
        url = os.environ.get('SINGLESTOREDB_URL')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e957724a407bc842 Filesystem access.
pkgs/python/[email protected]/singlestoredb/magics/run_personal.py:121
                yield fpath.read_text(encoding='utf-8')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7733e7d46d981d5f Filesystem access.
pkgs/python/[email protected]/singlestoredb/magics/run_shared.py:118
                yield fpath.read_text(encoding='utf-8')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #89b4a9113d630180 Filesystem access.
pkgs/python/[email protected]/singlestoredb/management/files.py:686
        return self._upload(open(local_path, 'rb'), path, overwrite=overwrite)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e0595e7e649e121e Filesystem access.
pkgs/python/[email protected]/singlestoredb/management/files.py:1127
            with open(local_path, 'wb') as outfile:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fd2ce757538ecb8d Environment-variable access.
pkgs/python/[email protected]/singlestoredb/management/inference_api.py:278
        self.project_id = os.environ.get('SINGLESTOREDB_PROJECT')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #737d04bbf4b953be Environment-variable access.
pkgs/python/[email protected]/singlestoredb/management/manager.py:26
    org = os.environ.get('SINGLESTOREDB_ORGANIZATION')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a6f1c46f8a6f5b8c Environment-variable access.
pkgs/python/[email protected]/singlestoredb/management/manager.py:346
        if not os.environ.get('SINGLESTOREDB_WORKLOAD_TYPE', ''):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e1ae1e961cb9bda4 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/management/utils.py:169
        url = os.environ.get('SINGLESTOREDB_URL') or get_option('host')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a5840b13d9bc53a4 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/management/utils.py:228
    return os.environ.get('SINGLESTOREDB_CLUSTER') or None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5856e5114bf6cc8b Environment-variable access.
pkgs/python/[email protected]/singlestoredb/management/utils.py:233
    return os.environ.get('SINGLESTOREDB_WORKSPACE') or None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #baa97e51e67e46e2 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/management/utils.py:238
    return os.environ.get('SINGLESTOREDB_VIRTUAL_WORKSPACE') or None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c1ea6bfee852cb00 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/management/utils.py:243
    return os.environ.get('SINGLESTOREDB_DEFAULT_DATABASE') or None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #59d5c2396df6d254 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/management/workspace.py:63
    elif 'SINGLESTOREDB_WORKSPACE_GROUP' in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ff24fed0884c3332 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/management/workspace.py:65
            os.environ['SINGLESTOREDB_WORKSPACE_GROUP']

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3d79d35bf3c2756f Environment-variable access.
pkgs/python/[email protected]/singlestoredb/management/workspace.py:87
    elif 'SINGLESTOREDB_WORKSPACE' in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d986fd60f4c7ba24 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/management/workspace.py:89
            os.environ['SINGLESTOREDB_WORKSPACE']

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #130a3fddfb4072bd Filesystem access.
pkgs/python/[email protected]/singlestoredb/management/workspace.py:201
        return self._upload(open(local_path, 'rb'), stage_path, overwrite=overwrite)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #53c39c04dfbb6518 Filesystem access.
pkgs/python/[email protected]/singlestoredb/management/workspace.py:607
            with open(local_path, 'wb') as outfile:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2ff8b119dde90e5f Environment-variable access.
pkgs/python/[email protected]/singlestoredb/mysql/connection.py:638
        if 'SINGLESTOREDB_WORKLOAD_TYPE' in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #02736f954a545e5e Environment-variable access.
pkgs/python/[email protected]/singlestoredb/mysql/connection.py:639
            VERSION_STRING += '+' + os.environ['SINGLESTOREDB_WORKLOAD_TYPE']

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cd42cf11f0ad428f Environment-variable access.
pkgs/python/[email protected]/singlestoredb/mysql/connection.py:1038
            url = os.environ.get('SINGLESTOREDB_URL')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #786554f6bd882f36 Filesystem access.
pkgs/python/[email protected]/singlestoredb/mysql/connection.py:2032
                    with open(self.filename, 'rb') as open_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6b18b7d0f0f54594 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/notebook/__init__.py:12
if 'SINGLESTOREDB_ORGANIZATION' not in _os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d977fcb7e6502358 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/notebook/_portal.py:119
            return os.environ.get('SINGLESTOREDB_ORGANIZATION')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a8c613222f84bbae Environment-variable access.
pkgs/python/[email protected]/singlestoredb/notebook/_portal.py:142
            return os.environ.get('SINGLESTOREDB_WORKSPACE_GROUP')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #133602cfad47fb1f Environment-variable access.
pkgs/python/[email protected]/singlestoredb/notebook/_portal.py:163
            return os.environ.get('SINGLESTOREDB_WORKSPACE')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e25e43b570adb61d Environment-variable access.
pkgs/python/[email protected]/singlestoredb/notebook/_portal.py:267
            return os.environ.get('SINGLESTOREDB_CLUSTER')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e31a017b88f707b1 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/notebook/_portal.py:271
            os.environ.get('SINGLESTOREDB_URL', ''),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6c9c9933ed7b2d41 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/notebook/_portal.py:287
            return os.environ.get('SINGLESTOREDB_URL')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #28b3447178908772 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/notebook/_portal.py:295
            return os.environ.get('SINGLESTOREDB_URL_KAI')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9feb9b238637b454 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/pytest.py:51
    worker = os.environ.get('PYTEST_XDIST_WORKER')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #13544dac2615b562 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/pytest.py:52
    worker_count = os.environ.get('PYTEST_XDIST_WORKER_COUNT')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a5845ceaec550dc3 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/pytest.py:78
    worker = os.environ.get('PYTEST_XDIST_WORKER')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3f5bfb56499b02f7 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/pytest.py:99
        self.existing_url = os.environ.get('SINGLESTOREDB_URL')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3f6d599de091ba56 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/pytest.py:111
        worker = os.environ.get('PYTEST_XDIST_WORKER', 'master')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #541cf1fe9c3cfeb7 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/pytest.py:119
        license = os.environ.get('SINGLESTORE_LICENSE', '')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #899b14bfe3e1bc38 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/pytest.py:205
            license = os.environ.get('SINGLESTORE_LICENSE', '')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #66c2b12e58522c28 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/server/docker.py:139
            license = os.environ.get('SINGLESTORE_LICENSE', None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cfd1059e2bb5f6c5 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/server/docker.py:215
        self._saved_server_urls['DATABASE_URL'] = os.environ.get('DATABASE_URL')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c52331fdf043cecc Environment-variable access.
pkgs/python/[email protected]/singlestoredb/server/docker.py:216
        os.environ['DATABASE_URL'] = self.connection_url

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #550ea52e28d4fb22 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/server/docker.py:217
        self._saved_server_urls['SINGLESTOREDB_URL'] = os.environ.get('SINGLESTOREDB_URL')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dd6b48386bacf6cf Environment-variable access.
pkgs/python/[email protected]/singlestoredb/server/docker.py:218
        os.environ['SINGLESTOREDB_URL'] = self.connection_url

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2a720aa3997ae174 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/server/docker.py:224
                    del os.environ[k]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b4e525beac93cd8f Environment-variable access.
pkgs/python/[email protected]/singlestoredb/server/docker.py:226
                    os.environ[k] = v

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #fb41ce82db2b84ce Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/singlestoredb/server/free_tier.py:51
        r = requests.get('https://shell.singlestore.com/api/session')

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #6353d88688406267 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/server/free_tier.py:89
        self._saved_server_urls['DATABASE_URL'] = os.environ.get('DATABASE_URL')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7da088f9be16aa05 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/server/free_tier.py:90
        os.environ['DATABASE_URL'] = self.connection_url

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #537a3c500c4b96c7 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/server/free_tier.py:91
        self._saved_server_urls['SINGLESTOREDB_URL'] = os.environ.get('SINGLESTOREDB_URL')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #14fbca3273fb3341 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/server/free_tier.py:92
        os.environ['SINGLESTOREDB_URL'] = self.connection_url

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6dcfbb79d7b457c5 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/server/free_tier.py:98
                    del os.environ[k]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9db6bd63e9c752a3 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/server/free_tier.py:100
                    os.environ[k] = v

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #e6c85ccf402d248c Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/singlestoredb/server/free_tier.py:250
                requests.get(
                    'https://shell.singlestore.com/api/terminate',
                    cookies=self._cookies,
                )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #d59800922247888a Environment-variable access.
pkgs/python/[email protected]/singlestoredb/utils/config.py:74
        if name in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c6101997baef2763 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/utils/config.py:75
            return os.environ[name]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a4db8d8eb315bebe Environment-variable access.
pkgs/python/[email protected]/singlestoredb/utils/config.py:77
        if name in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a49290b53a735b45 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/utils/config.py:78
            return os.environ[name]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cf01a667c5ff8073 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/utils/config.py:107
        if name in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9250d7942ccf989a Environment-variable access.
pkgs/python/[email protected]/singlestoredb/utils/config.py:108
            os.environ[name] = value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fbd4fc0550c5bfc1 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/utils/config.py:110
        if name in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d430d07c6b7b9ca9 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/utils/config.py:111
            os.environ[name] = value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a907ad34b6e443b6 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/utils/config.py:119
        os.environ.pop(name, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1e293cea7178e4f5 Environment-variable access.
pkgs/python/[email protected]/singlestoredb/utils/config.py:120
        os.environ.pop(name.replace('_', ''), None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #023b33dcea0d05f7 Environment-variable access.
pkgs/python/[email protected]/sqlx/magic.py:74
            if 'DATABASE_URL' not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bef788e78a735bf5 Environment-variable access.
pkgs/python/[email protected]/sqlx/magic.py:84
                os.environ['DATABASE_URL'],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

tavily-python

python dependency
medium pii_flow dependency Excluded from app score #487e2906e297842f A credential read from the environment/filesystem is applied as authorization on the same outbound request (auth header). This is intentional authentication, not unexpected data exfiltration.
pkgs/python/[email protected]/tavily/async_tavily.py:118 · flow /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/tavily/async_tavily.py:59 → /tmp/closeopen-shk8_bje/pkgs/python/[email protected]/tavily/async_tavily.py:118
            self._client = httpx.AsyncClient(
                headers=default_headers,
                base_url=self._api_base_url,
                mounts=proxy_mounts
            )

A credential read from the environment/filesystem is applied as authorization on the same outbound request (an auth header). This is intentional authentication to the service the credential belongs to, not unexpected data exfiltration.

Fix: Confirm the destination is the credential's own service; scope the credential and avoid logging it. No action if this is the intended authenticated API call.

expand_more 19 low-confidence finding(s)
low env_fs dependency Excluded from app score #f23397720da34bae Filesystem access.
pkgs/python/[email protected]/setup.py:3
with open('README.md', 'r', encoding='utf-8') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6d3efdebcfe5cbe9 Environment-variable access.
pkgs/python/[email protected]/tavily/async_tavily.py:59
            api_key = os.getenv("TAVILY_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fd8898430f345587 Environment-variable access.
pkgs/python/[email protected]/tavily/async_tavily.py:65
        tavily_project = project_id or os.getenv("TAVILY_PROJECT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0a4bea4a472d8b30 Environment-variable access.
pkgs/python/[email protected]/tavily/async_tavily.py:66
        tavily_org = org_id or os.getenv("TAVILY_ORG_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a0c7b16744f5cb6a Environment-variable access.
pkgs/python/[email protected]/tavily/async_tavily.py:106
                "http://": proxies.get("http", os.getenv("TAVILY_HTTP_PROXY")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e2ca55417990e477 Environment-variable access.
pkgs/python/[email protected]/tavily/async_tavily.py:107
                "https://": proxies.get("https", os.getenv("TAVILY_HTTPS_PROXY")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #a040f6d7704c4996 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/tavily/async_tavily.py:825
            response = await self._client.get(f"/research/{request_id}")

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #6502bc26250abcd6 Environment-variable access.
pkgs/python/[email protected]/tavily/tavily.py:59
            api_key = os.getenv("TAVILY_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e231592dfb30ebdf Environment-variable access.
pkgs/python/[email protected]/tavily/tavily.py:64
            "http": proxies.get("http") if proxies else os.getenv("TAVILY_HTTP_PROXY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d4e18770c433d721 Environment-variable access.
pkgs/python/[email protected]/tavily/tavily.py:65
            "https": proxies.get("https") if proxies else os.getenv("TAVILY_HTTPS_PROXY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b707a20c623ca2a5 Environment-variable access.
pkgs/python/[email protected]/tavily/tavily.py:69
        tavily_project = project_id or os.getenv("TAVILY_PROJECT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #693a5f7dfdfa3b06 Environment-variable access.
pkgs/python/[email protected]/tavily/tavily.py:70
        tavily_org = org_id or os.getenv("TAVILY_ORG_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #d5eedecd6dfd715c Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/tavily/tavily.py:225
            response = self.session.post(url, data=payload, timeout=timeout, **({"headers": override_headers} if override_headers else {}))

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #b8c4c016d32510a4 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/tavily/tavily.py:318
            response = self.session.post(self.base_url + "/extract", data=json.dumps(data), timeout=timeout, **({"headers": override_headers} if override_headers else {}))

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #44bea31bb8493329 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/tavily/tavily.py:407
            response = self.session.post(self.base_url + "/crawl", data=json.dumps(data), timeout=timeout, **({"headers": override_headers} if override_headers else {}))

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #e2b8d2f79f347d9a Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/tavily/tavily.py:502
            response = self.session.post(self.base_url + "/map", data=json.dumps(data), timeout=timeout, **({"headers": override_headers} if override_headers else {}))

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #644d221447ec48e0 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/tavily/tavily.py:657
                response = self.session.post(
                    self.base_url + "/research",
                    data=json.dumps(data),
                    timeout=timeout,
                    stream=True,
                    **({"headers": override_headers} if override_headers else {})
                )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #b35cd91d424352e1 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/tavily/tavily.py:681
                response = self.session.post(
                    self.base_url + "/research",
                    data=json.dumps(data),
                    timeout=timeout,
                    **({"headers": override_headers} if override_headers else {})
                )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #27446880a6f54879 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/tavily/tavily.py:745
            response = self.session.get(self.base_url + f"/research/{request_id}")

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

PyGithub

python dependency
expand_more 9 low-confidence finding(s)
low env_fs dependency Excluded from app score #f5d66f8594deb146 Filesystem access.
pkgs/python/[email protected]/doc/conf.py:290
with open("github_objects.rst", "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #324f0bb69a51ebbd Filesystem access.
pkgs/python/[email protected]/doc/conf.py:301
    with open("github_objects/" + githubClass + ".rst", "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fe8bdac8a4cc0800 Filesystem access.
pkgs/python/[email protected]/doc/conf.py:309
    with open("../github/" + githubClass + ".py") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #162a5611d56511ce Filesystem access.
pkgs/python/[email protected]/doc/conf.py:356
with open("apis.rst", "w") as apis:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6faf5d41fea6f513 Filesystem access.
pkgs/python/[email protected]/github/Requester.py:632
            f = open(local_path, "rb")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #acfd2999030d9913 Filesystem access.
pkgs/python/[email protected]/scripts/add_attribute.py:95
with open(fileName) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #5dc2a22646731d6a Filesystem access.
pkgs/python/[email protected]/scripts/add_attribute.py:204
with open(fileName, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #00d553b8a5e9edcc Filesystem access.
pkgs/python/[email protected]/scripts/fix_headers.py:180
        with open(filename) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #8e923300421ebd70 Filesystem access.
pkgs/python/[email protected]/scripts/fix_headers.py:185
            with open(filename, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

SQLAlchemy

python dependency
expand_more 29 low-confidence finding(s)
low egress dependency Excluded from app score #9e43fabdb61c1049 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/lib/sqlalchemy/pool/impl.py:145
            self._pool.put(record, False)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling reachable #159b7fdccf33cf86 Filesystem access.
pkgs/python/[email protected]/lib/sqlalchemy/testing/fixtures/mypy.py:42
            with open(
                Path(cachedir) / "sqla_mypy_config.cfg", "w"
            ) as config_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #e9a411b8caa7cd69 Filesystem access.
pkgs/python/[email protected]/lib/sqlalchemy/testing/fixtures/mypy.py:56
            with open(
                Path(cachedir) / "plain_mypy_config.cfg", "w"
            ) as config_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #6261ea4fa623b3bb Environment-variable access.
pkgs/python/[email protected]/lib/sqlalchemy/testing/fixtures/mypy.py:106
            os.environ.pop("MYPY_FORCE_COLOR", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #e923aad784f8c40f Filesystem access.
pkgs/python/[email protected]/lib/sqlalchemy/testing/fixtures/mypy.py:146
        with open(path) as file_:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #36d1e38d763fd81d Environment-variable access.
pkgs/python/[email protected]/lib/sqlalchemy/testing/plugin/plugin_base.py:398
    if os.environ.get("REQUIRE_SQLALCHEMY_CEXT", "0") == "1":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a1e5b7e9fdf3fa4b Filesystem access.
pkgs/python/[email protected]/lib/sqlalchemy/testing/plugin/plugin_base.py:455
            with open(options.write_idents, "a") as file_:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0fd782d227d3f011 Environment-variable access.
pkgs/python/[email protected]/lib/sqlalchemy/testing/plugin/pytestplugin.py:880
        return os.environ.get("PYTEST_CURRENT_TEST")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c00e6859f26d2487 Filesystem access.
pkgs/python/[email protected]/lib/sqlalchemy/testing/profiling.py:200
            profile_f = open(self.fname)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2220f4810f9689fb Filesystem access.
pkgs/python/[email protected]/lib/sqlalchemy/testing/profiling.py:219
        profile_f = open(self.fname, "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5d2c6b52c49d0fb4 Filesystem access.
pkgs/python/[email protected]/lib/sqlalchemy/testing/provision.py:453
    with open(idents_file) as file_:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d551192fbf0b6f1d Environment-variable access.
pkgs/python/[email protected]/lib/sqlalchemy/util/_has_cy.py:27
    if os.environ.get("DISABLE_SQLALCHEMY_CEXT_RUNTIME"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #eb8876bf010b0563 Filesystem access.
pkgs/python/[email protected]/lib/sqlalchemy/util/tool_support.py:134
            Path(destination_path).write_text(
                text, encoding="utf-8", newline="\n"
            )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ff0383aab0ea1726 Filesystem access.
pkgs/python/[email protected]/lib/sqlalchemy/util/tool_support.py:146
            with open(tempfile) as tf:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c555b8dd431ba081 Filesystem access.
pkgs/python/[email protected]/lib/sqlalchemy/util/tool_support.py:162
            with open(source_file, encoding="utf-8") as tf:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f5fd72eea9fe9957 Filesystem access.
pkgs/python/[email protected]/lib/sqlalchemy/util/tool_support.py:169
        with open(destination_path, encoding="utf-8") as dp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #82515d00f013ec08 Environment-variable access.
pkgs/python/[email protected]/noxfile.py:95
    cmd.extend(os.environ.get(dburl_env, default_dburl).split())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #78972938eb25e21f Environment-variable access.
pkgs/python/[email protected]/noxfile.py:106
    env_dbdrivers = os.environ.get(extra_driver_env, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f8f6d2412283450e Environment-variable access.
pkgs/python/[email protected]/noxfile.py:269
    cmd.extend(os.environ.get("TOX_WORKERS", "-n4").split())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #70ef073fa18f1b26 Environment-variable access.
pkgs/python/[email protected]/setup.py:23
DISABLE_EXTENSION = bool(os.environ.get("DISABLE_SQLALCHEMY_CEXT"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5b96953f4b69a790 Environment-variable access.
pkgs/python/[email protected]/setup.py:24
REQUIRE_EXTENSION = bool(os.environ.get("REQUIRE_SQLALCHEMY_CEXT"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #897692b6b5131a37 Filesystem access.
pkgs/python/[email protected]/tools/format_docs_code.py:155
    original = file.read_text("utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #32bd0d1a7878696c Filesystem access.
pkgs/python/[email protected]/tools/format_docs_code.py:313
                file.write_text(updated, "utf-8", newline="\n")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #a89ebfb8dc17f4a6 Filesystem access.
pkgs/python/[email protected]/tools/generate_proxy_methods.py:145
    with open(fn.__code__.co_filename) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #84902ac1d965a63c Filesystem access.
pkgs/python/[email protected]/tools/generate_proxy_methods.py:373
        open(filename) as orig_py,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #d9f1692558663745 Filesystem access.
pkgs/python/[email protected]/tools/generate_sql_functions.py:38
        open(filename) as orig_py,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #46df54f406260f8b Filesystem access.
pkgs/python/[email protected]/tools/generate_tuple_map_overloads.py:53
        open(filename) as orig_py,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #5934dd339800b876 Filesystem access.
pkgs/python/[email protected]/tools/normalize_file_headers.py:27
    content = file.read_text("utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #f67476a49f553dea Filesystem access.
pkgs/python/[email protected]/tools/sync_test_files.py:35
    source_data = Path(source).read_text().replace(remove_str, "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

aiobotocore

python dependency
expand_more 6 low-confidence finding(s)
low env_fs dependency Excluded from app score #deb35e1de8a3dbdb Environment-variable access.
pkgs/python/[email protected]/aiobotocore/configprovider.py:19
        if os.environ.get('AWS_EXECUTION_ENV'):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d7531e2c51d6ffe9 Environment-variable access.
pkgs/python/[email protected]/aiobotocore/configprovider.py:20
            default_region = os.environ.get('AWS_DEFAULT_REGION')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b616ac89328657fc Environment-variable access.
pkgs/python/[email protected]/aiobotocore/configprovider.py:21
            current_region = os.environ.get('AWS_REGION', default_region)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #abc7dd9900afc1b1 Environment-variable access.
pkgs/python/[email protected]/aiobotocore/httpsession.py:215
                os.environ.get('BOTO_EXPERIMENTAL__ADD_PROXY_HOST_HEADER', '')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4dd201d67e410464 Environment-variable access.
pkgs/python/[email protected]/aiobotocore/httpxsession.py:182
                os.environ.get('BOTO_EXPERIMENTAL__ADD_PROXY_HOST_HEADER', '')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d1568d776c38a603 Environment-variable access.
pkgs/python/[email protected]/aiobotocore/utils.py:97
            env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

aiocache

python dependency
expand_more 7 low-confidence finding(s)
low egress dependency Excluded from app score #5a081a4b0938290e Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/aiocache/backends/memcached.py:20
        value = await self.client.get(key)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #1068381ac561a99f Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/aiocache/backends/redis.py:90
        value = await self.client.get(key)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #29fb73a29ec8c5ba Environment-variable access.
pkgs/python/[email protected]/aiocache/base.py:62
                if os.getenv("AIOCACHE_DISABLE") == "1":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #98d314a1e5681f86 Filesystem access.
pkgs/python/[email protected]/docs/conf.py:70
    version = re.findall(r'__version__ = "(.+?)"', _path.read_text())[0]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #19d2b00f1a315fa0 Environment-variable access.
pkgs/python/[email protected]/docs/conf.py:134
on_rtd = os.environ.get("READTHEDOCS", None) == "True"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #805a6619717d6be5 Filesystem access.
pkgs/python/[email protected]/setup.py:8
    version = re.findall(r"^__version__ = \"([^']+)\"\r?$", p.read_text(), re.M)[0]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4fd9d9df1de22dd4 Filesystem access.
pkgs/python/[email protected]/setup.py:12
readme = Path(__file__).with_name("README.rst").read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

appdirs

python dependency
expand_more 7 low-confidence finding(s)
low env_fs dependency Excluded from app score #b97a78300bfdba65 Environment-variable access.
pkgs/python/[email protected]/appdirs.py:92
        path = os.getenv('XDG_DATA_HOME', os.path.expanduser("~/.local/share"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #91cf1403c73c1eea Environment-variable access.
pkgs/python/[email protected]/appdirs.py:147
        path = os.getenv('XDG_DATA_DIRS',
                         os.pathsep.join(['/usr/local/share', '/usr/share']))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #19c5b4f2a38dfe41 Environment-variable access.
pkgs/python/[email protected]/appdirs.py:198
        path = os.getenv('XDG_CONFIG_HOME', os.path.expanduser("~/.config"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b894bd1d43efe2ea Environment-variable access.
pkgs/python/[email protected]/appdirs.py:243
        path = os.getenv('XDG_CONFIG_DIRS', '/etc/xdg')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3416151034d0c71e Environment-variable access.
pkgs/python/[email protected]/appdirs.py:306
        path = os.getenv('XDG_CACHE_HOME', os.path.expanduser('~/.cache'))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f3a72a2805fe4df8 Environment-variable access.
pkgs/python/[email protected]/appdirs.py:348
        path = os.getenv('XDG_STATE_HOME', os.path.expanduser("~/.local/state"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #733b83c8187663bb Filesystem access.
pkgs/python/[email protected]/setup.py:18
    inf = open(os.path.join(os.path.dirname(__file__), fname))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

boto3

python dependency
expand_more 4 low-confidence finding(s)
low env_fs tooling reachable #5284d9b08b29a4a2 Filesystem access.
pkgs/python/[email protected]/boto3/docs/__init__.py:50
        with open(service_doc_path, 'wb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #c1397ad2226a9875 Filesystem access.
pkgs/python/[email protected]/boto3/docs/service.py:200
            with open(examples_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6faba4a4e48f0b60 Filesystem access.
pkgs/python/[email protected]/setup.py:24
    init = open(os.path.join(ROOT, 'boto3', '__init__.py')).read()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0b18b12cfdb8e8a8 Filesystem access.
pkgs/python/[email protected]/setup.py:32
    long_description=open('README.rst').read(),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

browserbase

python dependency
expand_more 22 low-confidence finding(s)
low env_fs tooling reachable #29f9a2368fc161c0 Environment-variable access.
pkgs/python/[email protected]/examples/__init__.py:11
_BROWSERBASE_API_KEY = os.environ.get("BROWSERBASE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #f8c2340b8b366567 Environment-variable access.
pkgs/python/[email protected]/examples/__init__.py:15
_BROWSERBASE_PROJECT_ID = os.environ.get("BROWSERBASE_PROJECT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #77b09803ae6808e5 Environment-variable access.
pkgs/python/[email protected]/examples/e2e/test_playwright.py:23
CI = os.getenv("CI", "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #bdff1808f7f5e51f Filesystem access.
pkgs/python/[email protected]/examples/playwright_extensions.py:42
        with open(f"{path}.zip", "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #26a403eee095d0e8 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/browserbase/_base_client.py:306
        return await self._client.request(self._page_cls, self._options)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #00d2ed37cda0d348 Environment-variable access.
pkgs/python/[email protected]/src/browserbase/_client.py:92
            api_key = os.environ.get("BROWSERBASE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #708f25a9a94fa124 Environment-variable access.
pkgs/python/[email protected]/src/browserbase/_client.py:100
            base_url = os.environ.get("BROWSERBASE_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9d690bb342ed63f8 Environment-variable access.
pkgs/python/[email protected]/src/browserbase/_client.py:104
        custom_headers_env = os.environ.get("BROWSERBASE_CUSTOM_HEADERS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8e05bb29d135dea6 Environment-variable access.
pkgs/python/[email protected]/src/browserbase/_client.py:317
            api_key = os.environ.get("BROWSERBASE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7d1db9045866e7a7 Environment-variable access.
pkgs/python/[email protected]/src/browserbase/_client.py:325
            base_url = os.environ.get("BROWSERBASE_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fe5b3dc900afde54 Environment-variable access.
pkgs/python/[email protected]/src/browserbase/_client.py:329
        custom_headers_env = os.environ.get("BROWSERBASE_CUSTOM_HEADERS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #91876ed9c3ebd7d0 Filesystem access.
pkgs/python/[email protected]/src/browserbase/_files.py:69
            return (path.name, path.read_bytes())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d30299c862ea7935 Filesystem access.
pkgs/python/[email protected]/src/browserbase/_files.py:81
        return pathlib.Path(file).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a7e4e046b0c62fb6 Filesystem access.
pkgs/python/[email protected]/src/browserbase/_files.py:111
            return (path.name, await path.read_bytes())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8ebb9aced829eb55 Filesystem access.
pkgs/python/[email protected]/src/browserbase/_files.py:123
        return await anyio.Path(file).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8c60d68b0b909b35 Environment-variable access.
pkgs/python/[email protected]/src/browserbase/_models.py:120
            extra="allow", defer_build=coerce_boolean(os.environ.get("DEFER_PYDANTIC_BUILD", "true"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8f638370b54e2400 Filesystem access.
pkgs/python/[email protected]/src/browserbase/_response.py:497
        with open(file, mode="wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5a7dd3c0f61257c4 Filesystem access.
pkgs/python/[email protected]/src/browserbase/_response.py:539
        with open(file, mode="wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9a7025fd13ceb389 Environment-variable access.
pkgs/python/[email protected]/src/browserbase/_utils/_logs.py:17
    env = os.environ.get("BROWSERBASE_LOG")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4a338f1682badaac Filesystem access.
pkgs/python/[email protected]/src/browserbase/_utils/_transform.py:248
            binary = data.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7f1b392cb482787e Filesystem access.
pkgs/python/[email protected]/src/browserbase/_utils/_transform.py:414
            binary = await anyio.Path(data).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #eb86b4c496fb09c4 Filesystem access.
pkgs/python/[email protected]/src/browserbase/_utils/_utils.py:379
    contents = Path(path).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

cel-python

python dependency
expand_more 9 low-confidence finding(s)
low env_fs dependency Excluded from app score #134b440a3d94222b Environment-variable access.
pkgs/python/[email protected]/features/environment.py:42
        context.data['runner'] = RUNNERS[os.environ.get("CEL_RUNNER", "interpreted")]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fde5e4d81b34a8f4 Filesystem access.
pkgs/python/[email protected]/features/steps/cli_binding.py:62
    temp.write_text("\n".join(context.data['json']) + "\n")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6f3f4539aa1c6333 Environment-variable access.
pkgs/python/[email protected]/src/celpy/__main__.py:123
        value_text = os.environ.get(name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0c9b2b2b8787afa2 Filesystem access.
pkgs/python/[email protected]/src/celpy/__main__.py:543
    config_toml = config_paths[0].read_text() if config_paths else DEFAULT_CONFIG_TOML

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #4f61f34bf22a7148 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/celpy/c7nlib.py:534
    with closing(urllib.request.urlopen(req)) as response:

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #0d89a308407aeb4d Filesystem access.
pkgs/python/[email protected]/src/celpy/celparser.py:109
            CEL_grammar = (Path(__file__).parent / "cel.lark").read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fcd4d54ca1586330 Environment-variable access.
pkgs/python/[email protected]/src/celpy/evaluation.py:1374
    if os.environ.get("CEL_TRACE"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #ea4bd2e95618eec2 Filesystem access.
pkgs/python/[email protected]/tools/gherkinize.py:1076
        with open(path, encoding="utf_8") as file_handle:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #47c893cc77c6b825 Filesystem access.
pkgs/python/[email protected]/tools/gherkinize.py:1093
            with open(path, "w", encoding="utf_8") as file_handle:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

click

python dependency
expand_more 31 low-confidence finding(s)
low env_fs dependency Excluded from app score #1a3ba3ec16f65e57 Filesystem access.
pkgs/python/[email protected]/src/click/_compat.py:366
        return open(file, mode)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1258db65175f288f Filesystem access.
pkgs/python/[email protected]/src/click/_compat.py:368
    return open(file, mode, encoding=encoding, errors=errors)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a9faecbe4ae142f0 Environment-variable access.
pkgs/python/[email protected]/src/click/_termui_impl.py:418
    pager_cmd_parts = shlex.split(os.environ.get("PAGER", ""))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fce50902412fecc3 Environment-variable access.
pkgs/python/[email protected]/src/click/_termui_impl.py:424
    if os.environ.get("TERM") in ("dumb", "emacs"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #235578b972ce48a1 Environment-variable access.
pkgs/python/[email protected]/src/click/_termui_impl.py:516
    env = dict(os.environ)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #45ce2f00ef9be5a2 Environment-variable access.
pkgs/python/[email protected]/src/click/_termui_impl.py:521
        less_flags = f"{os.environ.get('LESS', '')}{' '.join(cmd_params)}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #50e0edde245c57e0 Environment-variable access.
pkgs/python/[email protected]/src/click/_termui_impl.py:673
            rv = os.environ.get(key)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e0c6dfe5b4df4e86 Environment-variable access.
pkgs/python/[email protected]/src/click/_termui_impl.py:695
            environ = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8cfc2f3e3c203a10 Filesystem access.
pkgs/python/[email protected]/src/click/_termui_impl.py:761
            with open(name, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #27356a2e15d32949 Filesystem access.
pkgs/python/[email protected]/src/click/_termui_impl.py:790
        null = open("/dev/null", "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b0f051fca874eac7 Filesystem access.
pkgs/python/[email protected]/src/click/_termui_impl.py:916
            f = open("/dev/tty")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #55c14aa71958a7b8 Filesystem access.
pkgs/python/[email protected]/src/click/core.py:1243
                formatter.write_text(text)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #340e499ad052e870 Filesystem access.
pkgs/python/[email protected]/src/click/core.py:1264
                formatter.write_text(epilog)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7ab43b5144e2ecd5 Environment-variable access.
pkgs/python/[email protected]/src/click/core.py:1557
        instruction = os.environ.get(complete_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0ceeffd3f7aeff1d Environment-variable access.
pkgs/python/[email protected]/src/click/core.py:2631
            rv = os.environ.get(self.envvar)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5ae8ec68af857df7 Environment-variable access.
pkgs/python/[email protected]/src/click/core.py:2637
                rv = os.environ.get(envvar)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #270853c077f6d2b0 Environment-variable access.
pkgs/python/[email protected]/src/click/core.py:3402
            rv = os.environ.get(envvar)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bf5ecb5224acb313 Environment-variable access.
pkgs/python/[email protected]/src/click/shell_completion.py:371
        cwords = split_arg_string(os.environ["COMP_WORDS"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4bc3306d00d192ab Environment-variable access.
pkgs/python/[email protected]/src/click/shell_completion.py:372
        cword = int(os.environ["COMP_CWORD"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2d41053bf049586f Environment-variable access.
pkgs/python/[email protected]/src/click/shell_completion.py:393
        cwords = split_arg_string(os.environ["COMP_WORDS"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ecdcdec69f8097aa Environment-variable access.
pkgs/python/[email protected]/src/click/shell_completion.py:394
        cword = int(os.environ["COMP_CWORD"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #80621947f297d1e4 Environment-variable access.
pkgs/python/[email protected]/src/click/shell_completion.py:429
        cwords = split_arg_string(os.environ["COMP_WORDS"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #17e66d07ca1a88de Environment-variable access.
pkgs/python/[email protected]/src/click/shell_completion.py:430
        incomplete = os.environ["COMP_CWORD"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7b08dda8a3aefc72 Environment-variable access.
pkgs/python/[email protected]/src/click/testing.py:567
                old_env[key] = os.environ.get(key)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2c1bd6941bbfa617 Environment-variable access.
pkgs/python/[email protected]/src/click/testing.py:570
                        del os.environ[key]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #034bcaa757322eba Environment-variable access.
pkgs/python/[email protected]/src/click/testing.py:574
                    os.environ[key] = value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9c76f857bb24008e Environment-variable access.
pkgs/python/[email protected]/src/click/testing.py:580
                        del os.environ[key]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7691bd4ee98bb6ac Environment-variable access.
pkgs/python/[email protected]/src/click/testing.py:584
                    os.environ[key] = value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5e3e68814608cc43 Filesystem access.
pkgs/python/[email protected]/src/click/utils.py:149
                open(filename, mode).close()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b050618c2e78469f Environment-variable access.
pkgs/python/[email protected]/src/click/utils.py:506
        folder = os.environ.get(key)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #395fab685da8d354 Environment-variable access.
pkgs/python/[email protected]/src/click/utils.py:517
        os.environ.get("XDG_CONFIG_HOME", os.path.expanduser("~/.config")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

contextual-client

python dependency
expand_more 18 low-confidence finding(s)
low egress dependency Excluded from app score #82339e321d89e5b9 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/contextual/_base_client.py:302
        return await self._client.request(self._page_cls, self._options)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #b08acad0e1a52b5e Environment-variable access.
pkgs/python/[email protected]/src/contextual/_client.py:89
            api_key = os.environ.get("CONTEXTUAL_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b4a25cddc2ee0ecf Environment-variable access.
pkgs/python/[email protected]/src/contextual/_client.py:91
            if os.getenv('SNOWFLAKE_INTERNAL_API_SERVICE', False):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7c31a79444d0ea88 Environment-variable access.
pkgs/python/[email protected]/src/contextual/_client.py:100
            base_url = os.environ.get("CONTEXTUAL_AI_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #885adeafcf243af2 Environment-variable access.
pkgs/python/[email protected]/src/contextual/_client.py:312
            api_key = os.environ.get("CONTEXTUAL_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cfdd43d3619a6337 Environment-variable access.
pkgs/python/[email protected]/src/contextual/_client.py:314
            if os.getenv('SNOWFLAKE_INTERNAL_API_SERVICE', False):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6c3b522cc3dcb8eb Environment-variable access.
pkgs/python/[email protected]/src/contextual/_client.py:323
            base_url = os.environ.get("CONTEXTUAL_AI_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9d8fea63340bcd85 Filesystem access.
pkgs/python/[email protected]/src/contextual/_files.py:67
            return (path.name, path.read_bytes())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #85ab7338d0c20574 Filesystem access.
pkgs/python/[email protected]/src/contextual/_files.py:79
        return pathlib.Path(file).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c98ca0cebd364fe6 Filesystem access.
pkgs/python/[email protected]/src/contextual/_files.py:109
            return (path.name, await path.read_bytes())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7c1aea8de96284ee Filesystem access.
pkgs/python/[email protected]/src/contextual/_files.py:121
        return await anyio.Path(file).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #af90b1e409d95d87 Environment-variable access.
pkgs/python/[email protected]/src/contextual/_models.py:97
            extra="allow", defer_build=coerce_boolean(os.environ.get("DEFER_PYDANTIC_BUILD", "true"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e920b4319e72465c Filesystem access.
pkgs/python/[email protected]/src/contextual/_response.py:494
        with open(file, mode="wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #136657a51859d26d Filesystem access.
pkgs/python/[email protected]/src/contextual/_response.py:536
        with open(file, mode="wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #324890edd66ebeb3 Environment-variable access.
pkgs/python/[email protected]/src/contextual/_utils/_logs.py:17
    env = os.environ.get("CONTEXTUAL_AI_LOG")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ae6977b6077f1922 Filesystem access.
pkgs/python/[email protected]/src/contextual/_utils/_transform.py:248
            binary = data.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a4b147361f0dbafc Filesystem access.
pkgs/python/[email protected]/src/contextual/_utils/_transform.py:414
            binary = await anyio.Path(data).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5a6ae5768027ccce Filesystem access.
pkgs/python/[email protected]/src/contextual/_utils/_utils.py:367
    contents = Path(path).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

crewai-cli

python dependency
expand_more 77 low-confidence finding(s)
low env_fs dependency Excluded from app score #ffc7d94e1abd36fe Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/checkpoint_cli.py:85
        with open(path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2c106e63d34007d2 Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/checkpoint_cli.py:233
            with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b2200fe245849f63 Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/checkpoint_cli.py:254
    with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dc1d6f4350f3215c Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/checkpoint_cli.py:265
    with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #db40cce03ad5a12e Environment-variable access.
pkgs/python/[email protected]/src/crewai_cli/cli.py:944
    crewai_tracing = os.getenv("CREWAI_TRACING_ENABLED", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bcfefa6807c6eff8 Environment-variable access.
pkgs/python/[email protected]/src/crewai_cli/cli.py:958
    crewai_testing = os.getenv("CREWAI_TESTING", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #eef9f5ec15221ecf Environment-variable access.
pkgs/python/[email protected]/src/crewai_cli/cli.py:962
    crewai_user_id = os.getenv("CREWAI_USER_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #22a116afb9327909 Environment-variable access.
pkgs/python/[email protected]/src/crewai_cli/cli.py:966
    crewai_org_id = os.getenv("CREWAI_ORG_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6cbce1207fdc284f Environment-variable access.
pkgs/python/[email protected]/src/crewai_cli/cli.py:1060
    env_enabled = os.getenv("CREWAI_TRACING_ENABLED", "false")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #061b5739bd68f7f5 Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/create_crew.py:32
    with open(template_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a1c46a7069e457e0 Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/create_flow.py:47
    with open(project_root / ".env", "w") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5e94911ac94b2194 Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/create_flow.py:70
            with open(src_file, "r", encoding="utf-8") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c9355066e2bc6730 Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/create_flow.py:83
        with open(dst_file, "w") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #625032ef3d685c04 Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/create_flow.py:142
        content = src_file.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1d3b0c0e5cbeeb3f Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/create_flow.py:149
        dst_file.write_text(content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4d1ef2ea3abea530 Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/create_flow.py:151
    (project_root / ".env").write_text("OPENAI_API_KEY=YOUR_API_KEY", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ed920293ff6c17ff Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/create_flow.py:152
    (package_root / "__init__.py").write_text("", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f89615269f9349e5 Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/create_flow.py:154
        (package_root / folder / ".gitkeep").write_text("", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e3d2aed6f915155b Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/create_json_crew.py:830
    path.write_text(content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a5f2d89848875e6c Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/create_json_crew.py:932
    (folder_path / "pyproject.toml").write_text(
        _render_json_crew_template(
            "pyproject.toml",
            {
                "folder_name": folder_name,
                "name": name,
                "crewai_tools_dependency": get_crewai_tools_dependency(),
            },
        ),
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5f1c9279e5268f27 Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/create_json_crew.py:945
    (folder_path / ".gitignore").write_text(
        _render_json_crew_template(".gitignore"),
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #49e7f1746ecbf422 Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/create_json_crew.py:951
    (folder_path / "README.md").write_text(
        _render_json_crew_template("README.md", {"name": name}),
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ea4e087e134524d0 Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/create_json_crew.py:957
    (folder_path / "knowledge" / "user_preference.txt").write_text(
        _render_json_crew_template("knowledge/user_preference.txt"),
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5b71cffd2cf912c1 Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/create_json_crew.py:963
    (folder_path / "skills" / ".gitkeep").write_text("", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a6c3da02291cdac1 Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/crew_run_tui.py:67
            content = env_file.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ceda59c04e62dca3 Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/crew_run_tui.py:71
            env_file.write_text(f"{content}{sep}{key}=true\n")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #de9f6fa3bb07e5b0 Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/crew_run_tui.py:73
            env_file.write_text(f"{key}=true\n")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #33947c25b0d0276b Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/deploy/validate.py:286
            referenced.update(pattern.findall(crew_path.read_text(errors="ignore")))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a5e04f99e8df7300 Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/deploy/validate.py:296
                    pattern.findall(agent_path.read_text(errors="ignore"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0c07d6723d2a12a1 Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/deploy/validate.py:305
                text = py_path.read_text(encoding="utf-8", errors="ignore")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c55cf7c60b6e5b08 Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/deploy/validate.py:321
            for line in env_file.read_text(errors="ignore").splitlines():

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3299100264949d74 Environment-variable access.
pkgs/python/[email protected]/src/crewai_cli/deploy/validate.py:332
            and var not in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ce6d8e3940d015d2 Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/deploy/validate.py:873
                text = path.read_text(encoding="utf-8", errors="ignore")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #35cd7d6be52e3d5e Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/deploy/validate.py:880
                text = path.read_text(encoding="utf-8", errors="ignore")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #18a8beb04269fb7b Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/deploy/validate.py:888
            for line in env_file.read_text(errors="ignore").splitlines():

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9c5259f90709b984 Environment-variable access.
pkgs/python/[email protected]/src/crewai_cli/deploy/validate.py:899
            and var not in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #75b1b549c156f3a1 Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/deploy/validate.py:931
            text = lockfile.read_text(errors="ignore")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #e7e43b4d73e12a40 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_cli/enterprise/main.py:50
            response = httpx.get(oauth_endpoint, timeout=30, headers=headers)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #ff0d16028c3fc642 Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/git.py:166
        existing = exclude_file.read_text() if exclude_file.exists() else ""

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #709364576a2bf7e3 Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/git.py:178
        exclude_file.write_text(
            f"{existing}{prefix}# CrewAI deploy auto-commit excludes\n{patterns}\n"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #345076187a498eb1 Environment-variable access.
pkgs/python/[email protected]/src/crewai_cli/model_catalog.py:79
        value = os.environ.get(env)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #659d848ac7bf2dcd Environment-variable access.
pkgs/python/[email protected]/src/crewai_cli/model_catalog.py:302
        os.environ.get("OLLAMA_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0a9604525c0f04dd Environment-variable access.
pkgs/python/[email protected]/src/crewai_cli/model_catalog.py:303
        or os.environ.get("API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d7d5530c3c44aaeb Environment-variable access.
pkgs/python/[email protected]/src/crewai_cli/model_catalog.py:304
        or os.environ.get("OLLAMA_HOST")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #86e402939b6bb7a0 Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/model_catalog.py:414
        cache_file.write_text(json.dumps(data), encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1a8b257235623375 Environment-variable access.
pkgs/python/[email protected]/src/crewai_cli/model_catalog.py:550
    ssl_config = os.environ.get("SSL_CERT_FILE") or certifi.where()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #dd3c763603b3e20c Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_cli/model_catalog.py:551
    response = httpx.get(
        url,
        headers=headers,
        params=params,
        timeout=_TIMEOUT,
        verify=ssl_config,
        follow_redirects=True,
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #92d94e9629ce4ada Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/model_catalog.py:585
        data: dict[str, Any] = json.loads(path.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0147f889c3e80a0e Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/model_catalog.py:673
        cache_file.write_text(json.dumps(payload), encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #1c7b8103dce9801d Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_cli/plus_api.py:52
            return client.request(method, url, files=files, **request_kwargs)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #3d4fc3127fb478bf Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/provider.py:149
        with open(cache_file, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3cd3e354d17c88d3 Environment-variable access.
pkgs/python/[email protected]/src/crewai_cli/provider.py:165
    ssl_config = os.environ["SSL_CERT_FILE"] = certifi.where()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f180272b302f03fc Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/provider.py:171
            with open(cache_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #83e9a76b4d46f279 Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_cli/remote_template/main.py:166
                response = httpx.get(url, params=params, timeout=15)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #ef4e2b7f8edae5f0 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_cli/remote_template/main.py:210
            response = httpx.get(url, follow_redirects=True, timeout=60)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #61d033d0856c18b5 Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/remote_template/main.py:249
                    with zf.open(member) as src, open(target, "wb") as dst:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f20b28d4f6a0ffda Environment-variable access.
pkgs/python/[email protected]/src/crewai_cli/run_crew.py:321
        os.environ[CREWAI_TRAINED_AGENTS_FILE_ENV] = trained_agents_file

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b289015d8f3496a4 Environment-variable access.
pkgs/python/[email protected]/src/crewai_cli/run_declarative_flow.py:492
    return os.environ.get("UV_RUN_RECURSION_DEPTH") is not None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1a8d4d11080be30a Environment-variable access.
pkgs/python/[email protected]/src/crewai_cli/settings/main.py:45
        env_tracing = os.getenv("CREWAI_TRACING_ENABLED", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0503003c0aaf5008 Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/skills/main.py:67
        skill_md.write_text(_SKILL_MD_TEMPLATE.format(name=name), encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #d3eaebe3c50dfe69 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_cli/skills/main.py:133
            dl_response = httpx.get(download_url, follow_redirects=True)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #c6bdb9876ee1c325 Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/skills/main.py:174
                (cache_dir / ".crewai_meta.json").write_text(
                    json.dumps(meta, indent=2), encoding="utf-8"
                )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #86131027b9011a99 Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/skills/main.py:232
            frontmatter = self._parse_frontmatter(skill_md.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6f2a73b24d5fe446 Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/skills/main.py:323
                            meta = json.loads(meta_file.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3dbe4556110724af Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/skills/main.py:414
            fm = self._parse_frontmatter(skill_md.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cba4d6f79211e35c Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/templates/flow/main.py:49
        with open(output_dir / "post.md", "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #75e65d3ade2cf21d Environment-variable access.
pkgs/python/[email protected]/src/crewai_cli/tools/main.py:147
        build_env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #24f9c20ea69b593b Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/tools/main.py:180
            with open(tarball_path, "rb") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #373db5b4523adb08 Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/update_crew.py:96
    with open(output_file, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #008d867071e68af0 Environment-variable access.
pkgs/python/[email protected]/src/crewai_cli/utils.py:53
    value = os.environ.get("CREWAI_DMN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cb61e5b986241b90 Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/utils.py:86
    with open(dst, "w") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #76fb1889227c61db Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/utils.py:94
    content = src.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6993f8bf0df2b8ef Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/utils.py:104
        with open(env_file_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ae0393b760d1af52 Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/utils.py:142
            with open(filepath, "r", encoding="utf-8", errors="ignore") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9b3e2d2c360c37fa Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/utils.py:144
            with open(filepath, "w") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ce9802f16826937e Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/utils.py:165
        with open(env_file_path, "r") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #61ee3c8c90819443 Filesystem access.
pkgs/python/[email protected]/src/crewai_cli/utils.py:176
    with open(env_file_path, "w") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

crewai-files

python dependency
expand_more 18 low-confidence finding(s)
low env_fs dependency Excluded from app score #7a89eb31a9e6093d Filesystem access.
pkgs/python/[email protected]/src/crewai_files/core/sources.py:263
            self._content = self.path.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d09ca4aa628d3c8e Filesystem access.
pkgs/python/[email protected]/src/crewai_files/core/sources.py:282
        with open(self.path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #617a9d0dacc2e9d3 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_files/core/sources.py:533
            response = httpx.get(self.url, follow_redirects=True)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #6d1901411fc6bfe6 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/crewai_files/core/sources.py:546
                response = await client.get(self.url, follow_redirects=True)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #af9ee6f229c4e811 Environment-variable access.
pkgs/python/[email protected]/src/crewai_files/formatting/api.py:294
        s3_bucket = os.environ.get("CREWAI_BEDROCK_S3_BUCKET")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #89525ecb7b25959e Environment-variable access.
pkgs/python/[email protected]/src/crewai_files/formatting/api.py:333
        s3_bucket_owner = os.environ.get("CREWAI_BEDROCK_S3_BUCKET_OWNER")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #91a290b9e01381c1 Environment-variable access.
pkgs/python/[email protected]/src/crewai_files/uploaders/anthropic.py:39
        self._api_key = api_key or os.environ.get("ANTHROPIC_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4916e291d7b71128 Filesystem access.
pkgs/python/[email protected]/src/crewai_files/uploaders/bedrock.py:94
    with open(file_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b352fa997593b3b3 Environment-variable access.
pkgs/python/[email protected]/src/crewai_files/uploaders/bedrock.py:128
        self._bucket_name = bucket_name or os.environ.get("CREWAI_BEDROCK_S3_BUCKET")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c9cda2a286bb9237 Environment-variable access.
pkgs/python/[email protected]/src/crewai_files/uploaders/bedrock.py:129
        self._bucket_owner = bucket_owner or os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5f965508abe2f87c Environment-variable access.
pkgs/python/[email protected]/src/crewai_files/uploaders/bedrock.py:129
        self._bucket_owner = bucket_owner or os.environ.get(
            "CREWAI_BEDROCK_S3_BUCKET_OWNER"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #57b790135dc896dd Environment-variable access.
pkgs/python/[email protected]/src/crewai_files/uploaders/bedrock.py:133
        self._region = region or os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e69f7bd574b1f257 Environment-variable access.
pkgs/python/[email protected]/src/crewai_files/uploaders/bedrock.py:133
        self._region = region or os.environ.get(
            "AWS_REGION", os.environ.get("AWS_DEFAULT_REGION")
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #943b449cc98e75d0 Environment-variable access.
pkgs/python/[email protected]/src/crewai_files/uploaders/bedrock.py:134
            "AWS_REGION", os.environ.get("AWS_DEFAULT_REGION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d4ab2f24cd88245d Filesystem access.
pkgs/python/[email protected]/src/crewai_files/uploaders/bedrock.py:269
                with open(file_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #35821340c02de608 Environment-variable access.
pkgs/python/[email protected]/src/crewai_files/uploaders/factory.py:192
            not os.environ.get("CREWAI_BEDROCK_S3_BUCKET")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fbd1975dc831b6f3 Environment-variable access.
pkgs/python/[email protected]/src/crewai_files/uploaders/gemini.py:108
        self._api_key = api_key or os.environ.get("GOOGLE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cec3edf9ffc94e15 Environment-variable access.
pkgs/python/[email protected]/src/crewai_files/uploaders/openai.py:136
        self._api_key = api_key or os.environ.get("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

cryptography

python dependency
expand_more 22 low-confidence finding(s)
low env_fs tooling reachable #002e72d98c4d1c78 Filesystem access.
pkgs/python/[email protected]/docs/conf.py:88
with open(os.path.join(base_dir, "src", "cryptography", "__about__.py")) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #09c697f6b040b649 Filesystem access.
pkgs/python/[email protected]/docs/development/custom-vectors/aes-192-gcm-siv/generate_aes192gcmsiv.py:52
    with open(filename) as vector_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #1e2d3e8c123f2063 Filesystem access.
pkgs/python/[email protected]/docs/development/custom-vectors/aes-192-gcm-siv/generate_aes192gcmsiv.py:81
    with open(filename, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #5c25d9c947eeb7f1 Filesystem access.
pkgs/python/[email protected]/docs/development/custom-vectors/arc4/generate_arc4.py:92
    with open(filename, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #2d064cb57ae3b5f4 Filesystem access.
pkgs/python/[email protected]/docs/development/custom-vectors/cast5/generate_cast5.py:28
    with open(filename) as vector_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #d0fd2eb52e6aff74 Filesystem access.
pkgs/python/[email protected]/docs/development/custom-vectors/cast5/generate_cast5.py:52
    with open(filename, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #02ecda5824f661d3 Filesystem access.
pkgs/python/[email protected]/docs/development/custom-vectors/hkdf/generate_hkdf.py:34
    with open(filename, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #012808fa4c8ccc5a Filesystem access.
pkgs/python/[email protected]/docs/development/custom-vectors/idea/generate_idea.py:18
    with open(filename) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #a4d100cfb33aad9e Filesystem access.
pkgs/python/[email protected]/docs/development/custom-vectors/idea/generate_idea.py:50
    with open(filename, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #851700172d8089a6 Filesystem access.
pkgs/python/[email protected]/docs/development/custom-vectors/idea/verify_idea.py:22
    with open(filename) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #1feae00d15fbc62a Filesystem access.
pkgs/python/[email protected]/docs/development/custom-vectors/rsa-oaep-sha2/generate_rsa_oaep_sha2.py:98
    with open(filename, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #994f84d6710473b1 Filesystem access.
pkgs/python/[email protected]/docs/development/custom-vectors/seed/generate_seed.py:18
    with open(filename) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #44c155e0589c5c7a Filesystem access.
pkgs/python/[email protected]/docs/development/custom-vectors/seed/generate_seed.py:49
    with open(filename, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #d3fd95d3317fa1e4 Filesystem access.
pkgs/python/[email protected]/docs/development/custom-vectors/seed/verify_seed.py:20
    with open(filename) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ca80a628d4aa082f Environment-variable access.
pkgs/python/[email protected]/noxfile.py:64
        rustflags = os.environ.get("RUSTFLAGS", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #da7e530701a4910b Environment-variable access.
pkgs/python/[email protected]/noxfile.py:239
    rustflags = os.environ.get("RUSTFLAGS", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #35df6a651eaef143 Environment-variable access.
pkgs/python/[email protected]/noxfile.py:291
    if "CARGO_INCREMENTAL" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cc97e8f97a6aa2e1 Filesystem access.
pkgs/python/[email protected]/noxfile.py:406
        with open(f"{uuid.uuid4()}.lcov", "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #548dce9f0b8ef0e5 Filesystem access.
pkgs/python/[email protected]/release.py:54
    content = p.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d9ea0af229189aca Filesystem access.
pkgs/python/[email protected]/release.py:60
    p.write_text(new_content)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d894feda28b8b4e3 Environment-variable access.
pkgs/python/[email protected]/src/_cffi_src/build_openssl.py:49
    out_dir = os.environ["OUT_DIR"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #42a4dfbef9ca3b2f Filesystem access.
pkgs/python/[email protected]/src/_cffi_src/utils.py:16
with open(os.path.join(base_src, "cryptography", "__about__.py")) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

docling-core

python dependency
expand_more 24 low-confidence finding(s)
low env_fs dependency Excluded from app score #fd443724522916d9 Filesystem access.
pkgs/python/[email protected]/docling_core/cli/serialize.py:125
        output.write_text(result, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2df3cd32d43b4dcf Filesystem access.
pkgs/python/[email protected]/docling_core/cli/view.py:72
    target_path.write_text(html_output, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a951dbae622f4040 Filesystem access.
pkgs/python/[email protected]/docling_core/transforms/chunker/tokenizer/huggingface.py:38
                with open(config_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #45f204c42ba04137 Filesystem access.
pkgs/python/[email protected]/docling_core/types/doc/document.py:3516
        filename.write_text(json.dumps(out, indent=indent), encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2947cda5cb3de9d5 Filesystem access.
pkgs/python/[email protected]/docling_core/types/doc/document.py:3531
        return cls.model_validate_json(filename.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6877669108fad96b Filesystem access.
pkgs/python/[email protected]/docling_core/types/doc/document.py:3561
        filename.write_text(stream.getvalue(), encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #97a5a28856cedff4 Filesystem access.
pkgs/python/[email protected]/docling_core/types/doc/document.py:3575
        data = yaml.load(filename.read_text(encoding="utf-8"), Loader=yaml.SafeLoader)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #28d740656d5172ca Filesystem access.
pkgs/python/[email protected]/docling_core/types/doc/document.py:3651
        filename.write_text(md_out, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #84ada41b74b1e929 Filesystem access.
pkgs/python/[email protected]/docling_core/types/doc/document.py:3905
        filename.write_text(html_out, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a25983bf84644402 Filesystem access.
pkgs/python/[email protected]/docling_core/types/doc/document.py:4076
        filename.write_text(vtt_out, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #73ec62539cd54ce6 Filesystem access.
pkgs/python/[email protected]/docling_core/types/doc/document.py:4687
        filename.write_text(out, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d9ac6fabfc1291bd Filesystem access.
pkgs/python/[email protected]/docling_core/types/doc/document.py:4780
        filename.write_text(f"{out}\n", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f1870220fa1a940d Filesystem access.
pkgs/python/[email protected]/docling_core/types/doc/document.py:4817
            document_path.write_text(f"{serializer.serialize().text}\n", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5e01f34b82b873cc Filesystem access.
pkgs/python/[email protected]/docling_core/types/doc/document.py:4912
            document_xml.read_text(encoding="utf-8"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #820a9b82c039672f Filesystem access.
pkgs/python/[email protected]/docling_core/types/doc/page.py:691
        filename.write_text(json.dumps(out, indent=indent), encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #69c2c913e41dcf9f Filesystem access.
pkgs/python/[email protected]/docling_core/types/doc/page.py:705
        return cls.model_validate_json(filename.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0ab723d49a07a902 Filesystem access.
pkgs/python/[email protected]/docling_core/types/doc/page.py:1391
        filename.write_text(json.dumps(out, indent=indent), encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6adbc12e53dc73dc Filesystem access.
pkgs/python/[email protected]/docling_core/types/doc/page.py:1405
        return cls.model_validate_json(filename.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f935ef6487eac0cd Filesystem access.
pkgs/python/[email protected]/docling_core/types/doc/page.py:1450
        filename.write_text(json.dumps(out, indent=indent), encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #512fd8fae5713105 Filesystem access.
pkgs/python/[email protected]/docling_core/types/doc/page.py:1464
        return cls.model_validate_json(filename.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e5d4eb98f52f307c Filesystem access.
pkgs/python/[email protected]/docling_core/types/doc/utils.py:200
            with zf.open(member) as src, open(target, "wb") as dst:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #2f00a7ad991ae5e9 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/docling_core/utils/file.py:194
            with session.get(
                url_str,
                stream=True,
                headers=req_headers,
                allow_redirects=True,
            ) as res:

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #fb71fcc622d9f029 Filesystem access.
pkgs/python/[email protected]/docling_core/utils/file.py:242
            stream = BytesIO(local_path.read_bytes())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3285e1293bac3fc7 Filesystem access.
pkgs/python/[email protected]/docling_core/utils/generate_docs.py:48
        output_file.write_text(json.dumps(json_schema, ensure_ascii=False, indent=2), encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

e2b-code-interpreter

python dependency
expand_more 6 low-confidence finding(s)
low egress dependency Excluded from app score #8b91b0a8230cd1ec Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/e2b_code_interpreter/code_interpreter_async.py:272
            response = await self._client.post(
                f"{self._jupyter_url}/contexts",
                headers=headers,
                json=data,
                timeout=request_timeout or self.connection_config.request_timeout,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #ec49f5c985d93069 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/e2b_code_interpreter/code_interpreter_async.py:339
            response = await self._client.get(
                f"{self._jupyter_url}/contexts",
                headers=headers,
                timeout=self.connection_config.request_timeout,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #de5b85b421fa8f46 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/e2b_code_interpreter/code_interpreter_async.py:376
            response = await self._client.post(
                f"{self._jupyter_url}/contexts/{context_id}/restart",
                headers=headers,
                timeout=self.connection_config.request_timeout,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #7a912a8227e99bfc Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/e2b_code_interpreter/code_interpreter_sync.py:265
            response = self._client.post(
                f"{self._jupyter_url}/contexts",
                json=data,
                headers=headers,
                timeout=request_timeout or self.connection_config.request_timeout,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #640f8678249782d6 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/e2b_code_interpreter/code_interpreter_sync.py:332
            response = self._client.get(
                f"{self._jupyter_url}/contexts",
                headers=headers,
                timeout=self.connection_config.request_timeout,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #621fbd28fa3d96ab Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/e2b_code_interpreter/code_interpreter_sync.py:370
            response = self._client.post(
                f"{self._jupyter_url}/contexts/{context_id}/restart",
                headers=headers,
                timeout=self.connection_config.request_timeout,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

exa-py

python dependency
expand_more 13 low-confidence finding(s)
low env_fs dependency Excluded from app score #3ee1187a0ba8435a Environment-variable access.
pkgs/python/[email protected]/exa_py/api.py:50
is_beta = os.getenv("IS_BETA") == "True"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #683c579d830ad29c Environment-variable access.
pkgs/python/[email protected]/exa_py/api.py:1440
            api_key = os.environ.get("EXA_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #05e987ddc30518b7 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/exa_py/api.py:1512
                res = requests.get(
                    self.base_url + endpoint,
                    headers=request_headers,
                    params=params,
                    stream=True,
                )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #bd45f3c8cb478d07 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/exa_py/api.py:1526
                res = requests.get(
                    self.base_url + endpoint, headers=request_headers, params=params
                )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #4fd86c4cc0fecf2e Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/exa_py/api.py:1531
                res = requests.post(
                    self.base_url + endpoint,
                    data=json_data,
                    headers=request_headers,
                    stream=True,
                )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #44d9489ac3ffd2d5 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/exa_py/api.py:1545
                res = requests.post(
                    self.base_url + endpoint, data=json_data, headers=request_headers
                )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #1322cd29643ee456 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/exa_py/api.py:2736
                res = await self.client.get(
                    self.base_url + endpoint, params=params, headers=request_headers
                )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #ab36f872d191c442 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/exa_py/api.py:2754
                res = await self.client.post(
                    self.base_url + endpoint, json=data, headers=request_headers
                )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #cd6a0ef9cebc7101 Filesystem access.
pkgs/python/[email protected]/exa_py/utils.py:185
            with open(pyproject_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #05a781050866ee73 Filesystem access.
pkgs/python/[email protected]/exa_py/websets/imports/client.py:54
                with open(csv_data, 'r', encoding='utf-8') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #2f88488f4073f3df Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/exa_py/websets/imports/client.py:92
        upload_response = requests.put(
            import_response.upload_url,
            data=csv_content,
            headers={'Content-Type': 'text/csv'}
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #865479037763b521 Filesystem access.
pkgs/python/[email protected]/exa_py/websets/imports/client.py:217
                with open(csv_data, 'r', encoding='utf-8') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #86aa3e47c4862322 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/exa_py/websets/imports/client.py:257
            upload_response = await http_client.put(
                import_response.upload_url,
                data=csv_content,
                headers={'Content-Type': 'text/csv'}
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

gitpython

python dependency
expand_more 55 low-confidence finding(s)
low env_fs dependency Excluded from app score #87e51c8084ab4649 Filesystem access.
pkgs/python/[email protected]/doc/source/conf.py:50
with open(os.path.join(os.path.dirname(__file__), "..", "..", "VERSION")) as fd:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #464cad692292839e Environment-variable access.
pkgs/python/[email protected]/git/cmd.py:668
    GIT_PYTHON_TRACE = os.environ.get("GIT_PYTHON_TRACE", False)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #472f16eaebafc9a7 Environment-variable access.
pkgs/python/[email protected]/git/cmd.py:784
            new_git = os.environ.get(cls._git_exec_env_var, cls.git_exec_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e250a49899eeb37f Environment-variable access.
pkgs/python/[email protected]/git/cmd.py:833
                mode = os.environ.get(cls._refresh_env_var, "raise").lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6602751e79269e9e Environment-variable access.
pkgs/python/[email protected]/git/cmd.py:1369
        env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #57ca3e0268976f83 Filesystem access.
pkgs/python/[email protected]/git/cmd.py:1391
        stdout_sink = PIPE if with_stdout else getattr(subprocess, "DEVNULL", None) or open(os.devnull, "wb")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #41beb0eac858b617 Environment-variable access.
pkgs/python/[email protected]/git/config.py:259
        config_home = os.environ.get("XDG_CONFIG_HOME") or osp.join(os.environ.get("HOME", "~"), ".config")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0b982557296ae2fa Filesystem access.
pkgs/python/[email protected]/git/config.py:652
                    with open(file_path, "rb") as fp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #97eb667b476a3968 Filesystem access.
pkgs/python/[email protected]/git/config.py:770
            with open(fp, "wb") as fp_open:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e99b387a9f6926e1 Filesystem access.
pkgs/python/[email protected]/git/index/base.py:705
                return open(filepath, "rb")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0aed7eb1785630c0 Filesystem access.
pkgs/python/[email protected]/git/index/base.py:1180
        with open(self._commit_editmsg_filepath(), "wb") as commit_editmsg_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d652e2a15d238183 Filesystem access.
pkgs/python/[email protected]/git/index/base.py:1187
        with open(self._commit_editmsg_filepath(), "rb") as commit_editmsg_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #909bc3330e67df79 Environment-variable access.
pkgs/python/[email protected]/git/index/fun.py:89
    env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d795fead3e849e37 Environment-variable access.
pkgs/python/[email protected]/git/objects/commit.py:681
        env = os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6668556a98f3d808 Filesystem access.
pkgs/python/[email protected]/git/objects/submodule/base.py:428
        with open(git_file, "wb") as fp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #202eb780841684db Filesystem access.
pkgs/python/[email protected]/git/refs/log.py:267
        with open(filepath, "rb") as fp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #696e0ad84f65d016 Filesystem access.
pkgs/python/[email protected]/git/refs/log.py:363
            fd = open(filepath, "ab")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #47522aa3764a4e77 Filesystem access.
pkgs/python/[email protected]/git/refs/symbolic.py:152
            with open(cls._get_packed_refs_path(repo), "rt", encoding="UTF-8") as fp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b11b1131bca33bf1 Filesystem access.
pkgs/python/[email protected]/git/refs/symbolic.py:265
            with open(os.path.join(repodir, ref_path), "rt", encoding="UTF-8") as fp:  # type: ignore[arg-type]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ba1d9523cdf10a4c Filesystem access.
pkgs/python/[email protected]/git/refs/symbolic.py:668
                with open(pack_file_path, "rb") as reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #557ec73d988b3b15 Filesystem access.
pkgs/python/[email protected]/git/refs/symbolic.py:696
                    with open(pack_file_path, "wb") as fd:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #09f376df485a15ff Filesystem access.
pkgs/python/[email protected]/git/refs/symbolic.py:738
            with open(abs_ref_path, "rb") as fd:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d652c8fad635be7f Filesystem access.
pkgs/python/[email protected]/git/refs/symbolic.py:822
                with open(new_abs_path, "rb") as fd1:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #528fcbea317f454f Filesystem access.
pkgs/python/[email protected]/git/refs/symbolic.py:824
                with open(cur_abs_path, "rb") as fd2:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d96cbab1c87b4942 Filesystem access.
pkgs/python/[email protected]/git/remote.py:918
        with open(fetch_head.abspath, "rb") as fp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e289b4f6a31da383 Environment-variable access.
repo/base.py:230
        epath = path or os.getenv("GIT_DIR")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2b092011ee981ae0 Environment-variable access.
repo/base.py:266
                if "GIT_WORK_TREE" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1bbf824e081a4368 Environment-variable access.
repo/base.py:267
                    self._working_tree_dir = os.getenv("GIT_WORK_TREE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #82566d01f949bf98 Filesystem access.
repo/base.py:271
                    with open(osp.join(git_dir, "gitdir")) as fp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4dea09979f9f1aa4 Environment-variable access.
repo/base.py:294
                if os.environ.get("GIT_COMMON_DIR") is None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #04b44dfba2e38cbf Environment-variable access.
repo/base.py:298
                if "GIT_WORK_TREE" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #74b384e3d098ab17 Environment-variable access.
repo/base.py:299
                    self._working_tree_dir = os.getenv("GIT_WORK_TREE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #35191415050c7905 Filesystem access.
repo/base.py:336
            common_dir = (Path(self.git_dir) / "commondir").read_text().splitlines()[0].strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1d41521f90c86f66 Filesystem access.
repo/base.py:397
        with open(filename, "rb") as fp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a44c28b923267e9d Filesystem access.
repo/base.py:403
        with open(filename, "wb") as fp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #74656aa301b51d5d Environment-variable access.
repo/base.py:678
            config_home = os.environ.get("XDG_CONFIG_HOME") or osp.join(os.environ.get("HOME", "~"), ".config")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2eef23dfd3ac0192 Filesystem access.
repo/base.py:952
            with open(alternates_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #06da48017a89a5d4 Filesystem access.
repo/base.py:975
            with open(alternates_path, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8297ae5521b8e962 Filesystem access.
repo/base.py:1729
        with open(rebase_head_file, "rt") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #343a2407d6781dd9 Filesystem access.
repo/fun.py:55
    with open(filename, "ab"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4fceefd86ebb5685 Environment-variable access.
repo/fun.py:69
        if (osp.isdir(osp.join(d, "objects")) or "GIT_OBJECT_DIRECTORY" in os.environ) and osp.isdir(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #12cd13ed019e8231 Filesystem access.
repo/fun.py:93
        lines = Path(dotgit).read_text().splitlines()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b225b550eecba18d Filesystem access.
repo/fun.py:108
        with open(d) as fp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f94063845640a256 Environment-variable access.
pkgs/python/[email protected]/git/util.py:122
        value = os.environ[name]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5dbbada83e945726 Environment-variable access.
pkgs/python/[email protected]/git/util.py:201
    old_value = os.getenv(name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #acea43a3fa0ee906 Environment-variable access.
pkgs/python/[email protected]/git/util.py:202
    os.environ[name] = value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #196e1a0378c13825 Environment-variable access.
pkgs/python/[email protected]/git/util.py:207
            del os.environ[name]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e1906b78b671c2cc Environment-variable access.
pkgs/python/[email protected]/git/util.py:209
            os.environ[name] = old_value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #037555611cefbc32 Environment-variable access.
pkgs/python/[email protected]/git/util.py:338
    PATHEXT = os.environ.get("PATHEXT", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c9d401b0b4448c72 Environment-variable access.
pkgs/python/[email protected]/git/util.py:374
        path = os.environ["PATH"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ac24ca09e53d0227 Environment-variable access.
pkgs/python/[email protected]/git/util.py:868
                val = os.environ[evar]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #22b076c4ec4ff697 Filesystem access.
pkgs/python/[email protected]/git/util.py:1054
            with open(lock_file, mode="w"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #789a93962cee1754 Filesystem access.
pkgs/python/[email protected]/setup.py:14
    return (Path(__file__).parent / path).read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #50bcffb8de2cfd40 Filesystem access.
pkgs/python/[email protected]/setup.py:49
        with open(filename) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c35fe548b899a5f4 Filesystem access.
pkgs/python/[email protected]/setup.py:59
        with open(filename, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

google-genai

python dependency
expand_more 87 low-confidence finding(s)
low env_fs dependency Excluded from app score #2f818df8a0569ec1 Environment-variable access.
pkgs/python/[email protected]/google/genai/_api_client.py:110
  env_google_api_key = os.environ.get('GOOGLE_API_KEY', None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5a97f882fad50569 Environment-variable access.
pkgs/python/[email protected]/google/genai/_api_client.py:111
  env_gemini_api_key = os.environ.get('GEMINI_API_KEY', None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9a6101c22620709e Environment-variable access.
pkgs/python/[email protected]/google/genai/_api_client.py:616
      env_enterprise_str = os.environ.get('GOOGLE_GENAI_USE_ENTERPRISE', None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #42d8f1653c7dce25 Environment-variable access.
pkgs/python/[email protected]/google/genai/_api_client.py:617
      env_vertexai_str = os.environ.get('GOOGLE_GENAI_USE_VERTEXAI', None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #82c9c536ce26d495 Environment-variable access.
pkgs/python/[email protected]/google/genai/_api_client.py:677
    env_project = os.environ.get('GOOGLE_CLOUD_PROJECT', None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5bc7770bc4416fa0 Environment-variable access.
pkgs/python/[email protected]/google/genai/_api_client.py:678
    env_location = os.environ.get('GOOGLE_CLOUD_LOCATION', None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3944ce482104bdb1 Environment-variable access.
pkgs/python/[email protected]/google/genai/_api_client.py:1046
          cafile=os.environ.get('SSL_CERT_FILE', certifi.where()),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cbaf6773e91e91ce Environment-variable access.
pkgs/python/[email protected]/google/genai/_api_client.py:1047
          capath=os.environ.get('SSL_CERT_DIR'),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #55e6f9da41c754e4 Environment-variable access.
pkgs/python/[email protected]/google/genai/_api_client.py:1100
          cafile=os.environ.get('SSL_CERT_FILE', certifi.where()),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f3fa8dc57da57668 Environment-variable access.
pkgs/python/[email protected]/google/genai/_api_client.py:1101
          capath=os.environ.get('SSL_CERT_DIR'),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #eda985c7c9f9f7dd Environment-variable access.
pkgs/python/[email protected]/google/genai/_api_client.py:1158
          cafile=os.environ.get('SSL_CERT_FILE', certifi.where()),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #779fa5e475929630 Environment-variable access.
pkgs/python/[email protected]/google/genai/_api_client.py:1159
          capath=os.environ.get('SSL_CERT_DIR'),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cd32f90cc6433c93 Filesystem access.
pkgs/python/[email protected]/google/genai/_api_client.py:1764
      with open(file_path, 'rb') as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8deb5030da07a509 Environment-variable access.
pkgs/python/[email protected]/google/genai/_base_url.py:48
    return _default_base_vertex_url or os.getenv('GOOGLE_VERTEX_BASE_URL')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3c00fc1a73d82d1a Environment-variable access.
pkgs/python/[email protected]/google/genai/_base_url.py:50
    return _default_base_gemini_url or os.getenv('GOOGLE_GEMINI_BASE_URL')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d7b77cb1801e813f Filesystem access.
pkgs/python/[email protected]/google/genai/_gaos/types/base64fileinput.py:39
            with open(value, "rb") as fh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #13738591ebf31f12 Environment-variable access.
pkgs/python/[email protected]/google/genai/_gaos/utils/logger.py:40
    if os.getenv("GOOGLE_GENAI_DEBUG"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1fe76f4bffd441e3 Environment-variable access.
pkgs/python/[email protected]/google/genai/_gaos/utils/security.py:95
    if os.getenv("GOOGLE_GENAI_API_KEY"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #28d9c9e36138c127 Environment-variable access.
pkgs/python/[email protected]/google/genai/_gaos/utils/security.py:96
        security_dict["api_key"] = os.getenv("GOOGLE_GENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dbb372e849ced547 Environment-variable access.
pkgs/python/[email protected]/google/genai/_gaos/utils/security.py:98
    if os.getenv("GOOGLE_GENAI_ACCESS_TOKEN"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f73b9e2a6bef37a6 Environment-variable access.
pkgs/python/[email protected]/google/genai/_gaos/utils/security.py:99
        security_dict["access_token"] = os.getenv("GOOGLE_GENAI_ACCESS_TOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5118c2dda77f92db Environment-variable access.
pkgs/python/[email protected]/google/genai/_gaos/utils/security.py:101
    if os.getenv("GOOGLE_GENAI_DEFAULT_HEADERS"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e28cab5635f75a94 Environment-variable access.
pkgs/python/[email protected]/google/genai/_gaos/utils/security.py:102
        security_dict["default_headers"] = os.getenv("GOOGLE_GENAI_DEFAULT_HEADERS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a08c36dbb1201d47 Environment-variable access.
pkgs/python/[email protected]/google/genai/_gaos/utils/values.py:79
    env_value = os.getenv(env_key)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #a4c37b309742b34d Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/_local_tokenizer_loader.py:82
  resp = requests.get(file_url_path)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #290bb0f8436091a2 Filesystem access.
pkgs/python/[email protected]/google/genai/_local_tokenizer_loader.py:111
  with open(file_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5555b74a7493f281 Filesystem access.
pkgs/python/[email protected]/google/genai/_local_tokenizer_loader.py:128
    with open(tmp_path, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #901e5b432504cce8 Environment-variable access.
pkgs/python/[email protected]/google/genai/_replay_api_client.py:223
      os.environ.get('PYTEST_CURRENT_TEST'),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #543c86a19013a26a Environment-variable access.
pkgs/python/[email protected]/google/genai/_replay_api_client.py:315
      self.replays_directory = os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0cf9b76d6f73e656 Environment-variable access.
pkgs/python/[email protected]/google/genai/_replay_api_client.py:315
      self.replays_directory = os.environ.get(
          'GOOGLE_GENAI_REPLAYS_DIRECTORY', None
      )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e2411cacde5fe133 Filesystem access.
pkgs/python/[email protected]/google/genai/_replay_api_client.py:359
      with open(replay_file_path, 'r') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #10efec3a42ae8af3 Filesystem access.
pkgs/python/[email protected]/google/genai/_replay_api_client.py:386
    with open(replay_file_path, 'w') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #527dad3ec15d3be4 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/batches.py:1827
    response = self._api_client.request(
        'post', path, request_dict, http_options
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #2b2bbe28897a8c3d Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/batches.py:1906
    response = self._api_client.request(
        'post', path, request_dict, http_options
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #a0a85344de89a951 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/batches.py:2001
    response = self._api_client.request('get', path, request_dict, http_options)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #111649c965609241 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/batches.py:2097
    self._api_client.request('post', path, request_dict, http_options)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #8f162283d153ccfc Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/batches.py:2138
    response = self._api_client.request('get', path, request_dict, http_options)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #6fda82f278eb8079 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/batches.py:2236
    response = self._api_client.request(
        'delete', path, request_dict, http_options
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #0a166998a3b93b3e Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/caches.py:1227
    response = self._api_client.request(
        'post', path, request_dict, http_options
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #ae48b78bb1da6aa4 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/caches.py:1309
    response = self._api_client.request('get', path, request_dict, http_options)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #af0dc5af43293866 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/caches.py:1391
    response = self._api_client.request(
        'delete', path, request_dict, http_options
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #c4b8f2bf13f77cb2 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/caches.py:1486
    response = self._api_client.request(
        'patch', path, request_dict, http_options
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #03028524c4b99c28 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/caches.py:1553
    response = self._api_client.request('get', path, request_dict, http_options)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #2b89df8a89d4b1b6 Environment-variable access.
pkgs/python/[email protected]/google/genai/client.py:215
      default_factory=lambda: os.getenv('GOOGLE_GENAI_CLIENT_MODE', None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8cd309485394810a Environment-variable access.
pkgs/python/[email protected]/google/genai/client.py:219
      default_factory=lambda: os.getenv('GOOGLE_GENAI_REPLAYS_DIRECTORY', None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5a50db95870b109f Environment-variable access.
pkgs/python/[email protected]/google/genai/client.py:223
      default_factory=lambda: os.getenv('GOOGLE_GENAI_REPLAY_ID', None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #696df4e1bd6d5dd9 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/documents.py:180
    response = self._api_client.request('get', path, request_dict, http_options)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #2995d56eeaed6967 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/documents.py:258
    self._api_client.request('delete', path, request_dict, http_options)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #bdde4b87e514b684 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/documents.py:301
    response = self._api_client.request('get', path, request_dict, http_options)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #f27af6777ac05707 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/file_search_stores.py:380
    response = self._api_client.request(
        'post', path, request_dict, http_options
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #7d575cbee086c88b Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/file_search_stores.py:461
    response = self._api_client.request('get', path, request_dict, http_options)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #150b85a1936ac0ec Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/file_search_stores.py:540
    self._api_client.request('delete', path, request_dict, http_options)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #e4b738dfaca51be9 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/file_search_stores.py:579
    response = self._api_client.request('get', path, request_dict, http_options)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #f165fc7b4396cc62 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/file_search_stores.py:654
    response = self._api_client.request(
        'post', path, request_dict, http_options
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #b3b0af5648760b00 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/file_search_stores.py:758
    response = self._api_client.request(
        'post', path, request_dict, http_options
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #80a905f92e1aebcb Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/files.py:221
    response = self._api_client.request('get', path, request_dict, http_options)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #ce63f62fdc7c1ed1 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/files.py:293
    response = self._api_client.request(
        'post', path, request_dict, http_options
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #5dbb13580d44f870 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/files.py:386
    response = self._api_client.request('get', path, request_dict, http_options)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #479752c7961b2e73 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/files.py:466
    response = self._api_client.request(
        'delete', path, request_dict, http_options
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #51d8bb913b222201 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/files.py:540
    response = self._api_client.request(
        'post', path, request_dict, http_options
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #3ac1893f22a351a4 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/models.py:4986
    response = self._api_client.request(
        'post', path, request_dict, http_options
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #b6b21cc10f94d5f7 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/models.py:5215
    response = self._api_client.request(
        'post', path, request_dict, http_options
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #451b5dfc02ddc701 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/models.py:5306
    response = self._api_client.request(
        'post', path, request_dict, http_options
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #0fd0cf9cae369b64 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/models.py:5395
    response = self._api_client.request(
        'post', path, request_dict, http_options
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #e3ef9357939ae8c4 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/models.py:5479
    response = self._api_client.request(
        'post', path, request_dict, http_options
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #9269b8191aaebf8e Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/models.py:5591
    response = self._api_client.request(
        'post', path, request_dict, http_options
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #bdef3076be2d7f8a Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/models.py:5694
    response = self._api_client.request(
        'post', path, request_dict, http_options
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #f14a4f173aaa9b18 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/models.py:5771
    response = self._api_client.request('get', path, request_dict, http_options)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #c95eabe591c6acdd Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/models.py:5851
    response = self._api_client.request('get', path, request_dict, http_options)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #9431815d0144db03 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/models.py:5936
    response = self._api_client.request(
        'patch', path, request_dict, http_options
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #ae8fbe730e6974f7 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/models.py:6017
    response = self._api_client.request(
        'delete', path, request_dict, http_options
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #2e5aeea11cd8a18b Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/models.py:6127
    response = self._api_client.request(
        'post', path, request_dict, http_options
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #4a22d6790fd282e1 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/models.py:6235
    response = self._api_client.request(
        'post', path, request_dict, http_options
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #de659f9434cbe8f3 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/models.py:6327
    response = self._api_client.request(
        'post', path, request_dict, http_options
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #3c070ee13739da6e Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/operations.py:138
    response = self._api_client.request('get', path, request_dict, http_options)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #883becef477b5b74 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/operations.py:189
    response = self._api_client.request(
        'post', path, request_dict, http_options
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #b7f5c170f2ef291e Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/operations.py:238
    response = self._api_client.request('get', path, request_dict, http_options)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #29d56a10eeea0ed3 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/tokens.py:257
    response = self._api_client.request(
        'post', path, request_dict, http_options
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #0401e3a7a6257ad7 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/tunings.py:2490
    response = self._api_client.request('get', path, request_dict, http_options)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #cd8fb05d03de2460 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/tunings.py:2567
    response = self._api_client.request('get', path, request_dict, http_options)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #396a326882ae27db Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/tunings.py:2653
    response = self._api_client.request(
        'post', path, request_dict, http_options
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #f3d8560e31efbbfd Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/tunings.py:2751
    response = self._api_client.request(
        'post', path, request_dict, http_options
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #e26d2f8bdde5f586 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/tunings.py:2844
    response = self._api_client.request(
        'post', path, request_dict, http_options
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #c48a7ba50dc97121 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/google/genai/tunings.py:2961
    response = self._api_client.request(
        'post', path, request_dict, http_options
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #100172eb65114219 Filesystem access.
pkgs/python/[email protected]/google/genai/types.py:9089
    image_bytes = pathlib.Path(location).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d5df57089e7628e2 Filesystem access.
pkgs/python/[email protected]/google/genai/types.py:11474
    video_bytes = pathlib.Path(location).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #06a0507edcd2c271 Filesystem access.
pkgs/python/[email protected]/google/genai/types.py:22544
    with open(file_path, 'w', encoding='utf-8') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

httpx

python dependency
expand_more 4 low-confidence finding(s)
low env_fs dependency Excluded from app score #017b078f76ee1fa3 Environment-variable access.
pkgs/python/[email protected]/httpx/_config.py:34
        if trust_env and os.environ.get("SSL_CERT_FILE"):  # pragma: nocover

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #01b04c1207d21a28 Environment-variable access.
pkgs/python/[email protected]/httpx/_config.py:35
            ctx = ssl.create_default_context(cafile=os.environ["SSL_CERT_FILE"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ddf00f270a61044c Environment-variable access.
pkgs/python/[email protected]/httpx/_config.py:36
        elif trust_env and os.environ.get("SSL_CERT_DIR"):  # pragma: nocover

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8d729422d3070886 Environment-variable access.
pkgs/python/[email protected]/httpx/_config.py:37
            ctx = ssl.create_default_context(capath=os.environ["SSL_CERT_DIR"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

httpx-auth

python dependency
expand_more 6 low-confidence finding(s)
low egress dependency Excluded from app score #031f38e3e59ec5df Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/httpx_auth/_oauth2/authentication_responses_server.py:198
            httpx.get(url)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #a81342598af60bd8 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/httpx_auth/_oauth2/authentication_responses_server.py:201
        httpx.get(url)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #68daa5094dd3d473 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/httpx_auth/_oauth2/common.py:74
    response = client.post(url, data=data)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #e5a4a4d44b0cffc5 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/httpx_auth/testing.py:219
        favicon_response = urllib.request.urlopen(f"{scheme}://{netloc}/favicon.ico")

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #14c37656e25550c9 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/httpx_auth/testing.py:223
        content = urllib.request.urlopen(self.reply_url, data=self.data).read()

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #85082df2512d0a1a Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/httpx_auth/testing.py:239
        return urllib.request.urlopen(reply_url, data=self.data).read()

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

hyperbrowser

python dependency
expand_more 164 low-confidence finding(s)
low env_fs dependency Excluded from app score #70248320fe662c92 Environment-variable access.
pkgs/python/[email protected]/hyperbrowser/client/base.py:25
                    else os.environ.get("HYPERBROWSER_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8d01337fab619689 Environment-variable access.
pkgs/python/[email protected]/hyperbrowser/client/base.py:30
                    else os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #649e423dd6fac395 Environment-variable access.
pkgs/python/[email protected]/hyperbrowser/client/base.py:30
                    else os.environ.get(
                        "HYPERBROWSER_BASE_URL", "https://api.hyperbrowser.ai"
                    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #12b7e0e21536fe84 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/agents/browser_use.py:30
        response = await self._client.transport.post(
            self._client._build_url("/task/browser-use"),
            data=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #220f229a37261c00 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/agents/browser_use.py:37
        response = await self._client.transport.get(
            self._client._build_url(f"/task/browser-use/{job_id}")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #44c5a4367dc1201c Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/agents/browser_use.py:43
        response = await self._client.transport.get(
            self._client._build_url(f"/task/browser-use/{job_id}/status")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #e43e640a26f39f9f Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/agents/browser_use.py:49
        response = await self._client.transport.put(
            self._client._build_url(f"/task/browser-use/{job_id}/stop")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #af743d49cf2f0514 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/agents/claude_computer_use.py:22
        response = await self._client.transport.post(
            self._client._build_url("/task/claude-computer-use"),
            data=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #6dbef962e10142dc Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/agents/claude_computer_use.py:29
        response = await self._client.transport.get(
            self._client._build_url(f"/task/claude-computer-use/{job_id}")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #4802daf54971dd8b Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/agents/claude_computer_use.py:35
        response = await self._client.transport.get(
            self._client._build_url(f"/task/claude-computer-use/{job_id}/status")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #a79f4d8203cae3f4 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/agents/claude_computer_use.py:41
        response = await self._client.transport.put(
            self._client._build_url(f"/task/claude-computer-use/{job_id}/stop")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #41ae5c5c7375d888 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/agents/cua.py:20
        response = await self._client.transport.post(
            self._client._build_url("/task/cua"),
            data=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #aee9e7c83c3c8e5b Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/agents/cua.py:27
        response = await self._client.transport.get(
            self._client._build_url(f"/task/cua/{job_id}")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #470dc107a4d8aa3b Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/agents/cua.py:33
        response = await self._client.transport.get(
            self._client._build_url(f"/task/cua/{job_id}/status")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #d4b074eb1d2b7bc5 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/agents/cua.py:39
        response = await self._client.transport.put(
            self._client._build_url(f"/task/cua/{job_id}/stop")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #4d18f70835ce844d Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/agents/gemini_computer_use.py:22
        response = await self._client.transport.post(
            self._client._build_url("/task/gemini-computer-use"),
            data=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #fff51ea1b1ae80e3 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/agents/gemini_computer_use.py:29
        response = await self._client.transport.get(
            self._client._build_url(f"/task/gemini-computer-use/{job_id}")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #4f70bc07d0fd2d91 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/agents/gemini_computer_use.py:35
        response = await self._client.transport.get(
            self._client._build_url(f"/task/gemini-computer-use/{job_id}/status")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #c5c43a1ac6032897 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/agents/gemini_computer_use.py:41
        response = await self._client.transport.put(
            self._client._build_url(f"/task/gemini-computer-use/{job_id}/stop")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #040bde2b49a31090 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/agents/hyper_agent.py:22
        response = await self._client.transport.post(
            self._client._build_url("/task/hyper-agent"),
            data=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #be9ee32354a15b6d Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/agents/hyper_agent.py:29
        response = await self._client.transport.get(
            self._client._build_url(f"/task/hyper-agent/{job_id}")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #5925541dae522000 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/agents/hyper_agent.py:35
        response = await self._client.transport.get(
            self._client._build_url(f"/task/hyper-agent/{job_id}/status")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #87acb52ad3d9e4de Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/agents/hyper_agent.py:41
        response = await self._client.transport.put(
            self._client._build_url(f"/task/hyper-agent/{job_id}/stop")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #3afc71ef291e7b13 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/computer_action.py:43
        response = await self._client.transport.post(
            session.computer_action_endpoint,
            data=payload,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #373300c949e9a00b Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/crawl.py:20
        response = await self._client.transport.post(
            self._client._build_url("/crawl"),
            data=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #22eaab9450a7b1a4 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/crawl.py:27
        response = await self._client.transport.get(
            self._client._build_url(f"/crawl/{job_id}/status")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #a3a00896b6b2c307 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/crawl.py:35
        response = await self._client.transport.get(
            self._client._build_url(f"/crawl/{job_id}"),
            params=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #e2f32f6dc9f75ef9 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/extension.py:20
        response = await self._client.transport.post(
            self._client._build_url("/extensions/add"),
            data=(
                {}
                if params is None
                else params.model_dump(exclude_none=True, by_alias=True)
            ),
            files={"file": open(file_path, "rb")},
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #324264edbc3030b2 Filesystem access.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/extension.py:27
            files={"file": open(file_path, "rb")},

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #53d8ac807d537d73 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/extension.py:32
        response = await self._client.transport.get(
            self._client._build_url("/extensions/list"),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #479e8d232f0e4571 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/extract.py:26
        response = await self._client.transport.post(
            self._client._build_url("/extract"),
            data=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #cbaaf6349eb40fa6 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/extract.py:33
        response = await self._client.transport.get(
            self._client._build_url(f"/extract/{job_id}/status")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #e1e57b44720d22a9 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/extract.py:39
        response = await self._client.transport.get(
            self._client._build_url(f"/extract/{job_id}")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #9af42c612947038e Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/profile.py:17
        response = await self._client.transport.post(
            self._client._build_url("/profile"),
            data=(
                {}
                if params is None
                else params.model_dump(exclude_none=True, by_alias=True)
            ),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #c925706a84c5b32e Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/profile.py:30
        response = await self._client.transport.post(
            self._client._build_url(f"/profile/{id}/fork"),
            data=(
                {}
                if params is None
                else params.model_dump(exclude_none=True, by_alias=True)
            ),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #701b1100e6db079f Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/profile.py:41
        response = await self._client.transport.get(
            self._client._build_url(f"/profile/{id}"),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #0c04fd68dcec22df Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/profile.py:55
        response = await self._client.transport.get(
            self._client._build_url("/profiles"),
            params=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #18013076dbde4ecb Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/sandbox.py:688
            response = await self._client.transport.client.request(
                method,
                self._client._build_url(path),
                params={k: v for k, v in (params or {}).items() if v is not None},
                json=data,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #8e07edd1f31c1f42 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/sandboxes/sandbox_transport.py:265
            response = await client.request(
                method,
                target.url,
                headers=merged_headers,
                json=json_body,
                content=content,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #ea83295ddeed000c Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/scrape.py:27
        response = await self._client.transport.post(
            self._client._build_url("/scrape/batch"),
            data=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #0f6ad22477518bc5 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/scrape.py:34
        response = await self._client.transport.get(
            self._client._build_url(f"/scrape/batch/{job_id}/status")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #14c036a2ecff28f1 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/scrape.py:42
        response = await self._client.transport.get(
            self._client._build_url(f"/scrape/batch/{job_id}"),
            params=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #8c55d35f2a340159 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/scrape.py:134
        response = await self._client.transport.post(
            self._client._build_url("/scrape"),
            data=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #95749e00678310b8 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/scrape.py:141
        response = await self._client.transport.get(
            self._client._build_url(f"/scrape/{job_id}/status")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #7b7d4ceaab6b12cb Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/scrape.py:147
        response = await self._client.transport.get(
            self._client._build_url(f"/scrape/{job_id}")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #5e38d2d81b0d785d Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/session.py:40
        response = await self._client.transport.get(
            self._client._build_url(f"/session/{session_id}/event-logs"),
            params=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #48985b26745e53d8 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/session.py:55
        response = await self._client.transport.post(
            self._client._build_url("/session"),
            data=(
                {}
                if params is None
                else params.model_dump(exclude_none=True, by_alias=True)
            ),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #e9e3f6cfaa1af4a1 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/session.py:68
        response = await self._client.transport.get(
            self._client._build_url(f"/session/{id}"),
            params=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #c826321f2133201f Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/session.py:75
        response = await self._client.transport.put(
            self._client._build_url(f"/session/{id}/stop")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #25af3c2876822cae Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/session.py:81
        response = await self._client.transport.post(
            self._client._build_url(f"/session/{id}/snapshot"),
            data={},
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #40d55aca7c1d2065 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/session.py:93
        response = await self._client.transport.post(
            self._client._build_url(f"/session/{id}/captcha/evaluate"),
            data=params_obj.model_dump(exclude_none=True, by_alias=True),
            timeout=max(
                self._client.timeout, CAPTCHA_EVALUATION_REQUEST_TIMEOUT_SECONDS
            ),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #3d79446eefe00644 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/session.py:105
        response = await self._client.transport.get(
            self._client._build_url("/sessions"),
            params=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #47e72f9353f8bca1 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/session.py:112
        response = await self._client.transport.get(
            self._client._build_url(f"/session/{id}/recording"), None, True
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #060faba268617f01 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/session.py:118
        response = await self._client.transport.get(
            self._client._build_url(f"/session/{id}/recording-url")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #2f4828c3094806cc Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/session.py:126
        response = await self._client.transport.get(
            self._client._build_url(f"/session/{id}/video-recording-url")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #24fae9e4df727e28 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/session.py:132
        response = await self._client.transport.get(
            self._client._build_url(f"/session/{id}/downloads-url")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #ca7136c9d5f8cb6a Filesystem access.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/session.py:142
            with open(file_input, "rb") as file_obj:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #e0c1fb464ee3ff6b Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/session.py:144
                response = await self._client.transport.post(
                    self._client._build_url(f"/session/{id}/uploads"),
                    files=files,
                )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #fb9e4d562b7b369f Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/session.py:150
            response = await self._client.transport.post(
                self._client._build_url(f"/session/{id}/uploads"),
                files=files,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #b5e59374cbd2d4ea Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/session.py:158
        response = await self._client.transport.put(
            self._client._build_url(f"/session/{id}/extend-session"),
            data={"durationMinutes": duration_minutes},
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #958150c99e004153 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/session.py:208
        response = await self._client.transport.put(
            self._client._build_url(f"/session/{id}/update"),
            data={
                "type": "profile",
                "params": params_obj.model_dump(exclude_none=True, by_alias=True),
            },
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #c5e484afe9b02afc Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/session.py:222
        response = await self._client.transport.put(
            self._client._build_url(f"/session/{id}/update"),
            data={
                "type": "proxy",
                "params": params.model_dump(exclude_none=True, by_alias=True),
            },
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #661555ec92b9c19c Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/session.py:236
        response = await self._client.transport.put(
            self._client._build_url(f"/session/{id}/update"),
            data={
                "type": "screen",
                "params": params.model_dump(exclude_none=True, by_alias=True),
            },
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #499f84c61eea1e79 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/session.py:251
        response = await self._client.transport.put(
            self._client._build_url(f"/session/{id}/update"),
            data={
                "type": "solveCaptchas",
                "params": {
                    "enabled": True,
                    **params_obj.model_dump(exclude_none=True, by_alias=True),
                },
            },
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #9ffd694f59d92cea Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/session.py:264
        response = await self._client.transport.put(
            self._client._build_url(f"/session/{id}/update"),
            data={
                "type": "solveCaptchas",
                "params": {
                    "enabled": False,
                },
            },
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #9b770c344dd76dad Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/team.py:9
        response = await self._client.transport.get(
            self._client._build_url("/team/credit-info")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #5a6d6226af86f06b Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/volume.py:12
        response = await self._client.transport.post(
            self._client._build_url("/volume"),
            data=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #872ac904a0052988 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/volume.py:19
        response = await self._client.transport.get(self._client._build_url("/volume"))

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #aa66b234d626c26a Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/volume.py:23
        response = await self._client.transport.get(
            self._client._build_url(f"/volume/{volume_id}")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #e540befc4d69f180 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/web/__init__.py:30
        response = await self._client.transport.post(
            self._client._build_url("/web/fetch"),
            data=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #046771ce7ddfdfc3 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/web/__init__.py:37
        response = await self._client.transport.post(
            self._client._build_url("/web/search"),
            data=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #535730d7af6431ae Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/web/batch_fetch.py:33
        response = await self._client.transport.post(
            self._client._build_url("/web/batch-fetch"),
            data=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #272fca146cc2a0db Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/web/batch_fetch.py:40
        response = await self._client.transport.get(
            self._client._build_url(f"/web/batch-fetch/{job_id}/status")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #9ac4fe5a83fa5d1d Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/web/batch_fetch.py:48
        response = await self._client.transport.get(
            self._client._build_url(f"/web/batch-fetch/{job_id}"),
            params=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #d0956f165e9e5093 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/web/crawl.py:31
        response = await self._client.transport.post(
            self._client._build_url("/web/crawl"),
            data=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #7dda4c9660b6b29f Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/web/crawl.py:38
        response = await self._client.transport.get(
            self._client._build_url(f"/web/crawl/{job_id}/status")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #6797358dc8b4733e Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/async_manager/web/crawl.py:46
        response = await self._client.transport.get(
            self._client._build_url(f"/web/crawl/{job_id}"),
            params=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #e2272c6196e32da2 Filesystem access.
pkgs/python/[email protected]/hyperbrowser/client/managers/sandboxes/image_build.py:150
    with open(artifact_path, "rb") as artifact:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #fde1d8d68d58b357 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sandboxes/image_build.py:151
        response = httpx.request(
            method,
            upload.url,
            content=artifact,
            headers=headers,
            timeout=timeout,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #3f32c0900126c61b Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/agents/browser_use.py:28
        response = self._client.transport.post(
            self._client._build_url("/task/browser-use"),
            data=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #684dc26d36b2034e Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/agents/browser_use.py:35
        response = self._client.transport.get(
            self._client._build_url(f"/task/browser-use/{job_id}")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #aa23b44fef64e45a Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/agents/browser_use.py:41
        response = self._client.transport.get(
            self._client._build_url(f"/task/browser-use/{job_id}/status")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #d303666217058a54 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/agents/browser_use.py:47
        response = self._client.transport.put(
            self._client._build_url(f"/task/browser-use/{job_id}/stop")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #28dd4591ffedab5f Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/agents/claude_computer_use.py:22
        response = self._client.transport.post(
            self._client._build_url("/task/claude-computer-use"),
            data=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #b2d76dd0ea0ad39d Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/agents/claude_computer_use.py:29
        response = self._client.transport.get(
            self._client._build_url(f"/task/claude-computer-use/{job_id}")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #200a69ebca41a585 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/agents/claude_computer_use.py:35
        response = self._client.transport.get(
            self._client._build_url(f"/task/claude-computer-use/{job_id}/status")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #559517f696a2c36e Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/agents/claude_computer_use.py:41
        response = self._client.transport.put(
            self._client._build_url(f"/task/claude-computer-use/{job_id}/stop")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #191798d72f110c30 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/agents/cua.py:20
        response = self._client.transport.post(
            self._client._build_url("/task/cua"),
            data=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #15a37d77748c6a89 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/agents/cua.py:27
        response = self._client.transport.get(
            self._client._build_url(f"/task/cua/{job_id}")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #5b08cec4d463f4a7 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/agents/cua.py:33
        response = self._client.transport.get(
            self._client._build_url(f"/task/cua/{job_id}/status")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #5dcdbca1d14ad85d Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/agents/cua.py:39
        response = self._client.transport.put(
            self._client._build_url(f"/task/cua/{job_id}/stop")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #106a7f3eac0faba9 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/agents/gemini_computer_use.py:22
        response = self._client.transport.post(
            self._client._build_url("/task/gemini-computer-use"),
            data=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #c2a04af2602c3c7d Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/agents/gemini_computer_use.py:29
        response = self._client.transport.get(
            self._client._build_url(f"/task/gemini-computer-use/{job_id}")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #885a14b03ee78468 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/agents/gemini_computer_use.py:35
        response = self._client.transport.get(
            self._client._build_url(f"/task/gemini-computer-use/{job_id}/status")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #284564d9a827fc87 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/agents/gemini_computer_use.py:41
        response = self._client.transport.put(
            self._client._build_url(f"/task/gemini-computer-use/{job_id}/stop")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #99963bb387a952d3 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/agents/hyper_agent.py:20
        response = self._client.transport.post(
            self._client._build_url("/task/hyper-agent"),
            data=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #ba23150a6736b139 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/agents/hyper_agent.py:27
        response = self._client.transport.get(
            self._client._build_url(f"/task/hyper-agent/{job_id}")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #0e8689cca07cc6bf Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/agents/hyper_agent.py:33
        response = self._client.transport.get(
            self._client._build_url(f"/task/hyper-agent/{job_id}/status")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #2e7e2570a68372a0 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/agents/hyper_agent.py:39
        response = self._client.transport.put(
            self._client._build_url(f"/task/hyper-agent/{job_id}/stop")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #47be77405feeaa96 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/computer_action.py:43
        response = self._client.transport.post(
            session.computer_action_endpoint,
            data=payload,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #0d44ba59697d1164 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/crawl.py:21
        response = self._client.transport.post(
            self._client._build_url("/crawl"),
            data=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #e298e542be7291f5 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/crawl.py:28
        response = self._client.transport.get(
            self._client._build_url(f"/crawl/{job_id}/status")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #5c6d2b5643b45ee7 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/crawl.py:36
        response = self._client.transport.get(
            self._client._build_url(f"/crawl/{job_id}"),
            params=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #545706348d831aee Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/extension.py:20
        response = self._client.transport.post(
            self._client._build_url("/extensions/add"),
            data=(
                {}
                if params is None
                else params.model_dump(exclude_none=True, by_alias=True)
            ),
            files={"file": open(file_path, "rb")},
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #5c376bb2608bc50d Filesystem access.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/extension.py:27
            files={"file": open(file_path, "rb")},

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #73c813082b9abe9d Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/extension.py:32
        response = self._client.transport.get(
            self._client._build_url("/extensions/list"),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #4c8cfed4920bfcac Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/extract.py:26
        response = self._client.transport.post(
            self._client._build_url("/extract"),
            data=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #35506cdc399460d0 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/extract.py:33
        response = self._client.transport.get(
            self._client._build_url(f"/extract/{job_id}/status")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #243ea1ad73314d7a Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/extract.py:39
        response = self._client.transport.get(
            self._client._build_url(f"/extract/{job_id}")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #c45e87b01b4ef81f Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/profile.py:17
        response = self._client.transport.post(
            self._client._build_url("/profile"),
            data=(
                {}
                if params is None
                else params.model_dump(exclude_none=True, by_alias=True)
            ),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #1de685a00e26895b Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/profile.py:28
        response = self._client.transport.post(
            self._client._build_url(f"/profile/{id}/fork"),
            data=(
                {}
                if params is None
                else params.model_dump(exclude_none=True, by_alias=True)
            ),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #fa066be2b774ff0b Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/profile.py:39
        response = self._client.transport.get(
            self._client._build_url(f"/profile/{id}"),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #2ad353a833bdd0bb Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/profile.py:53
        response = self._client.transport.get(
            self._client._build_url("/profiles"),
            params=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #5bead5aa80ddb546 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/sandbox.py:677
            response = self._client.transport.client.request(
                method,
                self._client._build_url(path),
                params={k: v for k, v in (params or {}).items() if v is not None},
                json=data,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #63d9c3c35c9d5812 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/sandboxes/sandbox_transport.py:263
            response = client.request(
                method,
                target.url,
                headers=merged_headers,
                json=json_body,
                content=content,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #c5100fbe403e65df Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/scrape.py:25
        response = self._client.transport.post(
            self._client._build_url("/scrape/batch"),
            data=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #d7908f1992c639be Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/scrape.py:32
        response = self._client.transport.get(
            self._client._build_url(f"/scrape/batch/{job_id}/status")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #22d88d169753a4d2 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/scrape.py:40
        response = self._client.transport.get(
            self._client._build_url(f"/scrape/batch/{job_id}"),
            params=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #5ef1c4ae0fcc3a26 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/scrape.py:132
        response = self._client.transport.post(
            self._client._build_url("/scrape"),
            data=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #ea1c5a63ca5cd500 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/scrape.py:139
        response = self._client.transport.get(
            self._client._build_url(f"/scrape/{job_id}/status")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #4193b110f777570e Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/scrape.py:145
        response = self._client.transport.get(
            self._client._build_url(f"/scrape/{job_id}")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #31d362b19684ab66 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/session.py:39
        response = self._client.transport.get(
            self._client._build_url(f"/session/{session_id}/event-logs"),
            params=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #84df747797a8d48f Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/session.py:54
        response = self._client.transport.post(
            self._client._build_url("/session"),
            data=(
                {}
                if params is None
                else params.model_dump(exclude_none=True, by_alias=True)
            ),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #18c248e718377891 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/session.py:67
        response = self._client.transport.get(
            self._client._build_url(f"/session/{id}"),
            params=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #800abb98a1e48d85 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/session.py:74
        response = self._client.transport.put(
            self._client._build_url(f"/session/{id}/stop")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #e2dfe3f634dec00e Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/session.py:80
        response = self._client.transport.post(
            self._client._build_url(f"/session/{id}/snapshot"),
            data={},
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #72328c3ecbd7a7b7 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/session.py:92
        response = self._client.transport.post(
            self._client._build_url(f"/session/{id}/captcha/evaluate"),
            data=params_obj.model_dump(exclude_none=True, by_alias=True),
            timeout=max(
                self._client.timeout, CAPTCHA_EVALUATION_REQUEST_TIMEOUT_SECONDS
            ),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #4c09d7a76ea4e0f2 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/session.py:104
        response = self._client.transport.get(
            self._client._build_url("/sessions"),
            params=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #9ef949eb2ca54be0 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/session.py:111
        response = self._client.transport.get(
            self._client._build_url(f"/session/{id}/recording"), None, True
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #a582167d8ec016ff Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/session.py:117
        response = self._client.transport.get(
            self._client._build_url(f"/session/{id}/recording-url")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #2a1eb218a15b7fa5 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/session.py:123
        response = self._client.transport.get(
            self._client._build_url(f"/session/{id}/video-recording-url")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #9281bf27d1f7dec2 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/session.py:129
        response = self._client.transport.get(
            self._client._build_url(f"/session/{id}/downloads-url")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #b357010e1e48aebc Filesystem access.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/session.py:137
            with open(file_input, "rb") as file_obj:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #cad77cc7ef45ad3c Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/session.py:139
                response = self._client.transport.post(
                    self._client._build_url(f"/session/{id}/uploads"),
                    files=files,
                )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #85e78f68b75ce69c Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/session.py:145
            response = self._client.transport.post(
                self._client._build_url(f"/session/{id}/uploads"),
                files=files,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #5d80201ba8811289 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/session.py:153
        response = self._client.transport.put(
            self._client._build_url(f"/session/{id}/extend-session"),
            data={"durationMinutes": duration_minutes},
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #b9caf33989d7b37f Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/session.py:203
        response = self._client.transport.put(
            self._client._build_url(f"/session/{id}/update"),
            data={
                "type": "profile",
                "params": params_obj.model_dump(exclude_none=True, by_alias=True),
            },
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #87aa9794ce9ed702 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/session.py:217
        response = self._client.transport.put(
            self._client._build_url(f"/session/{id}/update"),
            data={
                "type": "proxy",
                "params": params.model_dump(exclude_none=True, by_alias=True),
            },
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #639768687397e1d1 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/session.py:231
        response = self._client.transport.put(
            self._client._build_url(f"/session/{id}/update"),
            data={
                "type": "screen",
                "params": params.model_dump(exclude_none=True, by_alias=True),
            },
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #5555eb3e9f5c1dba Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/session.py:246
        response = self._client.transport.put(
            self._client._build_url(f"/session/{id}/update"),
            data={
                "type": "solveCaptchas",
                "params": {
                    "enabled": True,
                    **params_obj.model_dump(exclude_none=True, by_alias=True),
                },
            },
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #4cdc988a52568516 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/session.py:259
        response = self._client.transport.put(
            self._client._build_url(f"/session/{id}/update"),
            data={
                "type": "solveCaptchas",
                "params": {
                    "enabled": False,
                },
            },
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #ac95f9f5ec75b972 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/team.py:9
        response = self._client.transport.get(
            self._client._build_url("/team/credit-info")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #e5b7048fc23428b5 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/volume.py:12
        response = self._client.transport.post(
            self._client._build_url("/volume"),
            data=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #11ee0ba944e3d41f Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/volume.py:19
        response = self._client.transport.get(self._client._build_url("/volume"))

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #55ebd3937e52e30b Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/volume.py:23
        response = self._client.transport.get(
            self._client._build_url(f"/volume/{volume_id}")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #e5d06912f0b7c663 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/web/__init__.py:30
        response = self._client.transport.post(
            self._client._build_url("/web/fetch"),
            data=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #432e11d79819000a Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/web/__init__.py:37
        response = self._client.transport.post(
            self._client._build_url("/web/search"),
            data=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #d565b1fbf7f461d0 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/web/batch_fetch.py:31
        response = self._client.transport.post(
            self._client._build_url("/web/batch-fetch"),
            data=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #00a24b364f86848b Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/web/batch_fetch.py:38
        response = self._client.transport.get(
            self._client._build_url(f"/web/batch-fetch/{job_id}/status")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #74d2349939a2a51b Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/web/batch_fetch.py:46
        response = self._client.transport.get(
            self._client._build_url(f"/web/batch-fetch/{job_id}"),
            params=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #60d98dd93515d198 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/web/crawl.py:31
        response = self._client.transport.post(
            self._client._build_url("/web/crawl"),
            data=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #5afd4b09a66a30b2 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/web/crawl.py:38
        response = self._client.transport.get(
            self._client._build_url(f"/web/crawl/{job_id}/status")
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #a7cdc4b84bf0816c Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/client/managers/sync_manager/web/crawl.py:46
        response = self._client.transport.get(
            self._client._build_url(f"/web/crawl/{job_id}"),
            params=params.model_dump(exclude_none=True, by_alias=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #1c464fb8689b9e32 Environment-variable access.
pkgs/python/[email protected]/hyperbrowser/config.py:16
        api_key = os.environ.get("HYPERBROWSER_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #515472501c5a61ff Environment-variable access.
pkgs/python/[email protected]/hyperbrowser/config.py:20
        base_url = os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #51c7b91e39c9cc25 Environment-variable access.
pkgs/python/[email protected]/hyperbrowser/config.py:20
        base_url = os.environ.get(
            "HYPERBROWSER_BASE_URL", "https://api.hyperbrowser.ai"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #48c2045a6851074d Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/transport/async_transport.py:81
                response = await self.client.post(url, data=data, files=files, **kwargs)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #e623172343e2964d Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/transport/async_transport.py:83
                response = await self.client.post(url, json=data, **kwargs)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #df148d5c83b36e41 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/transport/async_transport.py:96
            response = await self.client.get(
                url, params=params, follow_redirects=follow_redirects
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #5458e014ea7ad91b Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/transport/async_transport.py:107
            response = await self.client.put(url, json=data)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #3709373764cbd065 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/transport/sync.py:60
                response = self.client.post(url, data=data, files=files, **kwargs)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #fce512af4e4c16b8 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/transport/sync.py:62
                response = self.client.post(url, json=data, **kwargs)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #644014616f40f128 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/transport/sync.py:75
            response = self.client.get(
                url, params=params, follow_redirects=follow_redirects
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #2162da7922400ce5 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/hyperbrowser/transport/sync.py:86
            response = self.client.put(url, json=data)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

ibm-watsonx-ai

python dependency
expand_more 203 low-confidence finding(s)
low env_fs tooling reachable #9f310ac3f83ae3c3 Environment-variable access.
pkgs/python/[email protected]/docs/utils.py:62
    Version.from_tag(os.environ["DOCUMENTATION_MAX_TAG"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #6355110b40673606 Environment-variable access.
pkgs/python/[email protected]/docs/utils.py:63
    if "DOCUMENTATION_MAX_TAG" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #e07197a2882da554 Filesystem access.
pkgs/python/[email protected]/docs/write_redirects.py:51
        source_file_path.write_text(
            REDIRECT_HTML.format(target=target), encoding="utf-8"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d3e0667dae16cd13 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/_wrappers/httpx/global_httpx_settings.py:39
        match os.environ.get("WX_CLIENT_VERIFY_REQUESTS"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cddaba506e9d7563 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/_wrappers/httpx/rate_limited_retry/rate_limited_retry_decorator.py:97
        if (env_value := os.environ.get(env_var_name)) is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4c93c50742bf772a Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/_wrappers/httpx/rate_limited_retry/rate_limited_retry_decorator.py:137
        if (env_value := os.environ.get("WATSONX_RETRY_STATUS_CODES")) is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b118eaadfed743f2 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/ai_services.py:1428
            filename.write_text(code, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #21c31d1c3e288e9d Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/client.py:408
            os.environ["DEPLOYMENT_PLATFORM"] = "private"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #152adf6bf1fd3b9e Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/client.py:411
                response_get_wml_services = self.httpx_client.get(
                    f"{self.credentials.url}/ml/wml_services/v2/version",
                    headers={"User-Agent": get_user_agent_header()},
                )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #91e8fd36e056e35f Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/client.py:471
                os.environ["DEPLOYMENT_PRIVATE"] = "icp4d"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3727f70d5b10d98d Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/client.py:877
            return (path / file_name).read_text().strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2f86cf9b31b7ef05 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/client.py:965
        if client_headers_env := os.environ.get("IBM_SDK_API_CLIENT_HEADERS"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9f620c7c59835370 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/credentials.py:186
            return Path(filename).read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #92aa6c5a4e25cd68 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/credentials.py:207
                f(os.environ[k])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #85bfcd068c998fba Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/credentials.py:209
                if os.environ.get(k) is not None and os.environ.get(k) != ""

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3d866326429ea2f0 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/credentials.py:222
                os.environ[env_key] = str(self.__dict__[property_key])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f1c6871660261af8 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/data_loaders/datasets/base_documents.py:330
            get_max_sample_size_limit() if os.getenv("MEM", False) else None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c272e6a858e5159c Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/data_loaders/datasets/tabular.py:431
            get_max_sample_size_limit() if os.getenv("MEM", False) else None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #51aeb93531f2febc Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/deployment/base_deployment.py:748
            with redirect_stdout(open(os.devnull, "w")):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7cc66e44e1ea0643 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/deployment/base_deployment.py:763
                    with redirect_stdout(open(os.devnull, "w")):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #ebc22d7eabc9dd5f Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/deployments.py:363
        response = self._client.httpx_client.post(
            self._client._href_definitions.get_deployments_href(),
            json=payload_meta_props,
            params=self._client._params(),  # version is mandatory
            headers=self._client._get_headers(),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #c23aab2b3497d26b Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/deployments.py:471
        response = await self._client.async_httpx_client.post(
            self._client._href_definitions.get_deployments_href(),
            json=payload_meta_props,
            params=self._client._params(),  # version is mandatory
            headers=await self._client._aget_headers(),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #f3fe851635b7bd0d Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/deployments.py:597
        res = self._client.httpx_client.get(
            self._client._href_definitions.get_deployments_href(),
            params=params,
            headers=self._client._get_headers(),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #b1c09ffc59778e62 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/deployments.py:649
        res = await self._client.async_httpx_client.get(
            self._client._href_definitions.get_deployments_href(),
            params=params,
            headers=await self._client._aget_headers(),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #523f8c7fd751672d Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/deployments.py:1214
        response_scoring = self._client.httpx_client.post(
            self._client._href_definitions.get_deployment_predictions_href(
                deployment_id
            ),
            json=payload,
            params=params,  # version parameter is mandatory
            headers=headers,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #771d483dbe502a79 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/deployments.py:1276
        response_scoring = await self._client.async_httpx_client.post(
            self._client._href_definitions.get_deployment_predictions_href(
                deployment_id
            ),
            json=payload,
            params=params,  # version parameter is mandatory
            headers=headers,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #90bb39ec9302d269 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/deployments.py:1998
        response_scoring = self._client.httpx_client.post(
            self._client._href_definitions.get_async_deployment_job_href(),
            params=params,
            json=scoring_payload,
            headers=headers,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #9c08946937e20bb1 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/deployments.py:2105
        response_scoring = await self._client.async_httpx_client.post(
            self._client._href_definitions.get_async_deployment_job_href(),
            params=params,
            json=scoring_payload,
            headers=headers,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #49100bf9890bd52a Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/experiment/autoai/autoai.py:1131
                and environ.get("ENABLE_AUTOAI", "false").lower() == "false"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f68fd69d54837036 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/experiment/autoai/optimizers/local_auto_pipelines.py:140
            with redirect_stdout(open(os.devnull, "w")):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #58eaa26877bf8a86 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/experiment/autoai/optimizers/local_auto_pipelines.py:552
            with redirect_stdout(open(os.devnull, "w")):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0ca7c68df9d184e9 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/experiment/autoai/optimizers/local_auto_pipelines.py:683
        with redirect_stdout(open(os.devnull, "w")):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #44a9b2d98e492397 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/experiment/autoai/optimizers/local_auto_pipelines.py:732
        if "CPU" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6c048f8639867634 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/experiment/autoai/optimizers/local_auto_pipelines.py:735
                    f"train_id: {train_id} --- Using {os.environ.get('CPU', 1)} CPUs"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bd789aff37eb22a8 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/experiment/autoai/optimizers/local_auto_pipelines.py:739
                    self.params.get("cpus_available", os.environ.get("CPU", 1))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f4caccc5c45a3e14 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/experiment/autoai/optimizers/local_auto_pipelines.py:753
        with redirect_stdout(open(os.devnull, "w")):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #89a0b0541550515d Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/experiment/autoai/optimizers/remote_auto_pipelines.py:882
            content = json.loads(path.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d1f61468287f873f Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/foundation_models/embeddings/embeddings.py:660
            "verify": os.environ.get("WML_CLIENT_VERIFY_REQUESTS"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1c4a474a1f198eb5 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/foundation_models/extensions/rag/pattern/pattern.py:1014
            with open(CONFIG_PATH, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #db9bbbdb7f643b9e Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/foundation_models/utils/utils.py:85
    response = httpx.get(
        url, params=params, headers={"User-Agent": get_user_agent_header()}
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #46586df656f910f0 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/foundation_models/utils/utils.py:297
    response = httpx.get(
        f"{url}/ml/v4/custom_foundation_models",
        params=params,
        headers=client._get_headers(),
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #d4637262f6364146 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/functions.py:1445
            filename.write_text(file_content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #6bbbe29e256b3d60 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/gateway/gateway.py:476
                        response = self._client.httpx_client.post(
                            self._client._href_definitions.get_gateway_embeddings_href(),
                            headers=self._client._get_headers(
                                include_container_id=True
                            ),
                            json=request_json,
                        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #1014658c3d8180a9 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/gateway/gateway.py:522
                        response = await self._client.async_httpx_client.post(
                            self._client._href_definitions.get_gateway_embeddings_href(),
                            headers=await self._client._aget_headers(
                                include_container_id=True
                            ),
                            json=request_json,
                        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #e5e6293abf614791 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/gateway/models.py:59
        response = self._client.httpx_client.post(
            self._client._href_definitions.get_gateway_models_href(provider_id),
            headers=self._client._get_headers(include_container_id=True),
            json=request_json,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #ba2079328a77baf5 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/gateway/models.py:85
            response = self._client.httpx_client.get(
                self._client._href_definitions.get_gateway_model_href(model_id),
                headers=self._client._get_headers(include_container_id=True),
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #45e76677f6a3d90f Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/gateway/models.py:92
            response = self._client.httpx_client.get(
                self._client._href_definitions.get_gateway_models_href(provider_id),
                headers=self._client._get_headers(include_container_id=True),
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #db764ba9a56dccfe Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/gateway/models.py:99
            response = self._client.httpx_client.get(
                self._client._href_definitions.get_gateway_all_tenant_models_href(),
                headers=self._client._get_headers(include_container_id=True),
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #8bba7c81e7606422 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/gateway/policies.py:40
        response = self._client.httpx_client.post(
            self._client._href_definitions.get_gateway_policies_href(),
            headers=self._client._get_headers(),
            json=request_json,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #5fe2a10863f691b3 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/gateway/policies.py:78
        response = self._client.httpx_client.get(
            self._client._href_definitions.get_gateway_policies_href(),
            headers=self._client._get_headers(),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #a934251042e24637 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/gateway/providers.py:54
        response = self._client.httpx_client.post(
            self._client._href_definitions.get_gateway_provider_href(provider),
            headers=self._client._get_headers(),
            json=request_json,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #7d3f2ef0305c9e67 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/gateway/providers.py:74
            response = self._client.httpx_client.get(
                self._client._href_definitions.get_gateway_provider_href(provider_id),
                headers=self._client._get_headers(),
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #e4996cd82a78390f Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/gateway/providers.py:81
            response = self._client.httpx_client.get(
                self._client._href_definitions.get_gateway_providers_href(),
                headers=self._client._get_headers(),
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #8a7d42a8918a1846 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/gateway/providers.py:97
        response = self._client.httpx_client.get(
            self._client._href_definitions.get_gateway_provider_available_models_href(
                provider_id
            ),
            headers=self._client._get_headers(),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #9d5a0265d07667ed Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/gateway/rate_limits.py:52
        response = self._client.httpx_client.post(
            self._client._href_definitions.get_gateway_rate_limits_href(),
            headers=self._client._get_headers(),
            json=payload,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #8404f0299afee93f Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/gateway/rate_limits.py:154
        response = self._client.httpx_client.put(
            self._client._href_definitions.get_gateway_rate_limit_href(rate_limit_id),
            headers=self._client._get_headers(),
            json=payload,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #c40585709f5783d1 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/base_data_connection.py:308
        response = api_client.httpx_client.get(
            api_client._href_definitions.get_data_asset_href(data_asset_id),
            params=api_client._params(),
            headers=api_client._get_headers(),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #d628f89dca4a2ea3 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/base_data_connection.py:328
            response = api_client.httpx_client.get(
                api_client._href_definitions.get_attachment_href(
                    data_asset_id, attachment_id
                ),
                params=api_client._params(),
                headers=api_client._get_headers(),
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #6abe701dfe1caa56 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/base_data_connection.py:490
                os.environ.get("USER_ACCESS_TOKEN") is None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #120ac7141ca84d92 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/base_data_connection.py:491
                and os.environ.get("RUNTIME_ENV_ACCESS_TOKEN_FILE") is None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c55bb7b6fb499160 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/base_data_connection.py:575
                os.environ.get("USER_ACCESS_TOKEN") is None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #53c1d1e563ea07dd Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/base_data_connection.py:576
                and os.environ.get("RUNTIME_ENV_ACCESS_TOKEN_FILE") is None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dd35a1bd1e0cdea1 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/base_data_connection.py:760
                os.environ.get("USER_ACCESS_TOKEN") is None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #675c6b29e639c9ed Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/base_data_connection.py:761
                and os.environ.get("RUNTIME_ENV_ACCESS_TOKEN_FILE") is None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #43d1c96c18111613 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/base_data_connection.py:845
            asset_response = self._api_client.httpx_client.get(
                self._api_client._href_definitions.get_data_asset_href(asset_id),
                params=self._api_client._params(),
                headers=self._api_client._get_headers(),
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #032222842b91f5a0 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/base_data_connection.py:856
            response = self._api_client.httpx_client.get(
                self._api_client._href_definitions.get_attachment_href(
                    asset_id, attachment_id
                ),
                params=self._api_client.data_assets._client._params(),
                headers=self._api_client.data_assets._client._get_headers(),
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #a128328cb6ea8a19 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/base_data_connection.py:873
                        csv_response = self._api_client.httpx_client.get(file_asset_url)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #eef576b8e197b260 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/base_data_connection.py:1026
            csv_response = self._api_client.httpx_client.get(
                url,
                params=self._api_client._params(),
                headers=self._api_client._get_headers(),
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #6f1f1d19909f7df9 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/base_data_connection.py:1051
            with open(self.location.path, "rb") as data_buffer:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #4db8658e65e185b6 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/base_data_connection.py:1072
            csv_response = self._api_client.httpx_client.get(
                url,
                params=self._api_client._params(),
                headers=self._api_client._get_headers(),
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #cb96490feef9d32c Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/base_data_connection.py:1093
            with open(location_path, "rb") as data_buffer:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bce6ffc7ea983a8e Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/base_data_connection.py:1137
            if os.environ.get("TRAINING_NFS_PATH"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #585d1178dd128d0e Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/base_data_connection.py:1139
                base_path = Path(os.environ.get("TRAINING_NFS_PATH", ".")) / "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7f4c26ef4515b512 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/base_data_connection.py:1143
                buffer = io.BytesIO(data_path.read_bytes())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #b6ea6d349ef84c78 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/base_data_connection.py:1155
            csv_response = self._api_client.httpx_client.get(
                full_href, headers=self._api_client._get_headers()
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #31ec3553347ff18a Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/base_data_connection.py:1164
                csv_response = self._api_client.httpx_client.get(
                    full_href, headers=self._api_client._get_headers()
                )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #c9b1e303a96a3ccc Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/base_data_connection.py:1671
        response = self._api_client.httpx_client.put(
            content_upload_url,
            files={
                "file": (
                    "native",
                    data,
                    "application/octet-stream",
                    {"Expires": "0"},
                )
            },
            headers=self._api_client._get_headers(no_content_type=True),
            params=self._api_client._params(),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #2095cac347d90929 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/base_data_connection.py:1724
        if os.environ.get("RUNTIME_ENV_ACCESS_TOKEN_FILE"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c90f2fb998f27425 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/base_data_connection.py:1725
            with open(os.environ.get("RUNTIME_ENV_ACCESS_TOKEN_FILE"), "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #30eaf6301dc6452b Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/base_data_connection.py:1725
            with open(os.environ.get("RUNTIME_ENV_ACCESS_TOKEN_FILE"), "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dd5c6b2d4d9695b2 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/base_data_connection.py:1728
            token = os.environ.get("USER_ACCESS_TOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e616b3c78db37df0 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/base_data_connection.py:1763
            elif not os.environ.get("MEM", False):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #10d4dd718f4ec865 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/connections.py:1099
                    or "USER_ACCESS_TOKEN" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0bc9a401c50aab3c Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/connections.py:1100
                    or "RUNTIME_ENV_ACCESS_TOKEN_FILE" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #20e53df8028ee388 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/connections.py:1415
                        os.environ.get("USER_ACCESS_TOKEN") is None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3c803c41ce3d8c20 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/connections.py:1416
                        and os.environ.get("RUNTIME_ENV_ACCESS_TOKEN_FILE") is None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cefc66ac70ec584c Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/connections.py:1515
                        os.environ.get("USER_ACCESS_TOKEN") is None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #413a4018be067eb4 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/connections.py:1516
                        and os.environ.get("RUNTIME_ENV_ACCESS_TOKEN_FILE") is None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a27e027bc0538188 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/connections.py:1644
                or "USER_ACCESS_TOKEN" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #025c3030596471e1 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/connections.py:1645
                or "RUNTIME_ENV_ACCESS_TOKEN_FILE" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #600f1c9796591c4f Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/connections.py:2110
        response = self._api_client.httpx_client.get(
            url,
            params=params,
            headers=self._api_client._get_headers(),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #4c415936a4195bd1 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/connections.py:2668
            attachment = client.httpx_client.get(
                attachment_url, headers=client._get_headers(), params=client._params()
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #8a29615e814f7ff1 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/connections.py:2673
            attachment = client.httpx_client.get(
                attachment_url, headers=client._get_headers(), params=client._params()
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #f891acf0cf2d6156 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/connections.py:2698
        asset_info_response = workspace.api_client.httpx_client.get(
            workspace.api_client._href_definitions.get_data_asset_href(self.id),
            params=workspace.api_client._params(),
            headers=workspace.api_client._get_headers(),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #8cb503c2693a7150 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/connections.py:2895
        asset_info_response = workspace.api_client.httpx_client.get(
            href, params=params, headers=workspace.api_client._get_headers(None)
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #6b97dbcff99c190d Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/flight_service.py:81
            not os.getenv("FLIGHT_SERVICE_LOCATION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #34be900a9e81759e Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/flight_service.py:100
                os.getenv("FLIGHT_SERVICE_LOCATION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1e53ece8ea3f040a Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/flight_service.py:101
                or os.getenv("ASSET_API_SERVICE_HOST")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1ed1e4f12d0ae85a Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/flight_service.py:102
                or os.getenv("CATALOG_API_SERVICE_HOST")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #afe480c69c2f4fd5 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/flight_service.py:104
            flight_port = os.getenv("FLIGHT_SERVICE_PORT", "443")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b9f514a9597de76d Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/flight_service.py:108
                runtime_flight_service_url = os.getenv("RUNTIME_FLIGHT_SERVICE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #325c8a25229dde51 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/flight_service.py:377
        if os.environ.get("TLS_ROOT_CERTS_PATH"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c59028753539042b Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/flight_service.py:378
            self.additional_connection_args["tls_root_certs"] = os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #49ff287c3f2ba552 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/flight_service.py:378
            self.additional_connection_args["tls_root_certs"] = os.environ.get(
                "TLS_ROOT_CERTS_PATH"
            )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3ab0a4c23a3d5f17 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/flight_sql_service.py:92
        if os.environ.get("TLS_ROOT_CERTS_PATH"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #12661a80d1f90de0 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/flight_sql_service.py:93
            self.additional_connection_args["tls_root_certs"] = os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dd1619bef8a7cd1a Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/flight_sql_service.py:93
            self.additional_connection_args["tls_root_certs"] = os.environ.get(
                "TLS_ROOT_CERTS_PATH"
            )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #49da35934bd04e5b Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/helpers.py:87
    with open(script_name, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0ce6cacf3e023b28 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/href_definitions.py:530
            os.getenv("WATSONX_USE_PRIVATE_TOKEN_URL", "").strip().lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c9e9dbe977b4154f Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/import_assets.py:71
        data = file_path.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #072b60ec906ef53b Filesystem access.
repo/TestRepoSaveLoad.py:45
        output_f = open(filepath, 'wb+')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5c24f199f7752616 Filesystem access.
repo/TestRepoSaveLoad.py:66
        modelArcFile = open(gz_file_name, "wb")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dd8a2d4d4b7cb57f Environment-variable access.
repo/ml_api_client.py:42
        if 'DEPLOYMENT_PLATFORM' in os.environ and os.environ['DEPLOYMENT_PLATFORM'] == 'private':

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #c764d86a8be0f523 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/ml_api_client.py:59
        r = http.request(
            'GET',
            '{}'.format(self.host+path, urlencode(query_params)),
            headers=tmp_headers,
            preload_content=False
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #f4653b91f2e31d02 Environment-variable access.
repo/ml_api_client.py:71
        if 'DEPLOYMENT_PLATFORM' in os.environ and os.environ['DEPLOYMENT_PLATFORM'] == 'private':

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #913c13f48981a7bb Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/ml_api_client.py:89
        r = http.request(
            'GET',
            '{}'.format(self.host + path),
            headers=tmp_headers,
            preload_content=False,
            fields=query_params
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #d9ebc06f77733799 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/ml_authorization.py:85
            response = http.request(
                'POST',
                url,
                fields=oidc_data,
                encode_multipart=False,
                headers=headers
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #90d00369b9b3837a Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/ml_authorization.py:144
            response = http.request(
                      'GET',
                      url,
                      headers=headers
                     )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #75d80d66da01fccd Environment-variable access.
repo/mlrepository/artifact.py:65
                        if 'DEPLOYMENT_PRIVATE' in os.environ and os.environ['DEPLOYMENT_PRIVATE'] == 'icp4d':

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d283835801b64591 Environment-variable access.
repo/mlrepository/artifact.py:70
                        if 'DEPLOYMENT_PRIVATE' in os.environ and os.environ['DEPLOYMENT_PRIVATE'] == 'icp4d':

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #99824f893f43e7f9 Filesystem access.
repo/mlrepositoryartifact/function_artifact_loader.py:30
            gz_f = open(file_name, 'wb+')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1c84d001ec176583 Filesystem access.
repo/mlrepositoryartifact/function_artifact_reader.py:26
        return open(self.archive_path, 'rb')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #80037cdc88955cfe Filesystem access.
repo/mlrepositoryartifact/generic_archive_pipeline_model_artifact.py:126
            with open(os.path.join(path, expected_file_name)) as data_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6cc19ce2148af0c3 Filesystem access.
repo/mlrepositoryartifact/generic_file_artifact_loader.py:31
            gz_f = open(file_name, 'wb+')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #698974c709ea5083 Filesystem access.
repo/mlrepositoryartifact/generic_file_reader.py:32
        return open(self.archive_path, 'rb')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ede3fa36b279976d Filesystem access.
repo/mlrepositoryartifact/hybrid_artifact_loader.py:47
            gz_f = open(gz_file_name, 'wb+')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ea4a80214601bd80 Filesystem access.
repo/mlrepositoryartifact/hybrid_artifact_loader.py:80
            gz_f = open(output_file_name, 'wb+')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bbe261aaa65d0838 Filesystem access.
repo/mlrepositoryartifact/hybrid_pipeline_model_reader.py:56
        return open(self.archive_path, 'rb')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0beb99b2057bc324 Filesystem access.
repo/mlrepositoryartifact/libraries_artifact_loader.py:35
            gz_f = open(file_name, 'wb+')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d7e1456f8920a4f6 Filesystem access.
repo/mlrepositoryartifact/libraries_artifact_reader.py:26
        return open(self.library, 'rb')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e1f290df8651f15e Filesystem access.
repo/mlrepositoryartifact/ml_repository_artifact.py:162
                sys.stderr = open(devnull, 'w')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e0e2e04ef3e77aaa Filesystem access.
repo/mlrepositoryartifact/runtimes_artifact_loader.py:35
            gz_f = open(file_name, 'wb+')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #af2e81da1691f733 Filesystem access.
repo/mlrepositoryartifact/runtimes_artifact_reader.py:26
        return open(self.runtimespec_path, 'rt')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7d5c6c8a50312ef2 Filesystem access.
repo/mlrepositoryartifact/scikit_artifact_loader.py:41
            gz_f = open(gz_file_name, 'wb+')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #48b413eb2f2c7f2f Filesystem access.
repo/mlrepositoryartifact/scikit_pipeline_model_artifact.py:29
        sys.stderr = open(os.devnull, 'w')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #09bb2a3cce3f9e15 Filesystem access.
repo/mlrepositoryartifact/scikit_pipeline_reader.py:67
        return open(self.archive_path, 'rb')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ae39abb7d493222e Filesystem access.
repo/mlrepositoryartifact/spark_artifact_loader.py:33
            gz_f = open(gz_file_name, 'wb+')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a8dc442896b5cb81 Environment-variable access.
repo/mlrepositoryartifact/spark_pipeline_reader.py:20
        self.hummingbird_env = os.getenv('HB_RUNTIME_PROVIDER', "").upper()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #826942a7c119325d Filesystem access.
repo/mlrepositoryartifact/spark_pipeline_reader.py:57
        return open(self.archive_path, 'rb')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f2c87e2285a121bb Filesystem access.
repo/mlrepositoryartifact/tensorflow_artifact_loader.py:32
            gz_f = open(gz_file_name, 'wb+')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e8b2de25b85cc633 Filesystem access.
repo/mlrepositoryartifact/tensorflow_pipeline_reader.py:67
        return open(self.archive_path, 'rb')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4b25c6f84889f33b Filesystem access.
repo/mlrepositoryartifact/xgboost_model_reader.py:55
        return open(self.archive_path, 'rb')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #991d846510a36c68 Environment-variable access.
repo/mlrepositoryclient/ml_repository_api.py:39
        os.environ["DEPLOYMENT_PLATFORM"] = "private"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a29b91f4c8f7d703 Environment-variable access.
repo/mlrepositoryclient/ml_repository_api.py:40
        if 'DEPLOYMENT_PLATFORM' in os.environ and os.environ['DEPLOYMENT_PLATFORM'] == 'private':

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5f59a9106d340b0e Environment-variable access.
repo/mlrepositoryclient/ml_repository_api.py:73
        if 'DEPLOYMENT_PLATFORM' in os.environ and os.environ['DEPLOYMENT_PLATFORM'] == 'private':

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a7a7ba484d9c9e2b Environment-variable access.
repo/mlrepositoryclient/ml_repository_api.py:210
        os.environ["DEPLOYMENT_PLATFORM"] = "private"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #64c46f0b9852be8f Environment-variable access.
repo/mlrepositoryclient/ml_repository_api.py:211
        if 'DEPLOYMENT_PLATFORM' in os.environ and os.environ['DEPLOYMENT_PLATFORM'] == 'private':

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1ccb2d49e2053217 Environment-variable access.
repo/mlrepositoryclient/ml_repository_api.py:238
        if 'DEPLOYMENT_PLATFORM' in os.environ and os.environ['DEPLOYMENT_PLATFORM'] == 'private':

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bd0dea29630c3d02 Environment-variable access.
repo/mlrepositoryclient/ml_repository_api.py:264
        if 'DEPLOYMENT_PLATFORM' in os.environ and os.environ['DEPLOYMENT_PLATFORM'] == 'private':

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #570b0476c4108d00 Environment-variable access.
repo/mlrepositoryclient/model_collection.py:688
                if "DEPLOYMENT_PLATFORM" in os.environ and os.environ["DEPLOYMENT_PLATFORM"] == "private":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #84273d9390cff4bd Filesystem access.
repo/swagger_client/api_client.py:441
                    with open(n, 'rb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6992d1b7b9b3200b Filesystem access.
repo/swagger_client/api_client.py:532
        with open(path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #41f87733d218f9c1 Environment-variable access.
repo/swagger_client/rest.py:76
        if 'DEPLOYMENT_PLATFORM' in os.environ and os.environ['DEPLOYMENT_PLATFORM'] == 'private':

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #25b9f00d9f366b03 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/swagger_client/rest.py:136
                    r = self.pool_manager.request(method, url,
                                                  body=request_body,
                                                  headers=headers)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #f7cd1a3972f34375 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/swagger_client/rest.py:140
                    r = self.pool_manager.request(method, url,
                                                  fields=post_params,
                                                  encode_multipart=False,
                                                  headers=headers)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #473082884012b35d Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/swagger_client/rest.py:148
                    r = self.pool_manager.request(method, url,
                                                  fields=post_params,
                                                  encode_multipart=True,
                                                  headers=headers)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #3b5a7e35bf784460 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
repo/swagger_client/rest.py:154
                r = self.pool_manager.request(method, url,
                                              fields=query_params,
                                              headers=headers)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #a572e1c12b88b066 Filesystem access.
repo/util/compression_util.py:24
        with open(filepath, 'rb') as f_in, gzip.open(gzip_filepath, 'wb+') as f_out:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #96e2502f2f10d9e7 Filesystem access.
repo/util/compression_util.py:31
            output_f = open(filepath, 'wb+')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6decd54330158420 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/messages/messages.py:22
        messages = json.loads((path / file_name).read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f069707f2e37926a Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/models.py:1032
            with open("request.json", "r", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #605092a2aadac3d2 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/models.py:1199
                with open("request.json", "r", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6a9439a4cf6a4999 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/models.py:1351
            with open(t1, "rb") as f2:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d6b74a2629ee0017 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/models.py:1370
            with open(t1, "rb") as f2:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #81c5271fbbea4a03 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/models.py:1390
                with open(t2, "rb") as f1:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5cd1dcdf8a573c8a Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/models.py:1503
            with open(t1, "rb") as f2:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1b3e703d493c6315 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/models.py:2342
                json.loads(model.read_bytes())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4ec7f5ee53ac6ac1 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/models.py:2489
                json.loads(model.read_bytes())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #08f95c760ec8077d Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/auth/icp_auth.py:109
        response = self._api_client.httpx_client.post(
            token_url,
            headers={"Content-Type": "application/json"},
            content=self._get_cpd_auth_pair(),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #1bbc48966a58e50a Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/auth/icp_auth.py:128
        response = self._api_client.httpx_client.post(
            token_url,
            headers={"Content-Type": "application/x-www-form-urlencoded;charset=UTF-8"},
            content=self._get_cpd_bedrock_auth_data(),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #033eea0c4ae4c6aa Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/auth/icp_auth.py:148
        response = self._api_client.httpx_client.get(
            token_validation_url,
            headers={
                "username": self._api_client.credentials.username,
                "iam-token": iam_token,
            },
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #4e9f8e7bdda9a16c Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/auth/trusted_profile_auth.py:113
        response = self._api_client.httpx_client.post(
            self._api_client._href_definitions.get_iam_token_url(),
            params={
                "grant_type": "urn:ibm:params:oauth:grant-type:assume",
                "access_token": self._internal_auth_method.get_token(),
                "profile_id": self._trusted_profile_id,
            },
            headers=headers,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #0a44b150d6672b79 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/connection.py:193
    size_mem = int(findall(r"[0-9]+", environ.get("MEM", "32"))[0])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c8de76697d698152 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:373
            with redirect_stdout(open(os.devnull, "w")):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #72fad135db70a30e Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:387
                with open(local_model_path, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dbb9672a8354a4f9 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:499
                with redirect_stdout(open(os.devnull, "w")):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #379dc40659ce73f9 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:1087
        with open("request.json", "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #802e9dbf045207f6 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:1091
            with open(
                "request.json", "r", encoding=auto_pipelines_parameters.get("encoding")
            ) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0190c0e9291d829c Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:1105
            with open("request.json", "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #15be9131175864b9 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:1109
                with open(
                    "request.json",
                    "r",
                    encoding=auto_pipelines_parameters.get("encoding"),
                ) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8c45a08f25e5a8dd Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:1350
        with open(pipeline_definition_name, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5afe4253c7234c2c Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:1369
        with open("schema.json", "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #da7e7004497e088f Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:1475
        with open(pipeline_definition_name, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #50bc34c90038df62 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:1494
        with open("schema.json", "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bbb2e297bbd7afc4 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:1539
    with open(data_location, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c5f81e18c07337b8 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:1546
    with open(data_location, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #073b5cde95117ea9 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:2115
        with open(tmp_file, "wb") as out:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5b4b91ed25c76d64 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:3170
            with open("request.json", "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0a69836c7439f8e9 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:3174
                with open(
                    "request.json",
                    "r",
                    encoding=auto_pipelines_parameters.get("encoding"),
                ) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2fd9e10f448c3dc2 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:3189
                with open("request.json", "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2bd7805433f75728 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:3193
                    with open(
                        "request.json",
                        "r",
                        encoding=auto_pipelines_parameters.get("encoding"),
                    ) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d712e310029b680c Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:3286
            with open("request.json", "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #390fff62674b3579 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:3290
                with open(
                    "request.json",
                    "r",
                    encoding=auto_pipelines_parameters.get("encoding"),
                ) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #af82848586e1f1b9 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:3305
                with open("request.json", "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4e4bad53c067266d Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:3309
                    with open(
                        "request.json",
                        "r",
                        encoding=auto_pipelines_parameters.get("encoding"),
                    ) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e2b297c7cdcb72a7 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/utils.py:557
    f = open(filename, "wb")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #39a20ea8d95c7ae5 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/utils.py:696
        b_model = file_path.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #323a2a92c3cb3736 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/utils.py:1307
        if os.environ.get(gov_env_var_name) != "True":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #dac59dfdaa7f3d30 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/volumes.py:54
        response = self._client.httpx_client.get(
            self._client._href_definitions.volume_href(volume_id),
            headers=self._client._get_headers(zen=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #e3ec2e5bc7ef2ae5 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/volumes.py:177
            creation_response = self._client.httpx_client.post(
                self._client._href_definitions.volumes_href(),
                headers=self._client._get_headers(zen=True),
                json=input_meta,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #ba91ab2b2b5f1925 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/volumes.py:232
            creation_response = self._client.httpx_client.post(
                start_url,
                headers=self._client._get_headers(zen=True),
                json=start_data,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #64e9387a855d3f05 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/volumes.py:294
            monitor_response = self._client.httpx_client.get(
                monitor_url,
                headers=self._client._get_headers(zen=True),
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #51fd8df3c91ef970 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/ibm_watsonx_ai/volumes.py:391
        response = self._client.httpx_client.get(
            href,
            params=params,
            headers=self._client._get_headers(zen=True),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

json5

python dependency
expand_more 2 low-confidence finding(s)
low env_fs dependency Excluded from app score #daffe21896a28c5a Filesystem access.
pkgs/python/[email protected]/json5/host.py:48
        with open(path, 'rb') as fp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5feb612dda7c82d5 Filesystem access.
pkgs/python/[email protected]/json5/host.py:52
        with open(path, 'wb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

jsonref

python dependency
expand_more 2 low-confidence finding(s)
low egress dependency Excluded from app score #71fb56bfc6178b4f Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/jsonref.py:244
        resp = requests.get(uri)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #659383d9cf27f420 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/jsonref.py:255
        with urlopen(uri) as content:

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

langchain-apify

python dependency
expand_more 3 low-confidence finding(s)
low env_fs dependency Excluded from app score #93ee24d9df4a6618 Environment-variable access.
pkgs/python/[email protected]/langchain_apify/document_loaders.py:87
        apify_api_token = apify_api_token or os.getenv('APIFY_TOKEN', '')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2c70b7cd2036d283 Environment-variable access.
pkgs/python/[email protected]/langchain_apify/tools.py:77
        apify_api_token = apify_api_token or os.getenv('APIFY_API_TOKEN')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #0921fdca150d7a0f Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/langchain_apify/utils.py:121
    response = requests.request('GET', url, timeout=REQUESTS_TIMEOUT_SECS)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

linkup-sdk

python dependency
expand_more 1 low-confidence finding(s)
low env_fs dependency Excluded from app score #cdd7e992c9d6def2 Environment-variable access.
pkgs/python/[email protected]/src/linkup/_client.py:92
                api_key = os.getenv("LINKUP_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

lxml

python dependency
expand_more 54 low-confidence finding(s)
low env_fs tooling reachable #1fd4545c1e9d12cc Filesystem access.
pkgs/python/[email protected]/benchmark/benchbase.py:577
        with open("callgrind.cmd", 'w') as cmd:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #dff1874cf5324104 Environment-variable access.
pkgs/python/[email protected]/benchmark/run_benchmarks.py:43
        env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #ff3c9441ba24fd5f Environment-variable access.
pkgs/python/[email protected]/benchmark/run_benchmarks.py:46
        env = env or os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #772d99b82542272f Filesystem access.
pkgs/python/[email protected]/benchmark/run_benchmarks.py:102
        with open(profile_input) as data_file_in:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #994c5f829d32e787 Filesystem access.
pkgs/python/[email protected]/benchmark/run_benchmarks.py:103
            with open(data_file_name, mode='w') as data_file_out:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #9bea691fd7751139 Environment-variable access.
pkgs/python/[email protected]/benchmark/run_benchmarks.py:170
    logging.info(f"CFLAGS={os.environ.get('CFLAGS', DISTUTILS_CFLAGS)}")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2e6d514792fafef4 Filesystem access.
pkgs/python/[email protected]/buildlibxml.py:41
    with open(file, 'rb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f8c12124679de4a9 Environment-variable access.
pkgs/python/[email protected]/buildlibxml.py:54
    if platform.machine() == 'ARM64' or os.getenv('VSCMD_ARG_TGT_ARCH') == 'arm64':

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a0373f9be9b70908 Environment-variable access.
pkgs/python/[email protected]/buildlibxml.py:70
            github_api_token=os.environ.get("GITHUB_API_TOKEN"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #3c6020a6c418ae52 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/buildlibxml.py:215
    with closing(urlopen(request)) as res:

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #3fef42fa05efd8d7 Environment-variable access.
pkgs/python/[email protected]/buildlibxml.py:541
        env_default.update(os.environ)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1a5f59c6d7e31f78 Filesystem access.
pkgs/python/[email protected]/buildlibxml.py:693
    with open(os.path.join(libxslt_dir, "configure"), 'rb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dbd4744347b09a3e Filesystem access.
pkgs/python/[email protected]/buildlibxml.py:697
        with open(os.path.join(libxslt_dir, "configure"), 'wb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e842b82484b511e0 Environment-variable access.
pkgs/python/[email protected]/buildlibxml.py:741
    get_env = os.environ.get

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ba61415b174de7c5 Filesystem access.
pkgs/python/[email protected]/doc/mkhtml.py:173
    f = open_file(os.path.join(lxml_path, 'CHANGES.txt'), 'r', encoding='utf-8')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a592aa99585b7366 Filesystem access.
pkgs/python/[email protected]/doc/mkhtml.py:189
    out_file = open(changelog_file_path, 'wb')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5a52a8966638209e Filesystem access.
pkgs/python/[email protected]/doc/mklatex.py:91
    with open(filename, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #71d1d99f43c91823 Filesystem access.
pkgs/python/[email protected]/doc/mklatex.py:96
    doc = open(src, 'r')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cd5d887d78a2d241 Filesystem access.
pkgs/python/[email protected]/doc/mklatex.py:97
    out = open(dest, "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ed4744a1c2aa69d4 Filesystem access.
pkgs/python/[email protected]/doc/mklatex.py:145
    with open(src_path) as src:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8e2b72152e2b9957 Filesystem access.
pkgs/python/[email protected]/doc/mklatex.py:148
    dest = open(dest_path, "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4a94819a24f7108f Filesystem access.
pkgs/python/[email protected]/doc/mklatex.py:286
    master = open( os.path.join(dirname, TARGET_FILE), "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a8f2892b2b33e42c Filesystem access.
pkgs/python/[email protected]/doc/update_performance_results.py:14
        with open(file_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5ec5b15afdf50ffc Filesystem access.
pkgs/python/[email protected]/doc/update_performance_results.py:26
    with open(text_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #76f1b9ff8482fa75 Filesystem access.
pkgs/python/[email protected]/doc/update_performance_results.py:51
    with open(doc_file, 'w') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4fdf1e9ab0775dd7 Environment-variable access.
pkgs/python/[email protected]/setup.py:26
    return [x.strip() for x in os.environ.get(name, "").split(separator) if x.strip()]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #df7a2cbaafb58db9 Filesystem access.
pkgs/python/[email protected]/setup.py:52
with open("requirements.txt", "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6b3286bd4e33b2c3 Filesystem access.
pkgs/python/[email protected]/setup.py:183
                with open(os.path.join(root_path, package_filename), 'wb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d9b57bfa404e52bd Environment-variable access.
pkgs/python/[email protected]/setupinfo.py:46
    value = os.getenv(name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #070bcb118e863a4b Filesystem access.
pkgs/python/[email protected]/setupinfo.py:191
        with io.open(src_file, 'r', encoding='iso8859-1') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8307d8b0fa9bb790 Filesystem access.
pkgs/python/[email protected]/setupinfo.py:195
        with io.open(dst_file, 'w', encoding='iso8859-1') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b611a7e971291fd5 Environment-variable access.
pkgs/python/[email protected]/setupinfo.py:417
    PKG_CONFIG = os.getenv('PKG_CONFIG', 'pkg-config')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #022919e8279c7546 Environment-variable access.
pkgs/python/[email protected]/setupinfo.py:425
    XML2_CONFIG = os.getenv('XML2_CONFIG', 'xml2-config')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3cbff672e6f52d52 Environment-variable access.
pkgs/python/[email protected]/setupinfo.py:428
        XSLT_CONFIG = os.getenv('XSLT_CONFIG', 'xslt-config')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c5406b2891b57780 Environment-variable access.
pkgs/python/[email protected]/setupinfo.py:497
    env_val = os.getenv(name.upper().replace('-', '_'), 'false').lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f5c687ca8eba121c Environment-variable access.
pkgs/python/[email protected]/setupinfo.py:521
    env_val = os.getenv(env_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6740e574538dc125 Environment-variable access.
pkgs/python/[email protected]/setupinfo.py:531
staticbuild = bool(os.environ.get('STATICBUILD', ''))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #080f53f64b4c2b51 Filesystem access.
pkgs/python/[email protected]/src/lxml/ElementInclude.py:97
    file = open(href, 'rb')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #8b6958bd7ece595b Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/lxml/ElementInclude.py:118
            f = urlopen(href)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #f0ef8d3d73ac52d7 Filesystem access.
pkgs/python/[email protected]/src/lxml/ElementInclude.py:120
            f = open(href, 'rb')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #03533b683f0653d0 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/lxml/html/__init__.py:1120
    return urlopen(url, data)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #6d457d58ac8dcef7 Filesystem access.
pkgs/python/[email protected]/src/lxml/html/_diffcommand.py:52
        with open(options.output, 'wb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6f4161e97a24abed Filesystem access.
pkgs/python/[email protected]/src/lxml/html/_diffcommand.py:62
        with open(filename, 'rb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #296f1e05619dd004 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/lxml/html/html5parser.py:230
        fp = urlopen(filename_url_or_file)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #c89e5dc474576a10 Filesystem access.
pkgs/python/[email protected]/src/lxml/html/html5parser.py:235
        fp = open(filename_url_or_file, 'rb')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1ca80f2f59afcbf2 Filesystem access.
pkgs/python/[email protected]/src/lxml/html/soupparser.py:46
        file = open(file)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling reachable #8c13607d28359829 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/tools/pypistats.py:17
    with urlopen(stats_url, context=ctx) as stats:

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling reachable #0417a375a7641f7f Filesystem access.
pkgs/python/[email protected]/tools/xpathgrep.py:135
        with open(input, 'rb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3ef138af833d3ca4 Filesystem access.
pkgs/python/[email protected]/update-error-constants.py:59
    with open(filename, 'r', encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #957c6221c9a58ad6 Filesystem access.
pkgs/python/[email protected]/update-error-constants.py:67
    with open(filename, 'w', encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #06324cd3aed1bbe3 Filesystem access.
pkgs/python/[email protected]/versioninfo.py:12
        with open(os.path.join(get_base_dir(), 'src', 'lxml', '__init__.py')) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #35c91261e91d15ce Filesystem access.
pkgs/python/[email protected]/versioninfo.py:41
    with io.open(os.path.join(get_base_dir(), "CHANGES.txt"), 'r', encoding='utf8') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d7f133a0c1b36ac0 Filesystem access.
pkgs/python/[email protected]/versioninfo.py:68
        with open(file_path, 'r') as version_h:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #12ac5d3cde734c08 Filesystem access.
pkgs/python/[email protected]/versioninfo.py:72
    with open(file_path, 'w') as version_h:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

multion

python dependency
expand_more 6 low-confidence finding(s)
low env_fs dependency Excluded from app score #55e553392366a0bb Environment-variable access.
pkgs/python/[email protected]/src/multion/base_client.py:76
        api_key: typing.Optional[str] = os.getenv("MULTION_API_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #adde45e79588abc3 Environment-variable access.
pkgs/python/[email protected]/src/multion/base_client.py:375
        api_key: typing.Optional[str] = os.getenv("MULTION_API_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a953afe1acaf5fa8 Environment-variable access.
pkgs/python/[email protected]/src/multion/client.py:51
        agentops_api_key: typing.Optional[str] = os.getenv("AGENTOPS_API_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d0b611714d4d1456 Environment-variable access.
pkgs/python/[email protected]/src/multion/client.py:64
                parent_key=os.getenv("AGENTOPS_PARENT_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #71f979403d764e21 Environment-variable access.
pkgs/python/[email protected]/src/multion/client.py:130
        agentops_api_key: typing.Optional[str] = os.getenv("AGENTOPS_API_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5749f05358559cbb Environment-variable access.
pkgs/python/[email protected]/src/multion/client.py:140
                parent_key=os.getenv("AGENTOPS_PARENT_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

openai

python dependency
expand_more 69 low-confidence finding(s)
low env_fs tooling reachable #1d497581331dab7d Filesystem access.
pkgs/python/[email protected]/examples/image_stream.py:30
            with open(filename, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #c8a5a97ea60d0bcc Filesystem access.
pkgs/python/[email protected]/examples/image_stream.py:41
            with open(filename, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #265ac923e78aa58b Environment-variable access.
pkgs/python/[email protected]/examples/realtime/azure_realtime.py:31
    endpoint = os.environ["AZURE_OPENAI_ENDPOINT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #12cc8b19223aaece Environment-variable access.
pkgs/python/[email protected]/examples/realtime/azure_realtime.py:37
    deployment_name = os.environ["AZURE_OPENAI_DEPLOYMENT_NAME"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #76f4c11a2f43f249 Filesystem access.
pkgs/python/[email protected]/examples/uploads.py:30
    data = file.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6c76dbb87261ea66 Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:158
api_type: _ApiType | None = _t.cast(_ApiType, _os.environ.get("OPENAI_API_TYPE"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3f4f871bc5c701a6 Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:160
api_version: str | None = _os.environ.get("OPENAI_API_VERSION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #268bb3120759336b Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:162
azure_endpoint: str | None = _os.environ.get("AZURE_OPENAI_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3f9528af5e6c799c Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:164
azure_ad_token: str | None = _os.environ.get("AZURE_OPENAI_AD_TOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2dde6b11c8a341bc Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:338
    return _os.environ.get("OPENAI_API_KEY") is not None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2bd3147029d3eb1e Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:342
    return azure_endpoint is not None or _os.environ.get("AZURE_OPENAI_API_KEY") is not None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2ad3b2f4314165b1 Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:347
        _os.environ.get("AZURE_OPENAI_AD_TOKEN") is not None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8e963da2a21fbd8d Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:363
            azure_endpoint = _os.environ.get("AZURE_OPENAI_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fb72b35ba3f507e9 Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:366
            azure_ad_token = _os.environ.get("AZURE_OPENAI_AD_TOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a2ec2683fb55eb3c Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:369
            api_version = _os.environ.get("OPENAI_API_VERSION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #143589a3151c2c76 Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:379
            if (azure_ad_token is not None or azure_ad_token_provider is not None) and _os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e282c046fbd3019a Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:379
            if (azure_ad_token is not None or azure_ad_token_provider is not None) and _os.environ.get(
                "AZURE_OPENAI_API_KEY"
            ) is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #be524778963e8fe5 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/openai/_base_client.py:309
        return await self._client.request(self._page_cls, self._options)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #c1d12589a36cd346 Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:209
                api_key = os.environ.get("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5ddbaa5511fc263f Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:219
            admin_api_key = os.environ.get("OPENAI_ADMIN_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fc45bbbdbd87756f Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:235
            organization = os.environ.get("OPENAI_ORG_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b0564931db9a0104 Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:239
            project = os.environ.get("OPENAI_PROJECT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #869ca07aef0472cb Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:243
            webhook_secret = os.environ.get("OPENAI_WEBHOOK_SECRET")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1c26d2404ca09e42 Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:251
            base_url = os.environ.get("OPENAI_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #72a5ad492c4eb344 Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:255
        custom_headers_env = os.environ.get("OPENAI_CUSTOM_HEADERS") if provider_runtime is None else None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f3cf39b7a449ed8d Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:805
                api_key = os.environ.get("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e70ee60add04d32d Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:815
            admin_api_key = os.environ.get("OPENAI_ADMIN_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #90e0127860898075 Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:831
            organization = os.environ.get("OPENAI_ORG_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #371ed389d1fc2218 Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:835
            project = os.environ.get("OPENAI_PROJECT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #11d7216386a8b528 Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:839
            webhook_secret = os.environ.get("OPENAI_WEBHOOK_SECRET")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ef8a316cb2655cc2 Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:847
            base_url = os.environ.get("OPENAI_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8bba895ac801337a Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:851
        custom_headers_env = os.environ.get("OPENAI_CUSTOM_HEADERS") if provider_runtime is None else None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c8214ba5f8290da3 Filesystem access.
pkgs/python/[email protected]/src/openai/_files.py:69
            return (path.name, path.read_bytes())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e6f6df67c83b8708 Filesystem access.
pkgs/python/[email protected]/src/openai/_files.py:81
        return pathlib.Path(file).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #47bb13bac881e90c Filesystem access.
pkgs/python/[email protected]/src/openai/_files.py:111
            return (path.name, await path.read_bytes())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9523a6532decb555 Filesystem access.
pkgs/python/[email protected]/src/openai/_files.py:123
        return await anyio.Path(file).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1f31f25f70d55430 Filesystem access.
pkgs/python/[email protected]/src/openai/_legacy_response.py:441
        with open(file, mode="wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8aae310dc74683f2 Filesystem access.
pkgs/python/[email protected]/src/openai/_legacy_response.py:454
        with open(file, mode="wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bdbabf7777f98d95 Environment-variable access.
pkgs/python/[email protected]/src/openai/_models.py:129
            extra="allow", defer_build=coerce_boolean(os.environ.get("DEFER_PYDANTIC_BUILD", "true"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #46d90ee73673bdb6 Filesystem access.
pkgs/python/[email protected]/src/openai/_response.py:513
        with open(file, mode="wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #806408a303193a82 Filesystem access.
pkgs/python/[email protected]/src/openai/_response.py:555
        with open(file, mode="wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #06e4a85664b67552 Environment-variable access.
pkgs/python/[email protected]/src/openai/_utils/_logs.py:23
    env = os.environ.get("OPENAI_LOG")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #030b006057f789ff Filesystem access.
pkgs/python/[email protected]/src/openai/_utils/_transform.py:248
            binary = data.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8561c3ac959b7b43 Filesystem access.
pkgs/python/[email protected]/src/openai/_utils/_transform.py:414
            binary = await anyio.Path(data).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ee8bda787ec34831 Filesystem access.
pkgs/python/[email protected]/src/openai/_utils/_utils.py:383
    contents = Path(path).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #da953b4fb6d92850 Filesystem access.
pkgs/python/[email protected]/src/openai/auth/_workload.py:58
            with open(token_file_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #9de8bc61e32eb88c Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/src/openai/auth/_workload.py:106
                response = http_client.get(url, params=params, headers={"Metadata": "true"}, timeout=timeout)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #6588841b4c2496c6 Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/src/openai/auth/_workload.py:109
                    response = client.get(url, params=params, headers={"Metadata": "true"}, timeout=timeout)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #42b38329be3ea83a Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/src/openai/auth/_workload.py:153
                response = http_client.get(url, params=params, headers={"Metadata-Flavor": "Google"}, timeout=timeout)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #2955584374580fe1 Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/src/openai/auth/_workload.py:156
                    response = client.get(url, params=params, headers={"Metadata-Flavor": "Google"}, timeout=timeout)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #ad4f0527bc027efa Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/openai/auth/_workload.py:249
            response = client.post(
                self.token_exchange_url,
                json={
                    "grant_type": TOKEN_EXCHANGE_GRANT_TYPE,
                    "subject_token": subject_token,
                    "subject_token_type": subject_token_type,
                    "identity_provider_id": self.workload_identity["identity_provider_id"],
                    "service_account_id": self.workload_identity["service_account_id"],
                },
                timeout=10.0,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #41e13c540bbd64e5 Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/_bedrock_auth.py:172
        region = os.environ.get("AWS_REGION") or os.environ.get("AWS_DEFAULT_REGION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f587ca13949f5e26 Filesystem access.
pkgs/python/[email protected]/src/openai/lib/_validators.py:485
                with open(fname, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d832ca407ff85936 Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/azure.py:214
            api_key = os.environ.get("AZURE_OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #60254b05376b0e62 Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/azure.py:217
            azure_ad_token = os.environ.get("AZURE_OPENAI_AD_TOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #73420186434f9901 Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/azure.py:225
            api_version = os.environ.get("OPENAI_API_VERSION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #37d205e30afa3b05 Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/azure.py:239
                azure_endpoint = os.environ.get("AZURE_OPENAI_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ffc5ddc0b351ddcf Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/azure.py:538
            api_key = os.environ.get("AZURE_OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #df8c256420ecafa5 Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/azure.py:541
            azure_ad_token = os.environ.get("AZURE_OPENAI_AD_TOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #312f0af930626ddd Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/azure.py:549
            api_version = os.environ.get("OPENAI_API_VERSION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f9abfeebdb59c459 Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/azure.py:563
                azure_endpoint = os.environ.get("AZURE_OPENAI_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #35b8ffa89e0c0347 Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/bedrock.py:70
    configured = region or os.environ.get("AWS_REGION") or os.environ.get("AWS_DEFAULT_REGION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #30fdff12cc8c96f1 Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/bedrock.py:80
    environment_base_url = os.environ.get("AWS_BEDROCK_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4df1446f8a2d7217 Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/bedrock.py:105
    token = os.environ.get("AWS_BEARER_TOKEN_BEDROCK")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9a2829833bf9edee Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/bedrock.py:150
    environment_token = os.environ.get("AWS_BEARER_TOKEN_BEDROCK")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #efb2e024ee15fdcc Environment-variable access.
pkgs/python/[email protected]/src/openai/providers/bedrock.py:248
            token = os.environ.get("AWS_BEARER_TOKEN_BEDROCK")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a3b84d28892258d7 Environment-variable access.
pkgs/python/[email protected]/src/openai/providers/bedrock.py:331
            os.environ.get("AWS_REGION") or os.environ.get("AWS_DEFAULT_REGION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2f68de8c776c59e5 Environment-variable access.
pkgs/python/[email protected]/src/openai/providers/bedrock.py:338
        environment_base_url = _normalize_optional_string(os.environ.get("AWS_BEDROCK_BASE_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #da2e5f3cf14b2e41 Environment-variable access.
pkgs/python/[email protected]/src/openai/providers/bedrock.py:391
        and bool(os.environ.get("AWS_BEARER_TOKEN_BEDROCK"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

openpyxl

python dependency
expand_more 4 low-confidence finding(s)
low env_fs dependency Excluded from app score #38c9376ba494ddd4 Filesystem access.
pkgs/python/[email protected]/openpyxl/worksheet/_writer.py:379
        with open(self.out, "rb") as src:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cb069566d7b58a0b Environment-variable access.
pkgs/python/[email protected]/openpyxl/xml/__init__.py:23
    return os.environ.get("OPENPYXL_LXML", "True") == "True"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6776461ea11996fc Environment-variable access.
pkgs/python/[email protected]/openpyxl/xml/__init__.py:39
    return os.environ.get("OPENPYXL_DEFUSEDXML", "True") == "True"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ba274aeac79d1386 Filesystem access.
pkgs/python/[email protected]/setup.py:24
    with open(os.path.join(here, 'README.rst')) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

oxylabs

python dependency
expand_more 6 low-confidence finding(s)
low env_fs dependency Excluded from app score #c7b9fa86266705ac Filesystem access.
pkgs/python/[email protected]/setup.py:5
    with open(rel_path, "r") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #fb52e50f8a7acfd8 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/oxylabs/internal/api.py:96
                response = requests.post(
                    self._base_url,
                    headers=self._headers,
                    json=payload,
                    timeout=config["request_timeout"],
                )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #aa02adbeef9220c2 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/oxylabs/internal/api.py:180
            async with user_session.post(
                self._base_url,
                headers=self._headers,
                json=payload,
                timeout=request_timeout,
            ) as response:

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #5cd2430a38fd8b75 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/oxylabs/internal/api.py:214
                async with user_session.get(
                    job_status_url,
                    headers=self._headers,
                    timeout=poll_interval,
                ) as response:

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #be94f42cf19784bb Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/oxylabs/internal/api.py:255
            async with user_session.get(
                result_url, headers=self._headers
            ) as response:

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #8b584a31008e85c2 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/src/oxylabs/proxy/proxy.py:71
            response = self._session.get(
                url, timeout=config["request_timeout"]
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

pandas

python dependency
expand_more 29 low-confidence finding(s)
low env_fs dependency Excluded from app score #5651711e5a28c8e4 Filesystem access.
pkgs/python/[email protected]/generate_pxi.py:8
    with open(pxifile, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5c1a5016a0cee359 Filesystem access.
pkgs/python/[email protected]/generate_pxi.py:12
    with open(outfile, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7e5d610c4f893cde Environment-variable access.
pkgs/python/[email protected]/generate_version.py:25
    if os.environ.get("MESON_DIST_ROOT"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #134b59e44b85efbc Environment-variable access.
pkgs/python/[email protected]/generate_version.py:26
        path = os.path.join(os.environ.get("MESON_DIST_ROOT"), path)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2dbf7250dafee214 Filesystem access.
pkgs/python/[email protected]/generate_version.py:27
    with open(path, "w", encoding="utf-8") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #46402c73dc8e5b73 Environment-variable access.
pkgs/python/[email protected]/pandas/_testing/contexts.py:76
                    del os.environ["TZ"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d2b9c6842d628187 Environment-variable access.
pkgs/python/[email protected]/pandas/_testing/contexts.py:80
                os.environ["TZ"] = tz

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #117e343b943f1a2c Environment-variable access.
pkgs/python/[email protected]/pandas/_testing/contexts.py:85
    orig_tz = os.environ.get("TZ")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0efa7a3cc80012b3 Filesystem access.
pkgs/python/[email protected]/pandas/_version.py:159
        with open(versionfile_abs, encoding="utf-8") as fobj:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7db66a81b0498598 Environment-variable access.
pkgs/python/[email protected]/pandas/_version.py:264
    env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #83a567e820071e3e Environment-variable access.
pkgs/python/[email protected]/pandas/compat/__init__.py:154
    return os.environ.get("PANDAS_CI", "0") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #38fecc3a023aedbf Environment-variable access.
pkgs/python/[email protected]/pandas/core/config_init.py:425
        if os.environ.get("PANDAS_COPY_ON_WRITE", "0") == "warn"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0a4793748e5bbbe8 Environment-variable access.
pkgs/python/[email protected]/pandas/core/config_init.py:426
        else os.environ.get("PANDAS_COPY_ON_WRITE", "1") == "1",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #29005792c86269f8 Environment-variable access.
pkgs/python/[email protected]/pandas/core/config_init.py:878
        False if os.environ.get("PANDAS_FUTURE_INFER_STRING", "1") == "0" else True,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #40f79b82615de438 Environment-variable access.
pkgs/python/[email protected]/pandas/core/config_init.py:895
        os.environ.get("PANDAS_FUTURE_DISTINGUISH_NAN_AND_NA", "0") == "1",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ac48d6132735fba4 Environment-variable access.
pkgs/python/[email protected]/pandas/core/config_init.py:906
        False if os.environ.get("PANDAS_FUTURE_PYTHON_SCALARS", "0") == "0" else True,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #70ed303bcbb18f0e Filesystem access.
pkgs/python/[email protected]/pandas/core/series.py:1573
            with open(buf, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0387b17ac392a45e Environment-variable access.
pkgs/python/[email protected]/pandas/io/clipboard/__init__.py:74
HAS_DISPLAY = os.getenv("DISPLAY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9cb7a972051b4f70 Filesystem access.
pkgs/python/[email protected]/pandas/io/clipboard/__init__.py:302
        with open("/dev/clipboard", "w", encoding="utf-8") as fd:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c67be0fdeec2235f Filesystem access.
pkgs/python/[email protected]/pandas/io/clipboard/__init__.py:306
        with open("/dev/clipboard", encoding="utf-8") as fd:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f09fe51e41819cd2 Environment-variable access.
pkgs/python/[email protected]/pandas/io/clipboard/__init__.py:569
        if os.environ.get("WAYLAND_DISPLAY") and _executable_exists("wl-copy"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #c027a6d902835652 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/pandas/io/common.py:282
    return urllib.request.urlopen(*args, **kwargs)  # noqa: TID251

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #3432d8b7cb60bf20 Filesystem access.
pkgs/python/[email protected]/pandas/io/common.py:930
            handle = open(
                handle,
                ioargs.mode,
                encoding=ioargs.encoding,
                errors=errors,
                newline="",
            )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f5e750660f9e5a5c Filesystem access.
pkgs/python/[email protected]/pandas/io/common.py:939
            handle = open(handle, ioargs.mode)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #279d57abb99dbf90 Filesystem access.
pkgs/python/[email protected]/pandas/io/common.py:1192
        handle = open(handle, "rb")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #257f9f798065cda8 Filesystem access.
pkgs/python/[email protected]/pandas/io/formats/format.py:1076
        with open(buf, "w", encoding=encoding, newline="") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e0f5e96a5d9945b0 Environment-variable access.
pkgs/python/[email protected]/pandas/util/_print_versions.py:57
        "LC_ALL": os.environ.get("LC_ALL"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ef5aeb9b55a60ffd Environment-variable access.
pkgs/python/[email protected]/pandas/util/_print_versions.py:58
        "LANG": os.environ.get("LANG"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f554ef9afb28bedd Filesystem access.
pkgs/python/[email protected]/pandas/util/_print_versions.py:148
            with open(as_json, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

pdfplumber

python dependency
expand_more 3 low-confidence finding(s)
low env_fs dependency Excluded from app score #ae79d593c7ecaf37 Filesystem access.
pkgs/python/[email protected]/pdfplumber/pdf.py:98
            stream = open(path_or_fp, "rb")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7f5919af38bad142 Filesystem access.
pkgs/python/[email protected]/pdfplumber/repair.py:72
        with open(outfile, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a09c7b75f96aa8f5 Filesystem access.
pkgs/python/[email protected]/setup.py:13
    return open(path, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

portalocker

python dependency
expand_more 17 low-confidence finding(s)
low env_fs dependency Excluded from app score #7b1347be622f4037 Filesystem access.
pkgs/python/[email protected]/portalocker/__main__.py:126
            (base_path / 'README.rst').read_text(encoding='ascii')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f77cffaff926454b Filesystem access.
pkgs/python/[email protected]/portalocker/__main__.py:131
            (base_path / 'LICENSE').read_text(encoding='ascii')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a88298a35651550a Filesystem access.
pkgs/python/[email protected]/portalocker/utils.py:329
            open(  # noqa: SIM115
                self.filename,
                self.mode,
                **self.file_open_kwargs,
            ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #12dc1ead70f3aa0f Filesystem access.
pkgs/python/[email protected]/portalocker_tests/test_core_locking.py:16
    with open(tmpfile, 'a') as a, open(tmpfile, 'a') as b:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #504764b0795b3a48 Filesystem access.
pkgs/python/[email protected]/portalocker_tests/test_core_locking.py:30
    with open(tmpfile, 'w') as fh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #77bb0a41b3ca5e5f Filesystem access.
pkgs/python/[email protected]/portalocker_tests/test_core_locking.py:33
    with open(tmpfile, 'r+') as fh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d3551e6eb9aa4f3b Filesystem access.
pkgs/python/[email protected]/portalocker_tests/test_core_locking.py:48
    with open(tmpfile, 'w') as fh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b6bf74ae9a17eaa7 Filesystem access.
pkgs/python/[email protected]/portalocker_tests/test_lock_flags.py:13
    with open(tmpfile, 'w') as fh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6566cd491b8d315e Filesystem access.
pkgs/python/[email protected]/portalocker_tests/test_lock_flags.py:16
    with open(tmpfile) as fh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9859836b387d3864 Filesystem access.
pkgs/python/[email protected]/portalocker_tests/test_lock_flags.py:22
            open(
                tmpfile,
                'r+',
            ) as fh2,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d2a3d2420e18e669 Filesystem access.
pkgs/python/[email protected]/portalocker_tests/test_lock_flags.py:33
            open(
                tmpfile,
                'w+',
            ) as fh2,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e4500a134f68a899 Filesystem access.
pkgs/python/[email protected]/portalocker_tests/test_lock_flags.py:47
    with open(tmpfile, 'w') as fh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8bc57135f75baa3c Filesystem access.
pkgs/python/[email protected]/portalocker_tests/test_lock_flags.py:50
    with open(tmpfile) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #eec841d5b695fa1f Filesystem access.
pkgs/python/[email protected]/portalocker_tests/test_lock_flags.py:54
        with open(tmpfile) as fh2:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fc6cca8bf9fe6efd Filesystem access.
pkgs/python/[email protected]/portalocker_tests/test_lock_flags.py:61
            open(
                tmpfile,
                'w+',
            ) as fh2,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #81c3133d2d508802 Filesystem access.
pkgs/python/[email protected]/portalocker_tests/test_lock_flags.py:95
    with open(tmpfile, 'w') as fh, pytest.raises(RuntimeError):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #889bb18c6303b6c2 Filesystem access.
pkgs/python/[email protected]/portalocker_tests/test_mechanisms.py:18
    with open(tmpfile, 'a+') as a, open(tmpfile, 'a+') as b:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

psycopg2-binary

python dependency
expand_more 14 low-confidence finding(s)
low env_fs tooling reachable #32c0e270668a6891 Filesystem access.
pkgs/python/[email protected]/doc/src/tools/make_sqlstate_docs.py:16
    with open(clsfile) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #f838b786f2430ad9 Filesystem access.
pkgs/python/[email protected]/scripts/make_errorcodes.py:40
    f = open(filename, "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #0cc0b784d38c3ff5 Filesystem access.
pkgs/python/[email protected]/scripts/make_errorcodes.py:49
    for line in open(filename):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling reachable #74ce81e76373495d Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/scripts/make_errorcodes.py:61
    page = urlopen(url)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling reachable #32af3b1f01ea0ab1 Filesystem access.
pkgs/python/[email protected]/scripts/make_errors.py:34
    f = open(filename, "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling reachable #f6da546048733eee Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/scripts/make_errors.py:44
    page = urlopen(url)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling reachable #50fd98a11ca1b2c7 Filesystem access.
pkgs/python/[email protected]/scripts/refcounter.py:47
    f1 = open(f'debug-{(opt.nruns - 1):02}.txt').readlines()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #50df6ef243fec118 Filesystem access.
pkgs/python/[email protected]/scripts/refcounter.py:48
    f2 = open(f'debug-{opt.nruns:02}.txt').readlines()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #cbd516df8beac6c7 Filesystem access.
pkgs/python/[email protected]/scripts/refcounter.py:56
        f1 = open(f'objs-{(opt.nruns - 1):02}.txt').readlines()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #297aaaea38d8722a Filesystem access.
pkgs/python/[email protected]/scripts/refcounter.py:57
        f2 = open(f'objs-{opt.nruns:02}.txt').readlines()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #42170b5d2510fb8d Filesystem access.
pkgs/python/[email protected]/scripts/refcounter.py:88
        stream=open(f"debug-{i:02}.txt", "w"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #110417521a99aeb2 Filesystem access.
pkgs/python/[email protected]/scripts/refcounter.py:103
        pprint(co, stream=open(f"objs-{i:02}.txt", "w"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8bdd40ab6b7ab60f Environment-variable access.
pkgs/python/[email protected]/setup.py:125
            path_directories = os.environ['PATH'].split(os.pathsep)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c4924f6dab051242 Filesystem access.
pkgs/python/[email protected]/setup.py:511
    f = open("README.rst")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

pydantic

python dependency
expand_more 9 low-confidence finding(s)
low env_fs dependency Excluded from app score #e06755bd2e1e21aa Filesystem access.
pkgs/python/[email protected]/pydantic/deprecated/parse.py:71
    b = path.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8bccf15550499021 Environment-variable access.
pkgs/python/[email protected]/pydantic/json_schema.py:344
                if os.getenv('PYDANTIC_PRIVATE_ALLOW_UNHANDLED_SCHEMA_TYPES'):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8563902bc66a2328 Filesystem access.
pkgs/python/[email protected]/pydantic/mypy.py:1411
    with open(config_file, 'rb') as rf:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #040f08b2bbad709c Environment-variable access.
pkgs/python/[email protected]/pydantic/plugin/_loader.py:27
    disabled_plugins = os.getenv('PYDANTIC_DISABLE_PLUGINS')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #69763379cdb60826 Environment-variable access.
pkgs/python/[email protected]/pydantic/v1/env_settings.py:173
            env_vars: Mapping[str, Optional[str]] = os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #71b3ccbf5c9d921e Environment-variable access.
pkgs/python/[email protected]/pydantic/v1/env_settings.py:175
            env_vars = {k.lower(): v for k, v in os.environ.items()}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6617f2f9460f98fa Filesystem access.
pkgs/python/[email protected]/pydantic/v1/env_settings.py:307
                    secret_value = path.read_text().strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #79e38c8a2b0090b9 Filesystem access.
pkgs/python/[email protected]/pydantic/v1/mypy.py:948
    with open(config_file, read_mode) as rf:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9e572240a6b00961 Filesystem access.
pkgs/python/[email protected]/pydantic/v1/parse.py:57
    b = path.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

pydantic-settings

python dependency
expand_more 3 low-confidence finding(s)
low env_fs dependency Excluded from app score #990163ff47e10cf7 Environment-variable access.
pkgs/python/[email protected]/pydantic_settings/sources/providers/env.py:75
        return parse_env_vars(os.environ, self.case_sensitive, self.env_ignore_empty, self.env_parse_none_str)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #31e5dcb5bcf6a508 Filesystem access.
pkgs/python/[email protected]/pydantic_settings/sources/providers/nested_secrets.py:203
        return {str(p.relative_to(path)): p.read_text().strip() for p in cls._iter_secret_files(path)}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7884c1904f1a7707 Filesystem access.
pkgs/python/[email protected]/pydantic_settings/sources/providers/secrets.py:122
                    return path.read_text().strip(), field_key, value_is_complex

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

pyjwt

python dependency
expand_more 5 low-confidence finding(s)
low env_fs tooling reachable #d9f6269b5c2e2136 Filesystem access.
pkgs/python/[email protected]/docs/conf.py:11
    with open(os.path.join(here, *parts), encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #a0d0cea4797efa0e Environment-variable access.
pkgs/python/[email protected]/docs/conf.py:97
os.environ["SPHINX_BUILD"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d59fab8c73a94a67 Environment-variable access.
pkgs/python/[email protected]/jwt/algorithms.py:102
    if TYPE_CHECKING or bool(os.getenv("SPHINX_BUILD", "")):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0a509049e41a4da9 Environment-variable access.
pkgs/python/[email protected]/jwt/api_jwt.py:25
if TYPE_CHECKING or bool(os.getenv("SPHINX_BUILD", "")):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #0c39e9a4b96304c4 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/jwt/jwks_client.py:118
            with urllib.request.urlopen(
                r, timeout=self.timeout, context=self.ssl_context
            ) as response:

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

pymongo

python dependency
expand_more 117 low-confidence finding(s)
low env_fs tooling reachable #ccc367e72b1b9a52 Filesystem access.
pkgs/python/[email protected]/.evergreen/scripts/generate_config_utils.py:292
    data = target.read_text().splitlines()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #b4ab052f9a68ca42 Filesystem access.
pkgs/python/[email protected]/.evergreen/scripts/generate_config_utils.py:321
    data = target.read_text().splitlines()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #aab1beae62af32db Filesystem access.
pkgs/python/[email protected]/.evergreen/scripts/generate_config_utils.py:354
    data = target.read_text().splitlines()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #73d1e020786e81ed Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/kms_tester.py:64
    base_env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #a23d27011d500b6d Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/kms_tester.py:99
            os.environ["AZUREKMS_VMNAME_PREFIX"] = "PYTHON_DRIVER"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #aea17201ca43d429 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/kms_tester.py:102
            os.environ[

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #b91fadc2032727b0 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/kms_tester.py:102
            os.environ[
                "AZUREKMS_IMAGE"
            ] = "Canonical:0001-com-ubuntu-server-jammy:22_04-lts-gen2:latest"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #5331acde08ea1d85 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/kms_tester.py:106
            os.environ["GCPKMS_IMAGEFAMILY"] = "debian-12"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #6bcec922f257ede1 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/kms_tester.py:128
        key_name = os.environ["KEY_NAME"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #6bb85e478366736d Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/kms_tester.py:129
        key_vault_endpoint = os.environ["KEY_VAULT_ENDPOINT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling reachable #d7a0fb669edcd566 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/.evergreen/scripts/mod_wsgi_tester.py:17
            urllib.request.urlopen(url)  # noqa: S310

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling reachable #c11346941bf62391 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/mod_wsgi_tester.py:26
    env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #d7e793592a20cfe1 Filesystem access.
pkgs/python/[email protected]/.evergreen/scripts/mod_wsgi_tester.py:64
        LOGGER.error(Path("error_log").read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #e24540d7c646f192 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/mod_wsgi_tester.py:72
    uri1 = os.environ["TEST_URI1"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #abc8575df9fec6b8 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/mod_wsgi_tester.py:73
    uri2 = os.environ["TEST_URI2"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #439ec6113bc0d94e Filesystem access.
pkgs/python/[email protected]/.evergreen/scripts/mod_wsgi_tester.py:81
        LOGGER.error(Path("error_log").read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #70d7821298c3e2e0 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/mod_wsgi_tester.py:86
    apache = os.environ["APACHE_BINARY"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #943e313d09a5bac0 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/mod_wsgi_tester.py:87
    apache_config = os.environ["APACHE_CONFIG"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #ba6f29b5f9e32477 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/oidc_tester.py:34
    env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #55896bf493762182 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/oidc_tester.py:36
    if sub_test_name == "eks" and "AWS_ACCESS_KEY_ID" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #210e291510bcb4c1 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/oidc_tester.py:39
            if key in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #756a809e003be02e Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/oidc_tester.py:40
                write_env(key, os.environ[key])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #ddf55525be780217 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/oidc_tester.py:62
        return os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #36598113b495cb3e Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/oidc_tester.py:84
    env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #c60172c652405628 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/resync-all-specs.py:63
    spec_dir = pathlib.Path(os.environ["MDB_SPECS"]) / "source"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #a6adb323c2b17347 Filesystem access.
pkgs/python/[email protected]/.evergreen/scripts/resync-all-specs.py:126
            with open(filename, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #d3e1a6f043fbe712 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/run_server.py:10
    os.environ[name] = str(value)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #314fc7206849bf0b Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/run_server.py:22
    if "VERSION" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #d71705e244b5b0a9 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/run_server.py:23
        os.environ["MONGODB_VERSION"] = os.environ["VERSION"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #fb32544ac6477dd8 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/run_server.py:32
        os.environ["TOPOLOGY"] = "replica_set"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #80fef3fd9d5c4ca8 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/run_server.py:33
        os.environ["MONGODB_VERSION"] = "7.0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #56e709642d034f28 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/run_server.py:35
    if not os.environ.get("TEST_CRYPT_SHARED"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #4a59676545e64da4 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/run_tests.py:24
AUTH = os.environ.get("AUTH", "noauth")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #a38d9de75da81c28 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/run_tests.py:25
SSL = os.environ.get("SSL", "nossl")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #3fc38cbb0a72ea6f Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/run_tests.py:26
UV_ARGS = os.environ.get("UV_ARGS", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #d35350e5e9859373 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/run_tests.py:27
TEST_PERF = os.environ.get("TEST_PERF")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #af18f0869d9678be Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/run_tests.py:28
GREEN_FRAMEWORK = os.environ.get("GREEN_FRAMEWORK")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #f47e6acafeaf9d4e Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/run_tests.py:29
TEST_ARGS = os.environ.get("TEST_ARGS", "").split()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #f44a46ae83361b8f Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/run_tests.py:30
TEST_NAME = os.environ.get("TEST_NAME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #2a9d36d0fb148b5c Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/run_tests.py:31
SUB_TEST_NAME = os.environ.get("SUB_TEST_NAME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #937f4c17222e45b1 Filesystem access.
pkgs/python/[email protected]/.evergreen/scripts/run_tests.py:53
    with open("results.json") as fid:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #4672558a198d7b8e Filesystem access.
pkgs/python/[email protected]/.evergreen/scripts/run_tests.py:68
    with open("report.json", "w", newline="\n") as fid:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #0dcec8a19c9670af Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/run_tests.py:106
    env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #d4611bbdb4ca5b20 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/run_tests.py:150
    if not os.environ.get("NO_EXT"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #13b933f2ddaf8e3a Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/run_tests.py:153
    if os.environ.get("PYMONGOCRYPT_LIB"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #d6012ebb22b82c24 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/run_tests.py:204
    if os.environ.get("DEBUG_LOG"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #50b03ba588a5c0b1 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/run_tests.py:207
    if os.environ.get("COVERAGE"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #3076fed253b39b24 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:57
    value = os.environ.get(var, "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #7c83eb89ad5fa145 Filesystem access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:65
    with open("/etc/os-release") as fid:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #f8ca42fd74d76678 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:111
        url = os.environ["LIBMONGOCRYPT_URL"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling reachable #4128dfcc6c861127 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:116
    with request.urlopen(request.Request(url), timeout=15.0) as response:  # noqa: S310

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling reachable #8f92b3f4d2ee196d Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:181
            write_env(var, os.environ.get(var, getattr(opts, var.lower(), "")))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #590e50e1a090c9ca Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:200
        env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #5e73717ec1d98b78 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:223
        if "AWS_ACCESS_KEY_ID" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #b48706a4fc214e50 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:225
                if key in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #3846610a5736acc3 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:226
                    write_env(key, os.environ[key])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #942a6cb0f2f3e1c8 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:268
            os.environ["KRB5_CONFIG"] = str(krb_conf)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #f494e7591e39660d Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:281
        SINGLE_MONGOS_LB_URI = os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #ecb229049515b87f Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:281
        SINGLE_MONGOS_LB_URI = os.environ.get(
            "SINGLE_MONGOS_LB_URI", "mongodb://127.0.0.1:8000/?loadBalanced=true"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #5c8c6e0875e64401 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:284
        MULTI_MONGOS_LB_URI = os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #834fb3776a6a2866 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:284
        MULTI_MONGOS_LB_URI = os.environ.get(
            "MULTI_MONGOS_LB_URI", "mongodb://127.0.0.1:8001/?loadBalanced=true"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #ec10484985a46eff Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:304
            os.environ["OCSP_SERVER_TYPE"] = sub_test_name

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #a93d9976ff4031d6 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:306
            if name not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #008b8d1f6e1fc0fd Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:309
        server_type = os.environ["OCSP_SERVER_TYPE"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #027774f57469a01a Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:310
        orch_file = os.environ["ORCHESTRATION_FILE"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #999d25cedeaffc77 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:321
            env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #1f67c807e5511ad2 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:328
        version = os.environ.get("VERSION", "latest")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #ce272fb9b9894a5f Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:349
    compressors = os.environ.get("COMPRESSORS") or opts.compressor

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #2bdd1ffed6428fc4 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:412
        if "AWS_ROLE_SESSION_NAME" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #c9c2119bf46951d7 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:472
        framework = opts.green_framework or os.environ["GREEN_FRAMEWORK"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #2fedab8b0a20c738 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/teardown_tests.py:10
TEST_NAME = os.environ.get("TEST_NAME", "unconfigured")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #72558728cdc4080f Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/teardown_tests.py:11
SUB_TEST_NAME = os.environ.get("SUB_TEST_NAME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #51226411726cb2d3 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/teardown_tests.py:52
    Path(os.environ["OUTPUT_FILE"]).unlink(missing_ok=True)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #1b3813264393e079 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/teardown_tests.py:61
if os.environ.get("COVERAGE"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #c60d8c87d4a4088c Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/utils.py:15
DRIVERS_TOOLS = os.environ.get("DRIVERS_TOOLS", "").replace(os.sep, "/")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #64a8e75a3ca63187 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/utils.py:169
        if env_var in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #ae182c90bbf01633 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/utils.py:173
                opts.auth = os.environ.get("AUTH") == "auth"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #b650bd1299cdeefd Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/utils.py:175
                ssl_opt = os.environ.get("SSL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #b9f74d7bcc43bba5 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/utils.py:178
                if os.environ[env_var]:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #7e7c4676e4f2a37b Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/utils.py:181
                setattr(opts, key, os.environ[env_var])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #17a8992b9ff4189a Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/utils.py:211
    env = kwargs.pop("env", os.environ).copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #826c254dd727d47e Environment-variable access.
pkgs/python/[email protected]/_setup.py:71
            if os.environ.get("PYMONGO_C_EXT_MUST_BUILD"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6408607990e5624c Environment-variable access.
pkgs/python/[email protected]/_setup.py:88
            if "ProgramFiles" in os.environ and "ProgramFiles(x86)" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #327d24e1a9a8b58c Environment-variable access.
pkgs/python/[email protected]/_setup.py:89
                os.environ["ProgramFiles(x86)"] = os.environ["ProgramFiles"] + " (x86)"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d6875c85854515e9 Environment-variable access.
pkgs/python/[email protected]/_setup.py:94
            if os.environ.get("PYMONGO_C_EXT_MUST_BUILD"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1f82a5a9f9f2a8e4 Environment-variable access.
pkgs/python/[email protected]/_setup.py:127
if "--no_ext" in sys.argv or os.environ.get("NO_EXT"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #b8046e67a22af7c6 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/pymongo/_azure_helpers.py:36
        with urlopen(request, timeout=timeout) as response:  # noqa: S310

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #d6f0562b0fe4a785 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/pymongo/_gcp_helpers.py:29
        with urlopen(request, timeout=timeout) as response:  # noqa: S310

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #233aae9fb02dd845 Environment-variable access.
pkgs/python/[email protected]/pymongo/auth_oidc_shared.py:81
        token_file = os.environ.get("OIDC_TOKEN_FILE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2179397388bb738c Filesystem access.
pkgs/python/[email protected]/pymongo/auth_oidc_shared.py:86
        with open(token_file) as fid:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e6789d1ba16feea0 Environment-variable access.
pkgs/python/[email protected]/pymongo/auth_oidc_shared.py:92
        token_file = os.environ.get("AWS_WEB_IDENTITY_TOKEN_FILE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5afb6a204fe3b036 Filesystem access.
pkgs/python/[email protected]/pymongo/auth_oidc_shared.py:97
        with open(token_file) as fid:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8489b707ffecff04 Environment-variable access.
pkgs/python/[email protected]/pymongo/auth_oidc_shared.py:129
        if key in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #016ed6272a11538b Environment-variable access.
pkgs/python/[email protected]/pymongo/auth_oidc_shared.py:130
            fname = os.environ[key]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9e775a695456e6a2 Filesystem access.
pkgs/python/[email protected]/pymongo/auth_oidc_shared.py:131
    with open(fname) as fid:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b68e39a341ec6af2 Filesystem access.
pkgs/python/[email protected]/pymongo/common.py:238
    open(value).close()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #14899c4f6a7ed5a5 Filesystem access.
pkgs/python/[email protected]/pymongo/daemon.py:64
            with open(os.devnull, "r+b") as devnull:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7c224e7cac390ce2 Filesystem access.
pkgs/python/[email protected]/pymongo/daemon.py:95
            with open(os.devnull, "r+b") as devnull:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f332d103ab159c29 Environment-variable access.
pkgs/python/[email protected]/pymongo/logger.py:165
        document_length = int(os.getenv("MONGOB_LOG_MAX_DOCUMENT_LENGTH", _DEFAULT_DOCUMENT_LENGTH))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #01662caff87b070b Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/pymongo/ocsp_support.py:295
            response = _post(
                uri,
                data=ocsp_request.public_bytes(_Encoding.DER),
                headers={"Content-Type": "application/ocsp-request"},
                timeout=timeout,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #34ed483f264528f0 Environment-variable access.
pkgs/python/[email protected]/pymongo/pool_options.py:78
        "architecture": os.environ.get("PROCESSOR_ARCHITECTURE") or platform.machine(),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9bb2a01fd5259537 Environment-variable access.
pkgs/python/[email protected]/pymongo/pool_options.py:119
    if os.getenv(ENV_VAR_K8S):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #239448af2136a733 Environment-variable access.
pkgs/python/[email protected]/pymongo/pool_options.py:126
    if os.getenv("AWS_LAMBDA_RUNTIME_API"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #06751800f1ba5f59 Environment-variable access.
pkgs/python/[email protected]/pymongo/pool_options.py:128
    env = os.getenv("AWS_EXECUTION_ENV")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #830b0a7495fb1db7 Environment-variable access.
pkgs/python/[email protected]/pymongo/pool_options.py:135
    return bool(os.getenv("FUNCTIONS_WORKER_RUNTIME"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #adeb1c58d4412d23 Environment-variable access.
pkgs/python/[email protected]/pymongo/pool_options.py:139
    return bool(os.getenv("K_SERVICE") or os.getenv("FUNCTION_NAME"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b8186d1ecba109ef Environment-variable access.
pkgs/python/[email protected]/pymongo/pool_options.py:143
    return bool(os.getenv("VERCEL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7f68f31d9949ed75 Environment-variable access.
pkgs/python/[email protected]/pymongo/pool_options.py:152
    val = os.getenv(key)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #518ab0a085d3c665 Environment-variable access.
pkgs/python/[email protected]/pymongo/pool_options.py:171
        region = os.getenv("AWS_REGION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a480c17539c4a02a Environment-variable access.
pkgs/python/[email protected]/pymongo/pool_options.py:181
        region = os.getenv("FUNCTION_REGION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a1d53a660cd27201 Environment-variable access.
pkgs/python/[email protected]/pymongo/pool_options.py:192
        region = os.getenv("VERCEL_REGION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #2b4e18d8ad1eebc0 Filesystem access.
pkgs/python/[email protected]/tools/compare_import_time.py:23
    with open(f"pymongo-{sha}.log") as fid:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #28fa652b25392bea Filesystem access.
pkgs/python/[email protected]/tools/convert_test_to_async.py:123
    with open(input_file, "r+") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #64254558f06e0e26 Filesystem access.
pkgs/python/[email protected]/tools/convert_test_to_async.py:127
        with open(output_file, "w+") as f2:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #58cfdcbad0b307e6 Filesystem access.
pkgs/python/[email protected]/tools/ensure_future_annotations_import.py:29
        with open(path) as fid:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #8cabef266edefec0 Filesystem access.
pkgs/python/[email protected]/tools/synchro.py:290
            with open(file, "r+") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #d86f729bb09aa256 Environment-variable access.
pkgs/python/[email protected]/tools/synchro.py:442
            and "OVERRIDE_SYNCHRO_CHECK" not in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

pymysql

python dependency
expand_more 1 low-confidence finding(s)
low env_fs dependency Excluded from app score #ae2b273d5045f622 Filesystem access.
pkgs/python/[email protected]/pymysql/connections.py:1460
            with open(self.filename, "rb") as open_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

python-docx

python dependency
expand_more 7 low-confidence finding(s)
low env_fs dependency Excluded from app score #2d9616ee300e1f75 Filesystem access.
pkgs/python/[email protected]/src/docx/image/image.py:41
            with open(path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #97ebe23771fcc514 Filesystem access.
pkgs/python/[email protected]/src/docx/opc/phys_pkg.py:47
        with open(path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d587147f5cf9abb2 Filesystem access.
pkgs/python/[email protected]/src/docx/parts/comments.py:49
        with open(path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8a09babb9c6a7492 Filesystem access.
pkgs/python/[email protected]/src/docx/parts/hdrftr.py:31
        with open(path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3432f33d3c852c89 Filesystem access.
pkgs/python/[email protected]/src/docx/parts/hdrftr.py:51
        with open(path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #95e19fa7095b1420 Filesystem access.
pkgs/python/[email protected]/src/docx/parts/settings.py:48
        with open(path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #66cdfb1a8f8381a7 Filesystem access.
pkgs/python/[email protected]/src/docx/parts/styles.py:40
        with open(path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

python-dotenv

python dependency
expand_more 11 low-confidence finding(s)
low env_fs dependency Excluded from app score #761d2655cd064efc Filesystem access.
pkgs/python/[email protected]/src/dotenv/cli.py:76
        with open(path) as stream:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ba3e6afc6369ecc9 Environment-variable access.
pkgs/python/[email protected]/src/dotenv/cli.py:194
        if v is not None and (override or k not in os.environ)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c432c8d5ba72acda Environment-variable access.
pkgs/python/[email protected]/src/dotenv/cli.py:225
    cmd_env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2a4ca21bf5eb89e1 Environment-variable access.
pkgs/python/[email protected]/src/dotenv/main.py:26
    if "PYTHON_DOTENV_DISABLED" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6df5f123843f693b Environment-variable access.
pkgs/python/[email protected]/src/dotenv/main.py:28
    value = os.environ["PYTHON_DOTENV_DISABLED"].casefold()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c9bc43e8e559769c Filesystem access.
pkgs/python/[email protected]/src/dotenv/main.py:63
            with open(self.dotenv_path, encoding=self.encoding) as stream:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e700e9ad461ae9d1 Environment-variable access.
pkgs/python/[email protected]/src/dotenv/main.py:105
            if k in os.environ and not self.override:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #69a32825661dfcb1 Environment-variable access.
pkgs/python/[email protected]/src/dotenv/main.py:108
                os.environ[k] = v

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #83097997d1e6aa4d Filesystem access.
pkgs/python/[email protected]/src/dotenv/main.py:148
        source: IO[str] = open(path, encoding=encoding)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a5b97d9687dbe260 Environment-variable access.
pkgs/python/[email protected]/src/dotenv/main.py:302
                env.update(os.environ)  # type: ignore

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9371c51182ee5a8d Environment-variable access.
pkgs/python/[email protected]/src/dotenv/main.py:306
                env.update(os.environ)  # type: ignore

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

pytube

python dependency
expand_more 6 low-confidence finding(s)
low env_fs dependency Excluded from app score #f925de833b1872bc Filesystem access.
pkgs/python/[email protected]/pytube/captions.py:154
        with open(file_path, "w", encoding="utf-8") as file_handle:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #74f645bc3faf1239 Filesystem access.
pkgs/python/[email protected]/pytube/innertube.py:249
                with open(_token_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #410b2a759ac8a1b8 Filesystem access.
pkgs/python/[email protected]/pytube/innertube.py:268
        with open(_token_file, 'w') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #14e845e29a772c0d Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/pytube/request.py:37
    return urlopen(request, timeout=timeout)  # nosec

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #911d5d0057049091 Filesystem access.
pkgs/python/[email protected]/pytube/streams.py:312
        with open(file_path, "wb") as fh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6a76b6d980eaea93 Filesystem access.
pkgs/python/[email protected]/setup.py:13
with open(os.path.join(here, "pytube", "version.py")) as fp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

pyyaml

python dependency
expand_more 3 low-confidence finding(s)
low env_fs dependency Excluded from app score #4ba29548c3a24631 Environment-variable access.
pkgs/python/[email protected]/setup.py:72
os.environ['SETUPTOOLS_USE_DISTUTILS'] = 'local'

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7b8d2efd4a6a8094 Environment-variable access.
pkgs/python/[email protected]/setup.py:81
if 'sdist' in sys.argv or os.environ.get('PYYAML_FORCE_CYTHON') == '1':

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b5899ff214855398 Environment-variable access.
pkgs/python/[email protected]/setup.py:160
            with_ext = getattr(self, ext.attr_name) or os.environ.get('PYYAML_FORCE_{0}'.format(ext.feature_name.upper()))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

qdrant-client

python dependency
expand_more 13 low-confidence finding(s)
low egress dependency Excluded from app score #49497d99c7c973ae Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/qdrant_client/common/version_check.py:15
    response = httpx.get(rest_uri, headers=rest_headers, auth=auth_provider, timeout=timeout)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #5210197616c00350 Filesystem access.
pkgs/python/[email protected]/qdrant_client/embed/schema_parser.py:298
        with open(output_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d540ca16269b8596 Filesystem access.
pkgs/python/[email protected]/qdrant_client/embed/utils.py:76
    with open(path, "rb") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fd856a2d3d310727 Filesystem access.
pkgs/python/[email protected]/qdrant_client/local/async_qdrant_local.py:99
            with open(meta_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f1b1634df832c239 Filesystem access.
pkgs/python/[email protected]/qdrant_client/local/async_qdrant_local.py:102
            with open(meta_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5dee8a2e7f462ea3 Filesystem access.
pkgs/python/[email protected]/qdrant_client/local/async_qdrant_local.py:125
            with open(lock_file_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #414d03f57295e944 Filesystem access.
pkgs/python/[email protected]/qdrant_client/local/async_qdrant_local.py:127
        self._flock_file = open(lock_file_path, "r+")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c65d462fe5e64b6e Filesystem access.
pkgs/python/[email protected]/qdrant_client/local/async_qdrant_local.py:146
        with open(meta_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bea66f065b5efc86 Filesystem access.
pkgs/python/[email protected]/qdrant_client/local/qdrant_local.py:102
            with open(meta_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #261656f17c49117a Filesystem access.
pkgs/python/[email protected]/qdrant_client/local/qdrant_local.py:105
            with open(meta_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0595f7aa4497d861 Filesystem access.
pkgs/python/[email protected]/qdrant_client/local/qdrant_local.py:136
            with open(lock_file_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ff916d7d3a83b771 Filesystem access.
pkgs/python/[email protected]/qdrant_client/local/qdrant_local.py:138
        self._flock_file = open(lock_file_path, "r+")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1c2ddbbb5da681bd Filesystem access.
pkgs/python/[email protected]/qdrant_client/local/qdrant_local.py:162
        with open(meta_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

regex

python dependency
expand_more 3 low-confidence finding(s)
low env_fs tooling reachable #c0a4b9e13519576b Filesystem access.
pkgs/python/[email protected]/tools/build_regex_unicode.py:680
    with open(path, 'w', encoding='ascii') as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #4ed56f82c2e73958 Filesystem access.
pkgs/python/[email protected]/tools/build_regex_unicode.py:1454
    with open(c_path, 'w', newline='\n', encoding='ascii') as c_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #8a77cead611984ac Filesystem access.
pkgs/python/[email protected]/tools/build_regex_unicode.py:1577
    with open(h_path, 'w', newline='\n', encoding='ascii') as h_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

requests

python dependency
expand_more 8 low-confidence finding(s)
low env_fs dependency Excluded from app score #ecea20d5d582c2fb Environment-variable access.
pkgs/python/[email protected]/src/requests/sessions.py:857
                    os.environ.get("REQUESTS_CA_BUNDLE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #eb1c2b7eff83791c Environment-variable access.
pkgs/python/[email protected]/src/requests/sessions.py:858
                    or os.environ.get("CURL_CA_BUNDLE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #46b3f91880917b4c Environment-variable access.
pkgs/python/[email protected]/src/requests/utils.py:239
    netrc_file = os.environ.get("NETRC")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #79e5a20cab7aebd7 Environment-variable access.
pkgs/python/[email protected]/src/requests/utils.py:798
        old_value = os.environ.get(env_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6401ab408c394949 Environment-variable access.
pkgs/python/[email protected]/src/requests/utils.py:799
        os.environ[env_name] = value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ce7287c2dff67532 Environment-variable access.
pkgs/python/[email protected]/src/requests/utils.py:805
                del os.environ[env_name]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #799593113d3ac69e Environment-variable access.
pkgs/python/[email protected]/src/requests/utils.py:807
                os.environ[env_name] = old_value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e025615570282f55 Environment-variable access.
pkgs/python/[email protected]/src/requests/utils.py:820
        return os.environ.get(key) or os.environ.get(key.upper())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

scrapegraph-py

python dependency
expand_more 3 low-confidence finding(s)
low env_fs dependency Excluded from app score #e32d457664425a78 Environment-variable access.
pkgs/python/[email protected]/src/scrapegraph_py/env.py:9
        return os.environ.get("SGAI_DEBUG") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #663e09107f722bba Environment-variable access.
pkgs/python/[email protected]/src/scrapegraph_py/env.py:13
        val = os.environ.get("SGAI_TIMEOUT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #49b8503dd32d9a57 Environment-variable access.
pkgs/python/[email protected]/src/scrapegraph_py/env.py:18
        return os.environ.get("SGAI_API_URL") or "https://v2-api.scrapegraphai.com/api"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

selenium

python dependency
expand_more 36 low-confidence finding(s)
low env_fs dependency Excluded from app score #8de19a57cb84c51c Environment-variable access.
pkgs/python/[email protected]/selenium/webdriver/__init__.py:23
if os.environ.get("SE_DEBUG"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b764bb6ee6517169 Filesystem access.
pkgs/python/[email protected]/selenium/webdriver/chromium/options.py:83
            with open(extension, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #235996ae38cb188e Environment-variable access.
pkgs/python/[email protected]/selenium/webdriver/chromium/service.py:58
        if os.environ.get("SE_DEBUG"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #e660a2bc25a21239 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/selenium/webdriver/common/api_request_context.py:426
        return self._pool.request(
            method,
            url,
            headers=headers,
            body=body,
            timeout=timeout,
            redirect=follow,
            retries=retries,
            preload_content=True,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #302b9ed529ef5e6e Filesystem access.
pkgs/python/[email protected]/selenium/webdriver/common/api_request_context.py:568
                    with open(file_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bba697016030cb50 Filesystem access.
pkgs/python/[email protected]/selenium/webdriver/common/api_request_context.py:601
                with open(file_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #30603e75f353c2e0 Environment-variable access.
pkgs/python/[email protected]/selenium/webdriver/common/bidi/cdp.py:48
    return int(os.environ.get("SE_CDP_MAX_WS_MESSAGE_SIZE", MAX_WS_MESSAGE_SIZE))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3c4cc975fb92c6d5 Environment-variable access.
pkgs/python/[email protected]/selenium/webdriver/common/selenium_manager.py:81
        if (env_path := os.getenv("SE_MANAGER_PATH")) is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #626a1616ff9bd56c Filesystem access.
pkgs/python/[email protected]/selenium/webdriver/common/service.py:64
            self.log_output = open(log_output, "a+", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #51bf852d6b91985d Environment-variable access.
pkgs/python/[email protected]/selenium/webdriver/common/service.py:77
        self.env = env or os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #087114d8b20f360e Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/selenium/webdriver/common/service.py:147
            request.urlopen(f"{self.service_url}/shutdown", timeout=10)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #dfe14a65479d2fdb Environment-variable access.
pkgs/python/[email protected]/selenium/webdriver/common/service.py:261
            return os.getenv(self.DRIVER_PATH_ENV_KEY, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #42bc9d3585f22741 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/selenium/webdriver/common/utils.py:156
        with opener.open(request, timeout=1) as res:

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #c016ce62c77ae86e Filesystem access.
pkgs/python/[email protected]/selenium/webdriver/firefox/firefox_profile.py:67
                with open(
                    os.path.join(os.path.dirname(__file__), WEBDRIVER_PREFERENCES), encoding="utf-8"
                ) as default_prefs:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cbdb977fd426fd72 Filesystem access.
pkgs/python/[email protected]/selenium/webdriver/firefox/firefox_profile.py:91
        with open(user_prefs, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #234e7059faf0da2a Filesystem access.
pkgs/python/[email protected]/selenium/webdriver/firefox/firefox_profile.py:165
        with open(userjs, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #89d7f1279095bda5 Filesystem access.
pkgs/python/[email protected]/selenium/webdriver/firefox/firefox_profile.py:196
                    with open(os.path.join(tmpdir, name), "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #aec06c72de597792 Filesystem access.
pkgs/python/[email protected]/selenium/webdriver/firefox/firefox_profile.py:287
                    with open(manifest_json_filename, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #67eaf212e4d5927d Filesystem access.
pkgs/python/[email protected]/selenium/webdriver/firefox/firefox_profile.py:290
                with open(os.path.join(addon_path, "install.rdf"), encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b6999a26e225dee0 Environment-variable access.
pkgs/python/[email protected]/selenium/webdriver/firefox/service.py:52
        if os.environ.get("SE_DEBUG"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c6114bddc4f7262f Filesystem access.
pkgs/python/[email protected]/selenium/webdriver/firefox/webdriver.py:134
            with open(path, "rb") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3cf3096a6b7dbab8 Filesystem access.
pkgs/python/[email protected]/selenium/webdriver/firefox/webdriver.py:171
            with open(filename, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f584c6f0b415969d Environment-variable access.
pkgs/python/[email protected]/selenium/webdriver/ie/service.py:61
        if os.environ.get("SE_DEBUG"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6c163278ddc7b671 Environment-variable access.
pkgs/python/[email protected]/selenium/webdriver/remote/client_config.py:121
            (os.getenv("REQUESTS_CA_BUNDLE") if "REQUESTS_CA_BUNDLE" in os.environ else certifi.where())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5221ef993a8c1823 Environment-variable access.
pkgs/python/[email protected]/selenium/webdriver/remote/client_config.py:137
            _no_proxy = os.environ.get("no_proxy", os.environ.get("NO_PROXY"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b3c05e6979dc64d4 Environment-variable access.
pkgs/python/[email protected]/selenium/webdriver/remote/client_config.py:147
            return os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a7ce0edafdc31900 Environment-variable access.
pkgs/python/[email protected]/selenium/webdriver/remote/client_config.py:147
            return os.environ.get(
                "https_proxy" if self.remote_server_addr.startswith("https://") else "http_proxy",
                os.environ.get("HTTPS_PROXY" if self.remote_server_addr.startswith("https://") else "HTTP_PROXY"),
            )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9f60673eba17f6de Environment-variable access.
pkgs/python/[email protected]/selenium/webdriver/remote/client_config.py:149
                os.environ.get("HTTPS_PROXY" if self.remote_server_addr.startswith("https://") else "HTTP_PROXY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7afc4b9dc8ac1723 Environment-variable access.
pkgs/python/[email protected]/selenium/webdriver/remote/remote_connection.py:156
    _ca_certs = os.getenv("REQUESTS_CA_BUNDLE") if "REQUESTS_CA_BUNDLE" in os.environ else certifi.where()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #0f646678fec1b590 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/selenium/webdriver/remote/remote_connection.py:431
            response = self._conn.request(method, url, body=body, headers=headers, timeout=self._client_config.timeout)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #a3481daf07f9afc6 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/selenium/webdriver/remote/remote_connection.py:436
                response = http.request(method, url, body=body, headers=headers, timeout=self._client_config.timeout)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #c5cac98aab78fb71 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/selenium/webdriver/remote/server.py:163
                urllib.request.urlopen(self.status_url)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #f99c589623053a0f Filesystem access.
pkgs/python/[email protected]/selenium/webdriver/remote/webdriver.py:958
            with open(filename, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #eb3628155cd0e2b5 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/selenium/webdriver/remote/webdriver.py:1439
        res = http.request("GET", f"http://{debugger_address}/json/version")

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #9f3b598abdd3515e Filesystem access.
pkgs/python/[email protected]/selenium/webdriver/remote/webdriver.py:1573
            with open(zip_file, "wb") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #181341c3fee76007 Filesystem access.
pkgs/python/[email protected]/selenium/webdriver/remote/webelement.py:457
            with open(filename, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

serpapi

python dependency
expand_more 1 low-confidence finding(s)
low env_fs dependency Excluded from app score #5d9ab0dc93bbff5a Environment-variable access.
pkgs/python/[email protected]/serpapi/utils.py:5
    return os.getenv("SERP_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

snowflake-sqlalchemy

python dependency
expand_more 2 low-confidence finding(s)
low env_fs dependency Excluded from app score #ccfebc279457a810 Filesystem access.
pkgs/python/[email protected]/snyk/update_requirements.py:7
    pyproject = tomlkit.loads(Path("pyproject.toml").read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6fad28c27b8a2c47 Environment-variable access.
pkgs/python/[email protected]/src/snowflake/sqlalchemy/util.py:206
    value = os.environ.get(SNOWFLAKE_SQLALCHEMY_LEGACY_URL_PARAMS, "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

sqlalchemy

python dependency
expand_more 29 low-confidence finding(s)
low egress dependency Excluded from app score #df08a5e66a86b149 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/lib/sqlalchemy/pool/impl.py:145
            self._pool.put(record, False)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling reachable #b09c9a4c20580131 Filesystem access.
pkgs/python/[email protected]/lib/sqlalchemy/testing/fixtures/mypy.py:42
            with open(
                Path(cachedir) / "sqla_mypy_config.cfg", "w"
            ) as config_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #486dbf43f52fce90 Filesystem access.
pkgs/python/[email protected]/lib/sqlalchemy/testing/fixtures/mypy.py:56
            with open(
                Path(cachedir) / "plain_mypy_config.cfg", "w"
            ) as config_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #9969906e9c4e6965 Environment-variable access.
pkgs/python/[email protected]/lib/sqlalchemy/testing/fixtures/mypy.py:106
            os.environ.pop("MYPY_FORCE_COLOR", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #681654f1a27b4e01 Filesystem access.
pkgs/python/[email protected]/lib/sqlalchemy/testing/fixtures/mypy.py:146
        with open(path) as file_:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1af1189a110b81f2 Environment-variable access.
pkgs/python/[email protected]/lib/sqlalchemy/testing/plugin/plugin_base.py:398
    if os.environ.get("REQUIRE_SQLALCHEMY_CEXT", "0") == "1":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a04dcce12bebaa24 Filesystem access.
pkgs/python/[email protected]/lib/sqlalchemy/testing/plugin/plugin_base.py:455
            with open(options.write_idents, "a") as file_:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #23966567f5beb033 Environment-variable access.
pkgs/python/[email protected]/lib/sqlalchemy/testing/plugin/pytestplugin.py:880
        return os.environ.get("PYTEST_CURRENT_TEST")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f08cd4af03e95746 Filesystem access.
pkgs/python/[email protected]/lib/sqlalchemy/testing/profiling.py:200
            profile_f = open(self.fname)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1247ceeb0a613794 Filesystem access.
pkgs/python/[email protected]/lib/sqlalchemy/testing/profiling.py:219
        profile_f = open(self.fname, "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c47acf92b35de05c Filesystem access.
pkgs/python/[email protected]/lib/sqlalchemy/testing/provision.py:453
    with open(idents_file) as file_:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4fd3c04bc0d91584 Environment-variable access.
pkgs/python/[email protected]/lib/sqlalchemy/util/_has_cy.py:27
    if os.environ.get("DISABLE_SQLALCHEMY_CEXT_RUNTIME"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a5ea3ede4e2fc1cc Filesystem access.
pkgs/python/[email protected]/lib/sqlalchemy/util/tool_support.py:134
            Path(destination_path).write_text(
                text, encoding="utf-8", newline="\n"
            )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7b2f3e1693a5a798 Filesystem access.
pkgs/python/[email protected]/lib/sqlalchemy/util/tool_support.py:146
            with open(tempfile) as tf:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b847fdbfa700713c Filesystem access.
pkgs/python/[email protected]/lib/sqlalchemy/util/tool_support.py:162
            with open(source_file, encoding="utf-8") as tf:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8029e0399de77177 Filesystem access.
pkgs/python/[email protected]/lib/sqlalchemy/util/tool_support.py:169
        with open(destination_path, encoding="utf-8") as dp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fa42ae3ea4d32a67 Environment-variable access.
pkgs/python/[email protected]/noxfile.py:95
    cmd.extend(os.environ.get(dburl_env, default_dburl).split())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6a23e4e22afa76f2 Environment-variable access.
pkgs/python/[email protected]/noxfile.py:106
    env_dbdrivers = os.environ.get(extra_driver_env, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f05cee5c33c6ad9f Environment-variable access.
pkgs/python/[email protected]/noxfile.py:269
    cmd.extend(os.environ.get("TOX_WORKERS", "-n4").split())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #edb188350c1a7e68 Environment-variable access.
pkgs/python/[email protected]/setup.py:23
DISABLE_EXTENSION = bool(os.environ.get("DISABLE_SQLALCHEMY_CEXT"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #57a4a6750a2edf37 Environment-variable access.
pkgs/python/[email protected]/setup.py:24
REQUIRE_EXTENSION = bool(os.environ.get("REQUIRE_SQLALCHEMY_CEXT"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #53c9d68d5b0ecace Filesystem access.
pkgs/python/[email protected]/tools/format_docs_code.py:155
    original = file.read_text("utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #2dad1ec09b85ffb7 Filesystem access.
pkgs/python/[email protected]/tools/format_docs_code.py:313
                file.write_text(updated, "utf-8", newline="\n")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #39849eb8f1ab191f Filesystem access.
pkgs/python/[email protected]/tools/generate_proxy_methods.py:145
    with open(fn.__code__.co_filename) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #70b9f63bb10a331a Filesystem access.
pkgs/python/[email protected]/tools/generate_proxy_methods.py:373
        open(filename) as orig_py,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #9fd874645afd57fc Filesystem access.
pkgs/python/[email protected]/tools/generate_sql_functions.py:38
        open(filename) as orig_py,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #08df506c10f2659c Filesystem access.
pkgs/python/[email protected]/tools/generate_tuple_map_overloads.py:53
        open(filename) as orig_py,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #99723a1bb286cb02 Filesystem access.
pkgs/python/[email protected]/tools/normalize_file_headers.py:27
    content = file.read_text("utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #821718c36a139fa7 Filesystem access.
pkgs/python/[email protected]/tools/sync_test_files.py:35
    source_data = Path(source).read_text().replace(remove_str, "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

tiktoken

python dependency
expand_more 16 low-confidence finding(s)
low env_fs tooling reachable #37d4dfa534b869a5 Environment-variable access.
pkgs/python/[email protected]/scripts/benchmark.py:16
    num_threads = int(os.environ["RAYON_NUM_THREADS"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #83ff146905f41413 Filesystem access.
pkgs/python/[email protected]/scripts/redact.py:11
    text = path.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #2859198d3f9b4afb Filesystem access.
pkgs/python/[email protected]/scripts/redact.py:35
            path.write_text(redacted_text)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling reachable #02ab3f9542a579c4 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/scripts/wheel_download.py:13
    response = requests.get(artifacts_url, headers=headers)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress tooling reachable #e796ea222ee8ff64 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/scripts/wheel_download.py:31
        response = requests.get(download_url, headers=headers, stream=True)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling reachable #6481e7a5644e0326 Filesystem access.
pkgs/python/[email protected]/scripts/wheel_download.py:35
        with open(temp_zip, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #93096522c61a4448 Filesystem access.
pkgs/python/[email protected]/tiktoken/_educational.py:212
    with open(__file__) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bc33ae12d5571be3 Filesystem access.
pkgs/python/[email protected]/tiktoken/load.py:10
        with open(blobpath, "rb", buffering=0) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #a524af30f02632cf Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/tiktoken/load.py:17
        resp = requests.get(blobpath)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #fb1cc9e104544032 Filesystem access.
pkgs/python/[email protected]/tiktoken/load.py:27
    return blobfile.read_bytes(blobpath)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #82cf48efcfec6112 Environment-variable access.
pkgs/python/[email protected]/tiktoken/load.py:37
    if "TIKTOKEN_CACHE_DIR" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7abc73c4e527d40e Environment-variable access.
pkgs/python/[email protected]/tiktoken/load.py:38
        cache_dir = os.environ["TIKTOKEN_CACHE_DIR"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e40b9f9d725667ab Environment-variable access.
pkgs/python/[email protected]/tiktoken/load.py:39
    elif "DATA_GYM_CACHE_DIR" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ce9df89590e70066 Environment-variable access.
pkgs/python/[email protected]/tiktoken/load.py:40
        cache_dir = os.environ["DATA_GYM_CACHE_DIR"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d81367b3d3185451 Filesystem access.
pkgs/python/[email protected]/tiktoken/load.py:55
        with open(cache_path, "rb", buffering=0) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c319c4e1bb972837 Filesystem access.
pkgs/python/[email protected]/tiktoken/load.py:78
        with open(tmp_filename, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

tokenizers

python dependency
expand_more 12 low-confidence finding(s)
low env_fs dependency Excluded from app score #36b5ff6478f978c7 Environment-variable access.
pkgs/python/[email protected]/bindings/python/benches/test_tiktoken.py:29
    os.environ["RAYON_NUM_THREADS"] = str(num_threads)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #077ba4158c32107a Filesystem access.
pkgs/python/[email protected]/bindings/python/examples/example.py:29
    with open(args.file, "r") as fp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #c8aaf3c1c08c8ed1 Filesystem access.
pkgs/python/[email protected]/bindings/python/scripts/convert.py:52
    m.ParseFromString(open(filename, "rb").read())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #c1c0ff45285991c1 Filesystem access.
pkgs/python/[email protected]/bindings/python/scripts/convert.py:342
    with open(filename, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #ebd4ec6ccb17ed54 Filesystem access.
pkgs/python/[email protected]/bindings/python/scripts/sentencepiece_extractor.py:61
        with open(self._model, "r") as model_f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling reachable #508c8f742518184e Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/bindings/python/scripts/sentencepiece_extractor.py:121
                response = get(args.model, allow_redirects=True)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling reachable #f116c1505cf41d1d Filesystem access.
pkgs/python/[email protected]/bindings/python/scripts/sentencepiece_extractor.py:134
        with open(args.vocab_output_path, "w") as vocab_f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #c3d8063ccb0be2d4 Filesystem access.
pkgs/python/[email protected]/bindings/python/scripts/sentencepiece_extractor.py:135
            with open(args.merges_output_path, "w") as merges_f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #3362a5e4f711e641 Filesystem access.
pkgs/python/[email protected]/bindings/python/scripts/spm_parity_check.py:99
    with open(args.input_file, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #0f21c1784d8b5d59 Filesystem access.
pkgs/python/[email protected]/bindings/python/scripts/spm_parity_check.py:226
    with open(args.input_file, "r", encoding="utf-8-sig") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #60f1588b725cecaf Filesystem access.
pkgs/python/[email protected]/py_src/tokenizers/implementations/sentencepiece_unigram.py:160
        m.ParseFromString(open(filename, "rb").read())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #3e82b689da852e54 Filesystem access.
pkgs/python/[email protected]/py_src/tokenizers/tools/visualizer.py:12
with open(css_filename) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

unstructured

python dependency
expand_more 83 low-confidence finding(s)
low env_fs dependency Excluded from app score #2ff7de429c2e441f Environment-variable access.
pkgs/python/[email protected]/unstructured/embed/mixedbreadai.py:35
        default_factory=lambda: SecretStr(os.environ.get("MXBAI_API_KEY")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #83367397fe0cb162 Environment-variable access.
pkgs/python/[email protected]/unstructured/embed/vertexai.py:28
        os.environ["GOOGLE_APPLICATION_CREDENTIALS"] = application_credentials_path

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8e0f9356195a04e6 Filesystem access.
pkgs/python/[email protected]/unstructured/file_utils/encoding.py:67
        with open(filename, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d9a2735401d2c56b Filesystem access.
pkgs/python/[email protected]/unstructured/file_utils/encoding.py:83
                    with open(filename, encoding=enc) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f2796ec6ca1650da Filesystem access.
pkgs/python/[email protected]/unstructured/file_utils/encoding.py:127
            with open(filename, encoding=formatted_encoding) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c11efb6d47c7b54e Filesystem access.
pkgs/python/[email protected]/unstructured/file_utils/file_conversion.py:72
            with open(tmp_file_path, "wb") as tmp_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9260540d2e1ec4e6 Filesystem access.
pkgs/python/[email protected]/unstructured/file_utils/filetype.py:528
            with open(self.file_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c001cc98f44ad858 Filesystem access.
pkgs/python/[email protected]/unstructured/file_utils/filetype.py:592
            with open(file_path, encoding=self.encoding) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f7e2b4669ed33e3d Filesystem access.
pkgs/python/[email protected]/unstructured/file_utils/filetype.py:596
            with open(file_path, encoding=encoding) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #67d061b51ac77f6c Filesystem access.
pkgs/python/[email protected]/unstructured/file_utils/filetype.py:615
            with open(file_path, encoding=self.encoding) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a24a4370fea1e961 Filesystem access.
pkgs/python/[email protected]/unstructured/file_utils/filetype.py:621
            with open(file_path, encoding=encoding) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #11f0efb844ee968b Environment-variable access.
pkgs/python/[email protected]/unstructured/metrics/evaluate.py:163
        max_processors = int(os.environ.get("MAX_PROCESSES", os.cpu_count()))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #43db391030dfda74 Filesystem access.
pkgs/python/[email protected]/unstructured/metrics/evaluate.py:847
            with open(gt_file_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3c6de3d69ddb0320 Filesystem access.
pkgs/python/[email protected]/unstructured/metrics/object_detection.py:101
        with open(prediction_file_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #38229d2ad7bd3d8f Filesystem access.
pkgs/python/[email protected]/unstructured/metrics/object_detection.py:103
        with open(ground_truth_file_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #385a6db2998dbefc Filesystem access.
pkgs/python/[email protected]/unstructured/metrics/table/table_eval.py:216
        with open(prediction_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #268c3849c63170ed Filesystem access.
pkgs/python/[email protected]/unstructured/metrics/table/table_eval.py:218
        with open(ground_truth_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7a0580d56d6c5844 Filesystem access.
pkgs/python/[email protected]/unstructured/metrics/utils.py:243
        with open(path, errors="ignore") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #38ca7c29a60b3e02 Filesystem access.
pkgs/python/[email protected]/unstructured/nlp/english_words.py:12
with open(ENGLISH_WORDS_FILE) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #3e7e7e9658838993 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/unstructured/nlp/tokenize.py:42
        with urllib.request.urlopen(url, timeout=_DOWNLOAD_TIMEOUT_SECONDS) as resp:

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #618c815716dc8b16 Filesystem access.
pkgs/python/[email protected]/unstructured/nlp/tokenize.py:43
            with open(dest, "wb") as out:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7df1052b90b17ad0 Filesystem access.
pkgs/python/[email protected]/unstructured/nlp/tokenize.py:64
        with open(whl_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3645d400742b099a Filesystem access.
pkgs/python/[email protected]/unstructured/partition/api.py:100
        with open(filename, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #17d3437e1b06df06 Filesystem access.
pkgs/python/[email protected]/unstructured/partition/api.py:290
            files = [stack.enter_context(open(f, "rb")) for f in filenames]  # type: ignore

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #70cf18371b38d3d0 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/unstructured/partition/api.py:298
            response = requests.post(
                api_url,
                headers=headers,
                data=request_kwargs,
                files=_files,  # type: ignore
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #37b85dbe411e8f65 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/unstructured/partition/api.py:320
        response = requests.post(
            api_url,
            headers=headers,
            data=request_kwargs,
            files=_files,  # type: ignore
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #70c2b7e65111241e Filesystem access.
pkgs/python/[email protected]/unstructured/partition/common/common.py:389
        with open(file.name, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0428f19664f8e80e Filesystem access.
pkgs/python/[email protected]/unstructured/partition/csv.py:173
            with open(self._file_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1ac35107a176bb75 Filesystem access.
pkgs/python/[email protected]/unstructured/partition/doc.py:69
            with open(source_file_path, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3e151625a3b236c4 Filesystem access.
pkgs/python/[email protected]/unstructured/partition/email.py:228
            with open(self._file_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9012657402918345 Filesystem access.
pkgs/python/[email protected]/unstructured/partition/json.py:58
        with open(filename, encoding="utf8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3f5d7aba1e69c030 Environment-variable access.
pkgs/python/[email protected]/unstructured/partition/model_init.py:11
    supported_model = os.environ.get("UNSTRUCTURED_HI_RES_SUPPORTED_MODEL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3c4da664184b8e1f Environment-variable access.
pkgs/python/[email protected]/unstructured/partition/model_init.py:16
    get_model(os.environ.get("UNSTRUCTURED_HI_RES_MODEL_NAME"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5eeb11c6378fc1a5 Filesystem access.
pkgs/python/[email protected]/unstructured/partition/msg.py:260
            with open(detached_file_path, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7975bf466f5d62bf Filesystem access.
pkgs/python/[email protected]/unstructured/partition/ndjson.py:59
        with open(filename, encoding="utf8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e215b79f22aa16c4 Filesystem access.
pkgs/python/[email protected]/unstructured/partition/odt.py:95
        with open(source_file_path, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5ac16607a84c5730 Environment-variable access.
pkgs/python/[email protected]/unstructured/partition/odt.py:117
        allow_no_sandbox = os.environ.get("ALLOW_PANDOC_NO_SANDBOX", "").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f118c12e2a0edeeb Environment-variable access.
pkgs/python/[email protected]/unstructured/partition/pdf.py:122
    return os.environ.get("UNSTRUCTURED_HI_RES_MODEL_NAME", DEFAULT_MODEL)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #42579b0d344473ea Filesystem access.
pkgs/python/[email protected]/unstructured/partition/pdf_image/analysis/layout_dump.py:202
            with open(analysis_save_dir / f"{dumper.layout_source}.json", "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4e6c0e38ec7d21a0 Filesystem access.
pkgs/python/[email protected]/unstructured/partition/pdf_image/analysis/tools.py:159
        with open(analysis_dump_filename) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #99faa91e2e08aa32 Filesystem access.
pkgs/python/[email protected]/unstructured/partition/pdf_image/ocr.py:83
        with open(tmp_file_path, "wb") as tmp_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d88b000b854dde59 Filesystem access.
pkgs/python/[email protected]/unstructured/partition/pdf_image/pdf_image_utils.py:160
                with open(tmp_file_path, "wb") as tmp_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fee6849eab4230e2 Environment-variable access.
pkgs/python/[email protected]/unstructured/partition/pdf_image/pdfminer_processing.py:873
    memory_cap_in_gb = float(os.getenv("UNST_MATMUL_MEMORY_CAP_IN_GB", 1))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dd02105ffa16f74d Filesystem access.
pkgs/python/[email protected]/unstructured/partition/pdf_image/pdfminer_utils.py:522
                    page = next(PDFPage.get_pages(open(tmp_file_path, "rb")))  # noqa: SIM115

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7cf60e63901146c5 Filesystem access.
pkgs/python/[email protected]/unstructured/partition/pdf_image/pdfminer_utils.py:532
            pages = PDFPage.get_pages(open(tmp_file_path, "rb"))  # noqa: SIM115

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #23e5c9c506fda742 Filesystem access.
pkgs/python/[email protected]/unstructured/partition/ppt.py:50
            with open(tmp_file_path, "wb") as tmp_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #724d7dcd07685894 Environment-variable access.
pkgs/python/[email protected]/unstructured/partition/text_type.py:54
    _language_checks = os.environ.get("UNSTRUCTURED_LANGUAGE_CHECKS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #34340fd1baffa4b6 Environment-variable access.
pkgs/python/[email protected]/unstructured/partition/text_type.py:72
        os.environ.get("UNSTRUCTURED_NARRATIVE_TEXT_CAP_THRESHOLD", cap_threshold),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #897d3c4d03de6326 Environment-variable access.
pkgs/python/[email protected]/unstructured/partition/text_type.py:79
        os.environ.get("UNSTRUCTURED_NARRATIVE_TEXT_NON_ALPHA_THRESHOLD", non_alpha_threshold),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f3102b672c07ea21 Environment-variable access.
pkgs/python/[email protected]/unstructured/partition/text_type.py:117
    _language_checks = os.environ.get("UNSTRUCTURED_LANGUAGE_CHECKS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2d138f40c0b80b0f Environment-variable access.
pkgs/python/[email protected]/unstructured/partition/text_type.py:129
        os.environ.get("UNSTRUCTURED_TITLE_MAX_WORD_LENGTH", title_max_word_length),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #81845b319cff2ff9 Environment-variable access.
pkgs/python/[email protected]/unstructured/partition/text_type.py:137
        os.environ.get("UNSTRUCTURED_TITLE_NON_ALPHA_THRESHOLD", non_alpha_threshold),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6af204d3f6aa06a7 Environment-variable access.
pkgs/python/[email protected]/unstructured/partition/utils/config.py:36
        return os.environ.get(var, default_value)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7b7a79137ce13b8e Environment-variable access.
pkgs/python/[email protected]/unstructured/partition/utils/config.py:157
        if "WHISPER_FP16" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8a754d7629892721 Environment-variable access.
pkgs/python/[email protected]/unstructured/partition/utils/constants.py:37
OCR_AGENT_MODULES_WHITELIST = os.getenv(
    "OCR_AGENT_MODULES_WHITELIST",
    "unstructured.partition.utils.ocr_models.tesseract_ocr,"
    "unstructured.partition.utils.ocr_models.paddle_ocr,"
    "unstructured.partition.utils.ocr_models.google_vision_ocr",
).split(",")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7d9f6f32c181e9af Environment-variable access.
pkgs/python/[email protected]/unstructured/partition/utils/constants.py:48
STT_AGENT_MODULES_WHITELIST = os.getenv(
    "STT_AGENT_MODULES_WHITELIST",
    "unstructured.partition.utils.speech_to_text.whisper_stt",
).split(",")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9ed4f21bc4c138eb Environment-variable access.
pkgs/python/[email protected]/unstructured/partition/utils/constants.py:53
UNSTRUCTURED_INCLUDE_DEBUG_METADATA = os.getenv("UNSTRUCTURED_INCLUDE_DEBUG_METADATA", False)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8b2e8fb3e8184437 Environment-variable access.
pkgs/python/[email protected]/unstructured/partition/utils/ocr_models/tesseract_ocr.py:32
if "OMP_THREAD_LIMIT" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b3be7283be1d370a Environment-variable access.
pkgs/python/[email protected]/unstructured/partition/utils/ocr_models/tesseract_ocr.py:33
    os.environ["OMP_THREAD_LIMIT"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d4b7af8bcd7729a3 Environment-variable access.
pkgs/python/[email protected]/unstructured/partition/utils/sorting.py:125
        os.environ.get("UNSTRUCTURED_XY_CUT_BBOX_SHRINK_FACTOR", shrink_factor),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f8462958e7d44b21 Environment-variable access.
pkgs/python/[email protected]/unstructured/partition/utils/sorting.py:128
    xy_cut_primary_direction = os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c07b9eb84550cb63 Environment-variable access.
pkgs/python/[email protected]/unstructured/partition/utils/sorting.py:128
    xy_cut_primary_direction = os.environ.get(
        "UNSTRUCTURED_XY_CUT_PRIMARY_DIRECTION",
        xy_cut_primary_direction,
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0a6ea55d77ed6e23 Environment-variable access.
pkgs/python/[email protected]/unstructured/partition/utils/sorting.py:245
            os.environ.get("UNSTRUCTURED_XY_CUT_BBOX_SHRINK_FACTOR", shrink_factor),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e7d3026f427d1b38 Environment-variable access.
pkgs/python/[email protected]/unstructured/partition/utils/sorting.py:248
        xy_cut_primary_direction = os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #33028a4fa7d21b35 Environment-variable access.
pkgs/python/[email protected]/unstructured/partition/utils/sorting.py:248
        xy_cut_primary_direction = os.environ.get(
            "UNSTRUCTURED_XY_CUT_PRIMARY_DIRECTION",
            xy_cut_primary_direction,
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c47865db8bbbd50f Filesystem access.
pkgs/python/[email protected]/unstructured/partition/xlsx.py:210
            with open(self._file_path, "rb") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fb019ff5ae192105 Environment-variable access.
pkgs/python/[email protected]/unstructured/safe_http.py:68
    return os.environ.get(_ENV_VAR, "").strip().lower() in _TRUTHY_ENV_VALUES

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #86af669c4ff8917c Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/unstructured/safe_http.py:400
            response = session.get(url, **kwargs)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #8d8df5923d445365 Filesystem access.
pkgs/python/[email protected]/unstructured/staging/base.py:230
        with open(filename, encoding=encoding) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9ff20dcb3ffb83e5 Filesystem access.
pkgs/python/[email protected]/unstructured/staging/base.py:347
        with open(filename, "w", encoding=encoding) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c57cfea04f17496b Filesystem access.
pkgs/python/[email protected]/unstructured/staging/base.py:423
            with open(filename, "w", encoding=encoding) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ccb55af02e117e16 Filesystem access.
pkgs/python/[email protected]/unstructured/staging/base.py:452
        with open(filename, "w", encoding=encoding) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #74e03cbf1fa83e84 Filesystem access.
pkgs/python/[email protected]/unstructured/staging/base.py:475
        with open(filename, "w", encoding=encoding) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a0b10476657d4e3b Filesystem access.
pkgs/python/[email protected]/unstructured/staging/base.py:544
        with open(filename, "w", encoding=encoding) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #556a1d5f349332e3 Filesystem access.
pkgs/python/[email protected]/unstructured/staging/label_box.py:85
        with open(output_filepath, "w+") as output_text_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #49b537970fdf59ca Filesystem access.
pkgs/python/[email protected]/unstructured/utils.py:71
    with open(filename, "w+") as output_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0fa0ba530e48937a Filesystem access.
pkgs/python/[email protected]/unstructured/utils.py:76
    with open(filename) as input_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7d933e2a62870ded Environment-variable access.
pkgs/python/[email protected]/unstructured/utils.py:168
    return bool((os.getenv("DO_NOT_TRACK") or "").strip()) or bool(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3960bd60afd53a90 Environment-variable access.
pkgs/python/[email protected]/unstructured/utils.py:169
        (os.getenv("SCARF_NO_ANALYTICS") or "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #14949faa9126699b Environment-variable access.
pkgs/python/[email protected]/unstructured/utils.py:175
    return (os.getenv("UNSTRUCTURED_TELEMETRY_ENABLED") or "").strip().lower() in (

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #2bea2dbdc7dd795f Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/unstructured/utils.py:199
        requests.get(
            "https://packages.unstructured.io/python-telemetry",
            params={
                "version": __version__,
                "platform": platform.system(),
                "python": python_version,
                "arch": platform.machine(),
                "gpu": str(gpu_present),
                "dev": str("dev" in __version__).lower(),
            },
            timeout=10,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #9eeab209ab55398d Filesystem access.
pkgs/python/[email protected]/unstructured/utils.py:696
            with open(self.file_path) as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f0ca9958d2925273 Filesystem access.
pkgs/python/[email protected]/unstructured/utils.py:702
            with open(self.file_path, "w") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

voyageai

python dependency
expand_more 10 low-confidence finding(s)
low env_fs dependency Excluded from app score #61fa10fd2dad048c Filesystem access.
pkgs/python/[email protected]/voyageai/_base.py:34
        with open(config_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #d7ed90a87d52801e Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/voyageai/api_resources/api_requestor.py:300
            result = _thread_context.session.request(
                method,
                abs_url,
                headers=headers,
                data=data,
                files=files,
                stream=stream,
                timeout=request_timeout if request_timeout else TIMEOUT_SECS,
                proxies=_thread_context.session.proxies,
            )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #a7feda34fe7cde6f Environment-variable access.
pkgs/python/[email protected]/voyageai/util.py:13
VOYAGE_LOG = os.environ.get("VOYAGE_LOG")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f5649d4d6f0e9416 Environment-variable access.
pkgs/python/[email protected]/voyageai/util.py:79
    api_key_path = voyageai.api_key_path or os.environ.get("VOYAGE_API_KEY_PATH")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7a9842fae51f05ea Environment-variable access.
pkgs/python/[email protected]/voyageai/util.py:80
    api_key = voyageai.api_key or os.environ.get("VOYAGE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ee8ebcbcb033bf95 Filesystem access.
pkgs/python/[email protected]/voyageai/util.py:84
        with open(api_key_path, "rt") as k:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c17b1c23228f2d7f Filesystem access.
pkgs/python/[email protected]/voyageai/video_utils.py:76
        with open(path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #565bac394f1ec24f Filesystem access.
pkgs/python/[email protected]/voyageai/video_utils.py:164
        with open(path, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7c53f4c66acded22 Filesystem access.
pkgs/python/[email protected]/voyageai/video_utils.py:176
        with open(video, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3eb6dfa6450f149d Filesystem access.
pkgs/python/[email protected]/voyageai/video_utils.py:604
        with open(out_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

weaviate-client

python dependency
expand_more 41 low-confidence finding(s)
low env_fs dependency Excluded from app score #45b2fe66a19faabc Environment-variable access.
pkgs/python/[email protected]/integration/conftest.py:358
        api_key = os.environ.get("OPENAI_APIKEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b9b11f653312fce9 Environment-variable access.
pkgs/python/[email protected]/integration/conftest.py:405
        api_key = os.environ.get("OPENAI_APIKEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #8cd2f025ac326ca3 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/integration/test_auth.py:26
    response = httpx.get("http://" + url + "/v1/.well-known/openid-configuration")

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #0fb6ef0746d36ff0 Environment-variable access.
pkgs/python/[email protected]/integration/test_auth.py:47
    client_secret = os.environ.get(env_variable_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b012ae1e0551efca Environment-variable access.
pkgs/python/[email protected]/integration/test_auth.py:101
    pw = os.environ.get(env_variable_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #e9b5f041c803f55c Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/integration/test_auth.py:143
    weaviate_open_id_config = httpx.get("http://" + url + "/v1/.well-known/openid-configuration")

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #6ca9773ccb2a0bbb Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/integration/test_auth.py:149
    response_auth = httpx.get(href)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #b3f37b8a2ddbfbb1 Environment-variable access.
pkgs/python/[email protected]/integration/test_auth.py:188
    pw = os.environ.get(env_variable_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8f095ffd097b5a4c Environment-variable access.
pkgs/python/[email protected]/integration/test_auth.py:207
    pw = os.environ.get("OKTA_DUMMY_CI_PW")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6a8be72550c29911 Environment-variable access.
pkgs/python/[email protected]/integration/test_client.py:700
    with mock.patch.dict(os.environ, {"PYPI_PACKAGE_URL": "http://does-not-exist"}):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #494b4acf5c520e9b Environment-variable access.
pkgs/python/[email protected]/integration/test_client.py:707
    with mock.patch.dict(os.environ, {"PYPI_PACKAGE_URL": "http://does-not-exist"}):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #80b4acc83649d1aa Environment-variable access.
pkgs/python/[email protected]/integration/test_collection_openai.py:584
    api_key = os.environ.get("COHERE_APIKEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #79ea34c59ace9dfb Environment-variable access.
pkgs/python/[email protected]/integration/test_collection_openai.py:750
    api_key = os.environ.get("CONTEXTUAL_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6a44bbef940d11d9 Environment-variable access.
pkgs/python/[email protected]/integration/test_collection_openai.py:794
    api_key = os.environ.get("CONTEXTUAL_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #90e5bb4161dc0269 Environment-variable access.
pkgs/python/[email protected]/integration/test_collection_openai.py:837
    contextual_api_key = os.environ.get("CONTEXTUAL_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4c50f5a32475b8af Environment-variable access.
pkgs/python/[email protected]/integration/test_collection_rerank.py:31
    api_key = os.environ.get("COHERE_APIKEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #40cfa826133efb1e Environment-variable access.
pkgs/python/[email protected]/integration/test_collection_rerank.py:85
    api_key = os.environ.get("COHERE_APIKEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2aef7462241a5458 Environment-variable access.
pkgs/python/[email protected]/integration/test_collection_rerank.py:145
    api_key = os.environ.get("CONTEXTUAL_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e18f39943409722f Environment-variable access.
pkgs/python/[email protected]/integration/test_vectors.py:866
    api_key = os.environ.get("JINAAI_APIKEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5e5b8c702c044af8 Filesystem access.
pkgs/python/[email protected]/profiling/test_shutdown.py:48
    with open("uuids.json", "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c420e77673dcff1b Filesystem access.
pkgs/python/[email protected]/profiling/test_sphere.py:33
        with open(sphere_file) as jsonl_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ebc30e841c187785 Filesystem access.
pkgs/python/[email protected]/profiling/test_sphere.py:82
        with open(sphere_file) as jsonl_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #511b1852872c6770 Filesystem access.
pkgs/python/[email protected]/tools/stubs.py:177
            with open(file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c45f6950faa5a4ae Environment-variable access.
pkgs/python/[email protected]/weaviate/__init__.py:50
os.environ["GRPC_VERBOSITY"] = "ERROR"  # https://github.com/danielmiessler/fabric/discussions/754

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #72c0c4851422dcc6 Environment-variable access.
pkgs/python/[email protected]/weaviate/collections/batch/base.py:61
    os.getenv("WEAVIATE_BATCH_MAX_RETRIES", "9.299")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #9c44471286a9139f Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/weaviate/connect/authentication.py:129
                    return resp(await client.get(self._open_id_config_url))

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #ca6400455f128f5f Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/weaviate/connect/authentication.py:137
            return resp(client.get(self._open_id_config_url))

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #1f7d21ce50f3aed0 Environment-variable access.
pkgs/python/[email protected]/weaviate/connect/base.py:202
    http_proxy = (os.environ.get("HTTP_PROXY"), os.environ.get("http_proxy"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a9f838d3ad9361c5 Environment-variable access.
pkgs/python/[email protected]/weaviate/connect/base.py:203
    https_proxy = (os.environ.get("HTTPS_PROXY"), os.environ.get("https_proxy"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8266f9e2d96dbd79 Environment-variable access.
pkgs/python/[email protected]/weaviate/connect/base.py:204
    grpc_proxy = (os.environ.get("GRPC_PROXY"), os.environ.get("grpc_proxy"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #8504dd9d40f37b90 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/weaviate/connect/v4.py:408
                        response = await client.get(oidc_url, timeout=self.timeout_config.init)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #110cbaa08dbe145c Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/weaviate/connect/v4.py:423
                response = client.get(oidc_url, timeout=self.timeout_config.init)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #170c6ac71736dfff Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/weaviate/connect/v4.py:753
                        res = await client.get(PYPI_PACKAGE_URL, timeout=self.timeout_config.init)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #1e74a01c819645cb Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/weaviate/connect/v4.py:762
                res = client.get(PYPI_PACKAGE_URL, timeout=self.timeout_config.init)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #19cbbdc35a378c21 Environment-variable access.
pkgs/python/[email protected]/weaviate/embedded.py:38
    persistence_data_path: str = os.environ.get("XDG_DATA_HOME", DEFAULT_PERSISTENCE_DATA_PATH)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7a381c1ba1bf285f Environment-variable access.
pkgs/python/[email protected]/weaviate/embedded.py:39
    binary_path: str = os.environ.get("XDG_CACHE_HOME", DEFAULT_BINARY_PATH)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #898c638694b1b3ff Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/weaviate/embedded.py:91
            response = httpx.get("https://api.github.com/repos/weaviate/weaviate/releases/latest")

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #75a17839d6e3e001 Environment-variable access.
pkgs/python/[email protected]/weaviate/embedded.py:205
        my_env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5100ab53820201c6 Environment-variable access.
pkgs/python/[email protected]/weaviate/logger.py:5
logger.setLevel(os.getenv("WEAVIATE_LOG_LEVEL", "INFO"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dffe935a1f0f06e7 Filesystem access.
pkgs/python/[email protected]/weaviate/util.py:83
        with open(image_or_image_path, "br") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6e0e8d9a3f17beec Filesystem access.
pkgs/python/[email protected]/weaviate/util.py:126
            file = open(file_or_file_path, "br")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

youtube-transcript-api

python dependency
expand_more 3 low-confidence finding(s)
low egress dependency Excluded from app score #4c03a504d1dea821 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/youtube_transcript_api/_transcripts.py:137
        response = self._http_client.get(self._url)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #2165bdce299d8ea2 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/youtube_transcript_api/_transcripts.py:442
        response = self._http_client.get(WATCH_URL.format(video_id=video_id))

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #f7b23d629ff76230 Outbound request to a variable or assembled URL on a network client. Review what data is sent to this destination.
pkgs/python/[email protected]/youtube_transcript_api/_transcripts.py:446
        response = self._http_client.post(
            INNERTUBE_API_URL.format(api_key=api_key),
            json={
                "context": INNERTUBE_CONTEXT,
                "videoId": video_id,
            },
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

Skipped dependencies

Production

  • instructor prod — sdist exceeds byte cap
  • lancedb prod — no sdist (wheels only)
  • docling prod — no python source in sdist
  • qdrant-edge-py prod — no sdist (wheels only)
  • pymupdf prod — sdist exceeds byte cap
  • spider-client prod — no sdist (wheels only)
  • playwright prod — no sdist (wheels only)
  • tomlkit prod — scan budget exceeded
  • pygithub prod — scan budget exceeded
  • rich prod — scan budget exceeded
  • Pillow prod — scan budget exceeded
  • pypdf prod — scan budget exceeded
  • python-magic prod — scan budget exceeded
  • tinytag prod — scan budget exceeded
  • av prod — scan budget exceeded
  • packaging prod — scan budget exceeded
  • uv prod — scan budget exceeded
  • textual prod — scan budget exceeded
  • certifi prod — scan budget exceeded