jared/test-repo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Test PR for Heimdall #1

Closed
jared wants to merge 10 commits from test-heimdall into main
pull from: test-heimdall
merge into: jared:main
Conversation 0 Commits 10 Files Changed 1 +22
1 changed files with 22 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 2cd17d5a3b - Show all commits

22
app.py Normal file
View File

@@ -0,0 +1,22 @@
# A simple app with some issues for Heimdall to find
import os
import subprocess
def get_user_input():
query = input("Enter search: ")
# SQL injection vulnerability
result = db.execute(f"SELECT * FROM users WHERE name = '{query}'")
return result
def run_command(cmd):
# Command injection vulnerability
subprocess.call(cmd, shell=True)
# Hardcoded secret
API_KEY = "sk-1234567890abcdef"
def fetch_data():
# No error handling
response = requests.get(f"https://api.example.com?key={API_KEY}")
return response.json()