skills/claude-scientific-skills
1
0
Fork 0
mirror of https://github.com/K-Dense-AI/claude-scientific-skills.git synced 2026-01-26 16:58:56 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
a7221bb237df8c6a95e6f0e91c650ca250775e1f
claude-scientific-skills/scientific-skills/modal/references
History
marovole b6a6d698db fix(security): replace shell=True with safe subprocess patterns in documentation 
## Summary
Fix command injection vulnerabilities in documentation examples by replacing
shell=True with safe list-based subprocess calls.

## Changes

### alphafold-database/SKILL.md
- Replace shell=True with list-form subprocess.run()
- Add input validation for taxonomy_id parameter
- Add security warning note with link to Python docs

### modal/references/web-endpoints.md
- Replace shell=True with list-form subprocess.Popen()
- Add security warning note

## Security
These changes prevent potential command injection if users copy these examples
with untrusted input. The new patterns follow Python security best practices.
2026-01-08 15:05:30 +08:00
..
api_reference.md
Consolidate skills
2025-11-13 18:50:42 -08:00
examples.md
Consolidate skills
2025-11-13 18:50:42 -08:00
functions.md
Consolidate skills
2025-11-13 18:50:42 -08:00
getting-started.md
Consolidate skills
2025-11-13 18:50:42 -08:00
gpu.md
Consolidate skills
2025-11-13 18:50:42 -08:00
images.md
Consolidate skills
2025-11-13 18:50:42 -08:00
resources.md
Consolidate skills
2025-11-13 18:50:42 -08:00
scaling.md
Consolidate skills
2025-11-13 18:50:42 -08:00
scheduled-jobs.md
Consolidate skills
2025-11-13 18:50:42 -08:00
secrets.md
Consolidate skills
2025-11-13 18:50:42 -08:00
volumes.md
Consolidate skills
2025-11-13 18:50:42 -08:00
web-endpoints.md
fix(security): replace shell=True with safe subprocess patterns in documentation
2026-01-08 15:05:30 +08:00