{"library":"bandit","code":"# Save this as vulnerable_app.py\nimport os\nimport subprocess\n\ndef execute_command(command_str):\n    # B602: subprocess_popen_with_shell_equals_true - High severity, high confidence\n    subprocess.call(command_str, shell=True) \n\ndef process_user_input(user_input):\n    # B307: eval - High severity, high confidence\n    eval(user_input)\n\nif __name__ == \"__main__\":\n    print(\"Creating a dummy vulnerable file for Bandit scan.\")\n    with open(\"dummy_code.py\", \"w\") as f:\n        f.write(\"import subprocess\\n\")\n        f.write(\"command = os.environ.get('UNSAFE_COMMAND', 'ls -l')\\n\")\n        f.write(\"subprocess.call(command, shell=True)\\n\")\n\n    print(\"Now run Bandit from your terminal:\")\n    print(\"bandit -r .\\n\")\n    print(\"Or specifically on the dummy file:\")\n    print(\"bandit dummy_code.py\\n\")\n    print(\"Example output will show security issues like B602.\")\n\n# To clean up after running:\n# os.remove(\"dummy_code.py\")\n","lang":"python","description":"Bandit is primarily a command-line tool. To quickly scan your code for security issues, you first create a Python file, and then run Bandit against it. This example creates a dummy file with common vulnerabilities and instructs on how to run Bandit.","tag":null,"tag_description":null,"last_tested":"2026-04-24","results":[{"runtime":"python:3.10-alpine","exit_code":0},{"runtime":"python:3.10-slim","exit_code":0},{"runtime":"python:3.11-alpine","exit_code":0},{"runtime":"python:3.11-slim","exit_code":0},{"runtime":"python:3.12-alpine","exit_code":0},{"runtime":"python:3.12-slim","exit_code":0},{"runtime":"python:3.13-alpine","exit_code":0},{"runtime":"python:3.13-slim","exit_code":0},{"runtime":"python:3.9-alpine","exit_code":0},{"runtime":"python:3.9-slim","exit_code":0}]}