>_
.issue.db
/highway-workflow-engine
Dashboard
Issues
Memory
Lessons
Audit Log
New Issue
Edit Issue #373
Update issue details
Title *
Description
variable_resolver.py:177-186 uses eval() with empty __builtins__ for condition evaluation. This is insufficient to prevent code injection. Malicious workflow definitions could execute arbitrary code. Fix: Implement safe expression parser using ast module or simpleeval library.
Priority
Low
Medium
High
Critical
Status
Open
In Progress
Closed
Won't Do
Due Date (YYYY-MM-DD)
Tags (comma separated)
Related Issues (IDs)
Enter IDs of issues related to this one. They will be linked as 'related'.
Update Issue
Cancel