Advanced

Code Safety

When LLMs generate code that gets executed, security vulnerabilities can be introduced into your application. Learn to scan, sanitize, and sandbox AI-generated code.

Common Vulnerabilities in Generated Code

Vulnerability	Language	Example Pattern
SQL Injection	Python, JS, PHP	String concatenation in SQL queries
XSS	JavaScript, HTML	Unsanitized innerHTML or document.write
Command Injection	Python, Node.js	os.system() or exec() with user input
Path Traversal	Any	Unvalidated file paths with ../
Hardcoded Secrets	Any	API keys, passwords in source code
Insecure Deserialization	Python, Java	pickle.loads() or eval() on untrusted data

Static Analysis for Generated Code

Python - Code Safety Scanner

import re
from typing import List

class CodeSafetyScanner:
    DANGEROUS_PATTERNS = {
        "python": [
            (r"eval\s*\(", "Arbitrary code execution via eval()"),
            (r"exec\s*\(", "Arbitrary code execution via exec()"),
            (r"os\.system\s*\(", "Command injection via os.system()"),
            (r"subprocess\.call.*shell\s*=\s*True",
             "Shell injection via subprocess"),
            (r"pickle\.loads?\s*\(", "Insecure deserialization"),
            (r"__import__\s*\(", "Dynamic import (potential code injection)"),
        ],
        "javascript": [
            (r"eval\s*\(", "Arbitrary code execution via eval()"),
            (r"innerHTML\s*=", "Potential XSS via innerHTML"),
            (r"document\.write\s*\(", "Potential XSS via document.write"),
            (r"child_process", "Command execution risk"),
        ],
        "sql": [
            (r"['\"]?\s*\+\s*\w+", "String concatenation in SQL (injection risk)"),
            (r"f['\"].*\{.*\}.*WHERE", "F-string in SQL query"),
        ],
    }

    def scan(self, code: str, language: str) -> List[dict]:
        findings = []
        patterns = self.DANGEROUS_PATTERNS.get(language, [])
        for pattern, description in patterns:
            matches = re.finditer(pattern, code)
            for match in matches:
                findings.append({
                    "pattern": description,
                    "location": match.start(),
                    "snippet": code[max(0,match.start()-20):match.end()+20]
                })
        return findings

Sandboxing Generated Code

When AI-generated code must be executed, sandboxing limits the damage from any vulnerabilities:

Container Isolation

Run generated code in Docker containers with restricted capabilities, no network access, limited CPU/memory, and read-only file systems.

Language-Level Sandboxing

Use restricted execution environments like Python's RestrictedPython, Deno's permissions model, or WebAssembly for safe code execution.

Time and Resource Limits

Set strict timeouts (5-30 seconds), memory limits (256MB), and CPU quotas to prevent denial-of-service through infinite loops or memory bombs.

Output Validation

Validate the output of executed code before returning it. Check for unexpected file creation, network connections, or process spawning.

Safe Alternatives to Dangerous Functions

Dangerous	Safe Alternative	Language
`eval()`	`ast.literal_eval()` or JSON parsing	Python
`os.system()`	`subprocess.run()` with list args	Python
String concatenation SQL	Parameterized queries	Any
`innerHTML`	`textContent` or DOMPurify	JavaScript
`pickle.loads()`	`json.loads()`	Python

✅

Defense strategy: Apply the principle of least privilege. Never execute AI-generated code with the same permissions as your application. Always scan first, sandbox second, and validate outputs third. For high-risk scenarios, require human review before execution.

← Previous Content Moderation Next → Best Practices