Skip to content

suspicious-subprocess-import (S404)#

Derived from the flake8-bandit linter.

This rule is unstable and in preview. The --preview flag is required for use.

What it does#

Checks for imports of the subprocess module.

Why is this bad?#

It is possible to inject malicious commands into subprocess calls. Consider possible security implications associated with this module.


import subprocess