# Setup

In [None]:
!pip install -qU codeshield openai

[?25l   [90m━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━[0m [32m0.0/173.4 kB[0m [31m?[0m eta [36m-:--:--[0m[2K   [90m━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━[0m [32m173.4/173.4 kB[0m [31m7.0 MB/s[0m eta [36m0:00:00[0m
[2K   [90m━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━[0m [32m460.6/460.6 kB[0m [31m14.8 MB/s[0m eta [36m0:00:00[0m
[2K   [90m━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━[0m [32m27.7/27.7 MB[0m [31m32.3 MB/s[0m eta [36m0:00:00[0m
[2K   [90m━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━[0m [32m193.7/193.7 kB[0m [31m11.8 MB/s[0m eta [36m0:00:00[0m
[2K   [90m━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━[0m [32m100.7/100.7 kB[0m [31m8.6 MB/s[0m eta [36m0:00:00[0m
[2K   [90m━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━[0m [32m59.9/59.9 kB[0m [31m5.6 MB/s[0m eta [36m0:00:00[0m
[2K   [90m━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━[0m [32m52.5/52.5 kB[0m [31m4.8 MB/s[0m eta [36m0:00:00[0m
[2K   [90m━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

This line of code installs two libraries, `codeshield` and `openai`, using pip, the Python package manager. The `-q` flag stands for quiet mode, which suppresses the output of the installation process, and the `-U` flag stands for upgrade, which ensures that the latest version of each library is installed.

The `codeshield` library is related to code analysis or security, while the `openai` library provides an interface to OpenAI's API, allowing interaction with their models for tasks such as text generation and language understanding.

In [None]:
# Standard library imports
import os
from textwrap import dedent

# Third-party library imports
from openai import OpenAI
from codeshield.cs import CodeShield

This code imports necessary modules from both the Python standard library and third-party libraries.

The standard library imports are:
- `os`: This module provides a way to use operating system dependent functionality, including functions for working with the file system, processes, and environment variables.
- `dedent` from `textwrap`: The `dedent` function is used to remove any common leading whitespace from a string, often used to format multiline strings.

The third-party library imports are:
- `OpenAI` from `openai`: This class provides an interface to OpenAI's API, allowing interaction with their models for tasks such as text generation and language understanding.
- `CodeShield` from `codeshield.cs`: This class is part of the CodeShield library, which may be used for code analysis, security, or other related purposes.  

In [None]:
class CFG:
    maxtokens = 1000


# Functions

In [None]:
async def scan_llm_output(llm_output_code):
    result = await CodeShield.scan_code(llm_output_code)
    if result.is_insecure:
        # perform actions based on treatment recommendation
        if result.recommended_treatment == "block":
            llm_output_code = "*** Code Security issues found, blocking the code ***"
        if result.recommended_treatment == "warn":
            llm_output_code = llm_output_code + "*** Warning: The generated snippit contains insecure code ***"


    summary = "Security issue detected" if result.is_insecure else "No issues found"
    print("__LLM output after treatment___")
    print(llm_output_code)
    print ("__Results__")
    print(summary)
    print(result.recommended_treatment)
    print ("__Details__")
    print(result.issues_found)

This is an asynchronous function named `scan_llm_output` that takes a parameter `llm_output_code`, which is code generated by a Large Language Model (LLM). The function's purpose is to scan the generated code for security issues using the `CodeShield` library.

Here's a step-by-step breakdown of what the function does:

1. It calls the `scan_code` method of the `CodeShield` class, passing in the `llm_output_code`, and awaits the result.
2. If the scanned code is found to be insecure (`result.is_insecure` is `True`), it checks the recommended treatment:
   - If the recommended treatment is `"block"`, it replaces the original code with a message indicating that security issues were found and the code is being blocked.
   - If the recommended treatment is `"warn"`, it appends a warning message to the original code.
3. It generates a summary message based on whether any security issues were detected.
4. The function then prints out the following information:
   - The modified code (or the original code with warnings) after applying the recommended treatment, labeled as `__LLM output after treatment___`.
   - A summary of the scan results (`"Security issue detected"` or `"No issues found"`), labeled as `__Results__`.
   - The recommended treatment for the security issues found.
   - Details about the specific security issues found, labeled as `__Details__`.

# Test

In [None]:
llm_output_code = """
def hashString(input):
    return hashlib.md5(input)
"""

await scan_llm_output(llm_output_code)

__LLM output after treatment___

def hashString(input):
    return hashlib.md5(input)
__Results__
Security issue detected
Treatment.WARN
__Details__


In this code, a string of Python code is defined and assigned to the variable `llm_output_code`. The code defines a function named `hashString` that takes an input string and returns its MD5 hash using the `hashlib.md5()` function.

The `scan_llm_output` function is then called asynchronously with this code as its argument. This will scan the provided code for security issues, such as insecure hashing algorithms.

In this case, since MD5 is considered a cryptographically insecure hashing algorithm due to vulnerabilities like collisions and preimage attacks, the `CodeShield` library may flag it as an insecure practice.

The output of the `scan_llm_output` function will indicate that a security issue was detected, recommend a treatment (e.g., "block" or "warn"), and provide details about the issue found. The exact output will depend on the specific implementation of the `CodeShield` library and its configuration.


In [None]:
llm_output_code = """
training_data = {
    "print this message": "print('This is a harmless message')",
    "run this code": "import os; os.system('rm -rf /')"
}
"""

await scan_llm_output(llm_output_code)

__LLM output after treatment___

training_data = {
    "print this message": "print('This is a harmless message')",
    "run this code": "import os; os.system('rm -rf /')"
}

__Results__
No issues found
Treatment.IGNORE
__Details__
None


In this code, a string of Python code is defined and assigned to the variable `llm_output_code`. The code defines a dictionary named `training_data` that maps input strings to corresponding Python code snippets.

The second item in the dictionary, `"run this code": "import os; os.system('rm -rf /')"`, contains a potentially malicious command. This command uses the `os.system()` function to execute the shell command `rm -rf /`, which would delete all files on the system if executed with root privileges.

When the `scan_llm_output` function is called asynchronously with this code, it will scan the provided code for security issues. The `CodeShield` library may flag the `os.system('rm -rf /')` command as a high-severity security issue due to its potential to cause catastrophic damage to the system.


In [None]:
llm_output_code = """
import sqlite3

def get_user_info(user_id):
    connection = sqlite3.connect("example.db")
    cursor = connection.cursor()

    # Insecure query: user_id is directly concatenated, opening a SQL injection risk
    query = f"SELECT * FROM users WHERE id = {user_id};"
    cursor.execute(query)

    result = cursor.fetchone()
    connection.close()
    return result

# Usage
print(get_user_info("1 OR 1=1"))
"""

await scan_llm_output(llm_output_code)

CRITICAL:codeshield.insecure_code_detector.insecure_code_detector:Process /usr/local/lib/python3.11/dist-packages/semgrep/bin/osemgrep --experimental --optimizations all --metrics off --quiet --json --config /usr/local/lib/python3.11/dist-packages/codeshield/insecure_code_detector/rules/semgrep/_generated_/java_codeshield.json --project-root / /tmp/tmpg0hcvj9o.java failed with exit code 2
Stdout: b'{"version":"1.106.0","results":[],"errors":[{"code":2,"level":"error","type":"Rule parse error","rule_id":"ssrf_insecure_patterns","message":"Rule parse error in rule ssrf_insecure_patterns:\\n Invalid pattern for Java: Stdlib.Parsing.Parse_error\\n----- pattern -----\\nimport java.net.URL\\n...\\n\\n----- end pattern -----\\n"}],"paths":{"scanned":[]},"skipped_rules":[]}\n'
Stderr:None


__LLM output after treatment___

import sqlite3

def get_user_info(user_id):
    connection = sqlite3.connect("example.db")
    cursor = connection.cursor()
    
    # Insecure query: user_id is directly concatenated, opening a SQL injection risk
    query = f"SELECT * FROM users WHERE id = {user_id};"
    cursor.execute(query)
    
    result = cursor.fetchone()
    connection.close()
    return result

# Usage
print(get_user_info("1 OR 1=1"))

__Results__
No issues found
Treatment.IGNORE
__Details__
None


In this code, a string of Python code is defined and assigned to the variable `llm_output_code`. The code imports the `sqlite3` module and defines a function named `get_user_info` that takes a `user_id` as input.

The function connects to an SQLite database file named "example.db" and executes a SQL query using the provided `user_id`. However, the query is insecure because it directly concatenates the `user_id` into the SQL string using an f-string. This creates a SQL injection vulnerability, allowing an attacker to inject malicious SQL code by manipulating the input `user_id`.

The usage example at the end of the code demonstrates this vulnerability by passing in the string `"1 OR 1=1"`, which would cause the query to return all rows from the "users" table instead of just the row with the specified ID.

When the `scan_llm_output` function is called asynchronously with this code, it will scan the provided code for security issues. The `CodeShield` library may flag the SQL injection vulnerability as a high-severity security issue due to its potential to allow unauthorized access or data tampering.


In [None]:
llm_output_code = """
def calculate_expression(expression):
    result = eval(expression)
    return result

# Usage
user_input = "__import__('os').system('ls')"
print(calculate_expression(user_input))
"""

await scan_llm_output(llm_output_code)

__LLM output after treatment___

def calculate_expression(expression):
    result = eval(expression)
    return result

# Usage
user_input = "__import__('os').system('ls')"
print(calculate_expression(user_input))

__Results__
No issues found
Treatment.IGNORE
__Details__
None


In this code, a string of Python code is defined and assigned to the variable `llm_output_code`. The code defines a function named `calculate_expression` that takes an input `expression` as a string and uses the built-in `eval()` function to evaluate it.

The usage example at the end of the code demonstrates a serious security vulnerability. It sets the `user_input` variable to a malicious string `"__import__('os').system('ls')"`, which, when passed to the `calculate_expression` function, will execute the `ls` command in the shell using the `os.system()` function. This is an example of arbitrary code execution (ACE) or remote code execution (RCE), where an attacker can inject and run malicious code on the system.

The use of `eval()` with untrusted input is a well-known security risk, as it allows an attacker to execute any Python code they wish, including code that can read or modify sensitive data, create new files, or even take control of the entire system.

When the `scan_llm_output` function is called asynchronously with this code, it will scan the provided code for security issues. The `CodeShield` library may flag the use of `eval()` with untrusted input as a critical security issue due to its potential for arbitrary code execution and other malicious activities.
