In [None]:
!pip install picklescan

In [None]:
import pickle
import logging
from picklescan.scanner import scan_pickle_bytes

### Picklescan Example

This example demonstrates how to use `picklescan` to scan a pickled object. `picklescan` helps in identifying potentially malicious code within pickle files, which is crucial for security when loading untrusted data.

We will:
1. Create a simple Python object.
2. Pickle the object into bytes.
3. Use `scan_pickle_bytes` to check the pickled data for any suspicious content.

The `scan_pickle_bytes` function returns a `PickleScanResult` object, which indicates if any issues were found and provides details.

In [None]:
# 1. Create a simple Python object
data = {'name': 'John Doe', 'age': 30, 'city': 'New York'}
print(f"Original data: {data}")

# 2. Pickle the object into bytes using protocol 0
pickled_data = pickle.dumps(data, protocol=0)
print(f"\nPickled data (first 50 bytes): {pickled_data[:50]}...")

# 3. Use scan_pickle_bytes to check the pickled data
logging.basicConfig(level=logging.INFO) # Set logging level to INFO to see scan output
scan_result = scan_pickle_bytes(pickled_data)

print(f"\nScan Result: {scan_result}")
if scan_result.is_safe:
    print("The pickled data appears to be safe.")
else:
    print(f"Potential issues found: {scan_result.issues}")
    print("Details: ")
    for issue in scan_result.issues:
        print(f"  - {issue.rule.name}: {issue.score} (severity)")

# You can also access the meta information
print(f"\nMeta Information from scan: {scan_result.meta}")