Definition
Plain language
A way Python programs save data to a file and load it back, which is dangerous to open from an untrusted source because it can run hidden code.
As stated in the literature
Python's built-in object-serialization format; deserializing an untrusted pickle can execute arbitrary code, making unsafe pickle loads a common code-injection vulnerability that AI coding agents may insert.
Why it matters: It matters because loading a pickle from an untrusted source can silently run malicious code, a vulnerability AI coding agents may carelessly introduce.
For example, a Python program might pickle a trained model to a file so it can reload it later instead of retraining from scratch.
Heard on the show
“Maybe an unsafe pickle call.”Episode 093 — A Calibrated Knob for Weak-to-Strong AI Oversight, Tested on Real Code