Glossary · Term

pickle

← all terms

Definition

Plain language

A way Python programs save data to a file and load it back, which is dangerous to open from an untrusted source because it can run hidden code.

As stated in the literature

Python's built-in object-serialization format; deserializing an untrusted pickle can execute arbitrary code, making unsafe pickle loads a common code-injection vulnerability that AI coding agents may insert.

Why it matters: It matters because loading a pickle from an untrusted source can silently run malicious code, a vulnerability AI coding agents may carelessly introduce.

For example, a Python program might pickle a trained model to a file so it can reload it later instead of retraining from scratch.

Heard on the show

“Maybe an unsafe pickle call.”
Episode 093 — A Calibrated Knob for Weak-to-Strong AI Oversight, Tested on Real Code

Mentioned in 1 episode

  1. 093
    A Calibrated Knob for Weak-to-Strong AI Oversight, Tested on Real Code

Related terms