Files
codeql/python/ql/test/query-tests/Security/CWE-1427-SystemPromptInjection/langchain_test.py
2026-07-02 15:42:18 +02:00

31 lines
837 B
Python

from langchain_openai import ChatOpenAI
from langchain_core.messages import SystemMessage, HumanMessage
from flask import Flask, request # $ Source
app = Flask(__name__)
@app.route("/langchain")
def get_input_langchain():
persona = request.args.get("persona")
query = request.args.get("query")
model = ChatOpenAI(model="gpt-4.1")
result = model.invoke(
[
SystemMessage(content="Talk like a " + persona), # $ Alert[py/system-prompt-injection]
HumanMessage(content=query),
]
)
print(result)
@app.route("/langchain-create-agent")
def get_input_langchain_create_agent():
from langchain.agents import create_agent
persona = request.args.get("persona")
create_agent("gpt-4.1", system_prompt="Talk like a " + persona) # $ Alert[py/system-prompt-injection]