Could GitHub Copilot produce a vulnerable code?

Article structure

  1. Preface
  2. GitHub Copilot could suggest some sensitive data?
  3. GitHub Copilot could produce a vulnerable code?
  4. Improvement suggestions

1) Preface

2) The GitHub Copilot could suggest some sensitive data?

  1. Valid email address

3) The GitHub Copilot could produce a vulnerable code?

1. Broken Authentication in NodeJS

2. SQL Injection in Python

3. OS Command Injection in NodeJS

4. Unsafe Deserialization in NodeJS

4) Improvement suggestions

  1. Suggesting a static data(API keys, credit cards numbers, etc)
  2. Forbidden to suggest a weak passwords
  3. Suggest a secure coding pattern first

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
YevhSec1

YevhSec1

443 Followers

MSc in Cyber Security, OSCP, eWPTXv2, CEH Master. Awarded by Apple, Trello, Kraken... Connect: https://www.linkedin.com/in/yevhenii-molchanov-aa565210b/