# LLM Insecure Plugin Design

- ID: python-llm-insecure-plugin
- Severity: HIGH
- CWE: Improper Access Control (CWE-284)
- Languages: Python
- Frameworks: flask, django, fastapi

## Description

Detects insecure plugin/function calling implementations in AI/LLM systems.
OWASP LLM07 - Insecure Plugin Design.

Insecure plugin design can lead to:
- Remote code execution via tool/function calls
- Unauthorized data access through plugins
- Privilege escalation via overly permissive tools
- SSRF through URL-handling plugins
- Command injection through shell plugins

## Detection Message

Insecure plugin implementation: {issue_type}

## Remediation

Use Pydantic for tool input validation and maintain an allowlist of tools.

```python
from pydantic import BaseModel, Field

class SearchArgs(BaseModel):
    query: str = Field(max_length=100, pattern=r'^[a-zA-Z0-9\s]+$')

ALLOWED_TOOLS = {'search_products', 'get_weather'}

def execute(tool_call):
    if tool_call.function.name not in ALLOWED_TOOLS:
        raise ValueError('Unknown tool')
    args = SearchArgs.parse_raw(tool_call.function.arguments)
    return handlers[tool_call.function.name](args)
```

Learn more: https://shoulder.dev/learn/python/cwe-284/llm-insecure-plugin

## Documentation

[object Object]

## Related Rules

- **LLM Insecure Plugin Design** [HIGH]: 
- **LLM Insecure Plugin Design** [HIGH]: 
- **Missing Network Policy** [MEDIUM]: