Pickle Security Concerns with `chat_input` and `chat_message`

I’ve been experimenting with creating LLM chatbots with Streamlit (see an example on my GitHub here).

In the Streamlit documentation there is a Pickle warning regarding session state:

Streamlit’s st.cache_data and st.session_state implicitly use the pickle module, which is known to be insecure. It is possible to construct malicious pickle data that will execute arbitrary code during unpickling. Never load data that could have come from an untrusted source in an unsafe mode or that could have been tampered with. Only load data you trust .

My question is: Since a chatbot inherently utilizes user input, is security something I should consider?

Are there any best practices I should implement into my app if I want users to be able to interact via the st.chat_input element?

This topic was automatically closed 180 days after the last reply. New replies are no longer allowed.