Primary

Context

Giskard AI Giskard-Checks Unsandboxed Jinja2 Template Rendering Vulnerability in ConformityCheck Class Allowing Arbitrary Code Execution

Vulnerability

A vulnerability exists in the Giskard AI testing framework for AI models, specifically in the Giskard-Checks component, versions prior to 1.0.2b1. The issue arises in the ConformityCheck class, where the rule parameter is rendered using Jinja2's Template constructor. This implementation allows template expressions to be evaluated at runtime, creating a risk of arbitrary code execution if check definitions are sourced from untrusted origins. Exploitation requires write access to a check definition and the execution of the test suite.

Impact

Exploitation of this vulnerability could lead to arbitrary code execution within the context of the application running the Giskard-Checks library.

Remediation

Users are advised to upgrade to Giskard-Checks version 1.0.2b1 or later, where this vulnerability has been addressed by removing template rendering from rule evaluation.

Added: Apr 17, 2026, 6:25 PM

Updated: Apr 17, 2026, 6:25 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

2.3

remediation

0.0

relevance

6.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

2.3

remediation

0.0

relevance

6.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Giskard AI Giskard-Checks Unsandboxed Jinja2 Template Rendering Vulnerability in ConformityCheck Class Allowing Arbitrary Code Execution

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating