There are a number of techniques for reading external files and loading their content into (de/serializing) Python objects. Pickle is one such powerful serialization technique that is inherently risky, especially when an attacker tampers with serialized data.

Data from external sources is never secure. As a rule of thumb, never unpickle or parse data from an untrusted source into Python objects. This is because an attacker can use a subprocess module to execute arbitrary commands during pickling.

Additionally, YAML files from user input can leave your application open to attacks. To avoid this, use PyYAML safe_loadfunction (yaml.safe_load) to handle YAML serialization.

Here is a simple custom code that can be used to find all unsafe yaml.load functions in your codebase.