Metrics:
Total lines of code: 2452
Total lines skipped (#nosec): 0

blacklist: Consider possible security implications associated with pickle module.
Test ID: B403
Severity: LOW
Confidence: HIGH
CWE: CWE-502
File: /custom_nodes/ComfyUI-LivePortraitKJ/liveportrait/template_maker.py
Line number: 10
More info: https://bandit.readthedocs.io/en/1.7.9/blacklists/blacklist_imports.html#b403-import-pickle
6	
7	import os
8	import cv2
9	import numpy as np
10	import pickle
11	from tqdm import tqdm
12	from .utils.cropper import Cropper
13
assert_used: Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.
Test ID: B101
Severity: LOW
Confidence: HIGH
CWE: CWE-703
File: /custom_nodes/ComfyUI-LivePortraitKJ/liveportrait/utils/helper.py
Line number: 73
More info: https://bandit.readthedocs.io/en/1.7.9/plugins/b101_assert_used.html
69	    Return: (bs, 2k*3)
70	    """
71	    bs_src = kp_source.shape[0]
72	    bs_dri = kp_driving.shape[0]
73	    assert bs_src == bs_dri, 'batch size must be equal'
74	
75	    feat = torch.cat([kp_source.view(bs_src, -1), kp_driving.view(bs_dri, -1)], dim=1)
76	    return feat
blacklist: Consider possible security implications associated with the subprocess module.
Test ID: B404
Severity: LOW
Confidence: HIGH
CWE: CWE-78
File: /custom_nodes/ComfyUI-LivePortraitKJ/liveportrait/utils/video.py
Line number: 9
More info: https://bandit.readthedocs.io/en/1.7.9/blacklists/blacklist_imports.html#b404-import-subprocess
5	"""
6	
7	import os.path as osp
8	import numpy as np
9	import subprocess
10	import imageio
11	import cv2
12
subprocess_popen_with_shell_equals_true: subprocess call with shell=True identified, security issue.
Test ID: B602
Severity: HIGH
Confidence: HIGH
CWE: CWE-78
File: /custom_nodes/ComfyUI-LivePortraitKJ/liveportrait/utils/video.py
Line number: 19
More info: https://bandit.readthedocs.io/en/1.7.9/plugins/b602_subprocess_popen_with_shell_equals_true.html
15	from .rprint import rprint as print
16	
17	
18	def exec_cmd(cmd):
19	    subprocess.run(cmd, shell=True, check=True, stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
20	
21	
22	def images2video(images, wfp, **kwargs):
blacklist: Use of possibly insecure function - consider using safer ast.literal_eval.
Test ID: B307
Severity: MEDIUM
Confidence: HIGH
CWE: CWE-78
File: /custom_nodes/ComfyUI-LivePortraitKJ/liveportrait/utils/video.py
Line number: 138
More info: https://bandit.readthedocs.io/en/1.7.9/blacklists/blacklist_calls.html#b307-eval
134	def get_fps(filepath):
135	    import ffmpeg
136	    probe = ffmpeg.probe(filepath)
137	    video_stream = next((stream for stream in probe['streams'] if stream['codec_type'] == 'video'), None)
138	    fps = eval(video_stream['avg_frame_rate'])
139	    return fps