From dccab3c67ccf3ef9e374f69d2c8320c0535ba327 Mon Sep 17 00:00:00 2001
From: "pensarappdev[bot]"
 <182706286+pensarappdev[bot]@users.noreply.github.com>
Date: Wed, 7 May 2025 15:34:34 +0000
Subject: [PATCH] Fix security issue: Arbitrary Code Execution via Unsafe NumPy
 File Loading (CWE-502)

---
 nexus/profile.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/nexus/profile.py b/nexus/profile.py
index bceb62d..1f64aa2 100644
--- a/nexus/profile.py
+++ b/nexus/profile.py
@@ -104,7 +104,7 @@ def create_social_profile_sns(self,
 
                     try:
                         logger.info("Loading embeddings from disk.")
-                        embeddings = np.load(embedding_path)
+                        embeddings = np.load(embedding_path, allow_pickle=False)
                     except BaseException:
                         logger.info("Embedding with Cohere")
                         cohere_api_key = os.getenv("COHERE_KEY")
@@ -144,4 +144,4 @@ def create_social_profile_sns(self,
                                        map_description="A social profile of the latest POTUS Joe Biden, with Nomic's text embedder created by Yuvanesh Anand",
                                        users=["JoeBiden", "POTUS"],
                                        topics=True,
-                                       embedding_path="embeddings/JoeBiden.npy")
+                                       embedding_path="embeddings/JoeBiden.npy")
\ No newline at end of file