Does fschat have any known vulnerabilities?

fschat v0.2.36 has 5 known CVE vulnerabilities. Review the safety scan for severity details and remediation guidance.

What capabilities does fschat have?

fschat has the following detected capabilities: network access, filesystem access, process spawning, environment variable access, native modules. Review these before using with AI coding agents.

Can I use fschat safely with AI coding agents?

No safety concerns were detected for fschat. Install with brin add fschat to verify safety before installation. Run brin init to generate AGENTS.md documentation for your agent. Assessments are automated and may change over time.

fschat

PyPI

Is fschat safe to use?

Based on the latest brin safety scan, no vulnerabilities or threats were detected for fschat v0.2.36. Trust score: 70/100. 5 known CVEs, no detected threat patterns, and no suspicious capabilities identified. This is an automated, point-in-time assessment.

Install (safety-checked)

fschat Passed Security Checks

No security concerns detected

clean

CVEs

Threats

Install Scripts

Risk Indicators

•GHSA-77cj-rv5x-v6r2: UNKNOWN
•GHSA-79rp-v9rm-gxm8: UNKNOWN
•GHSA-g44m-hpf4-vmrp: UNKNOWN
•GHSA-h254-g997-685c: UNKNOWN
•GHSA-qg86-f892-m4hj: UNKNOWN

fschat CVE Vulnerabilities (5)

GHSA-77cj-rv5x-v6r2

FastChat open redirect vulnerability

GHSA-79rp-v9rm-gxm8

FastChat Denial of Service vulnerability

GHSA-g44m-hpf4-vmrp

FastChat Server-Side Request Forgery vulnerability

No Concerns Detected

No security concerns detected in the latest brin assessment. This is an automated, point-in-time evaluation — security posture may change.

This is an automated, point-in-time assessment and may contain errors. Findings are risk indicators, not confirmed threats. Security posture may change over time. Maintainers can dispute findings via the brin review process.

fschat Capabilities & Permissions

What fschat can access when installed. Review these capabilities before using with AI agents like Cursor, Claude Code, or Codex.

Network Access

This package makes network requests.

ai.meta.comapi-inference.huggingface.coapi.openai.comarxiv.orgbair.berkeley.edubard.google.combard.google.com).blog.googleblog.perplexity.aicdnjs.cloudflare.com+44 more

Protocols: http, https

Filesystem Access

Reads and writes to the filesystem.

.env (rw).env (rw).env (rw).env (rw)/tmp/ (rw)/home/ (rw).env (rw).env (rw)+9 more

Process Spawning

This package can spawn child processes.

Environment Variables

Accesses the following environment variables.

AI2_API_KEYANTHROPIC_API_KEYAZURE_OPENAI_ENDPOINTAZURE_OPENAI_KEYBARD_API_KEYCPU_ISACUDA_VISIBLE_DEVICESFASTCHAT_CONTROLLER_HEART_BEAT_EXPIRATIONFASTCHAT_INPUT_CHAR_LEN_LIMITFASTCHAT_USE_MODELSCOPE+18 more

Native Modules

Contains native code that runs outside the JavaScript sandbox.

numpypandas

AGENTS.md for fschat

Good instructions lead to good results. brin adds fschat documentation to your AGENTS.md so your agent knows how to use it properly—improving both safety and performance.