kfp v2.15.2 has warnings detected in the latest brin safety scan. Trust score: 75/100. Review the flagged concerns before use. This is an automated assessment.

Does kfp have any known vulnerabilities?

No known CVE vulnerabilities were found for kfp v2.15.2 in the brin database.

What capabilities does kfp have?

kfp has the following detected capabilities: network access, filesystem access, process spawning, environment variable access. Review these before using with AI coding agents.

Can I use kfp safely with AI coding agents?

kfp has been flagged with risk indicators. Review the detected threats and capabilities before using with AI coding agents. Assessments are automated and may contain errors.

kfp

PyPI

Is kfp safe to use?

The latest brin safety scan flagged kfp v2.15.2 with risk indicators that warrant review. No known CVE vulnerabilities. Trust score: 75/100. Review the findings below before use. This is an automated assessment and may contain errors.

Install (safety-checked)

kfp Has Warnings

Warnings detected due to potential concerns

warning

CVEs

Threats

Install Scripts

Risk Indicators

•Flagged for potential Ssrf patterns (60% confidence)
•Package can spawn child processes

brin Recommendations

→This package has warnings detected. Evaluate the specific concerns before proceeding.

Install with brin add kfp to automatically apply these checks before installation.

This is an automated, point-in-time assessment and may contain errors. Findings are risk indicators, not confirmed threats. Security posture may change over time. Maintainers can dispute findings via the brin review process.

kfp Capabilities & Permissions

What kfp can access when installed. Review these capabilities before using with AI agents like Cursor, Claude Code, or Codex.

Network Access

This package makes network requests.

accounts.google.comartifactregistry.googleapis.comcloud.google.comconsole.cloud.google.comdevelopers.google.comdevguide.python.orgdocker-py.readthedocs.iodocs.google.comexample.comgithub.com+17 more

Protocols: http, https

Filesystem Access

Reads and writes to the filesystem.

.env (r).env (rw)/usr/ (rw)requirements.txt (rw)setup.py (rw)/usr/ (rw)requirements.txt (rw)/var/ (rw)+26 more

Process Spawning

This package can spawn child processes.

Environment Variables

Accesses the following environment variables.

CLUSTER_SPEC_ENV_VAR_NAMEKFP_DISABLE_EXECUTION_CACHING_BY_DEFAULTKFP_PACKAGE_PATHKF_PIPELINES_ENDPOINT_ENVKF_PIPELINES_UI_ENDPOINT_ENV_KFP_RUNTIMEclient.KF_PIPELINES_SA_TOKEN_ENVkey

AGENTS.md for kfp

Good instructions lead to good results. brin adds kfp documentation to your AGENTS.md so your agent knows how to use it properly—improving both safety and performance.

brin init

Vercel's research: 100% accuracy with AGENTS.md vs 53% without →

kfp Documentation & Source Code

For the full kfp README, API documentation, and source code, visit the official package registry.

View on PyPI

Frequently asked questions about kfp safety

Install (safety-checked)

Weekly Downloads

2.8M

Version

2.15.2

Last Scanned

Feb 5, 2026

Trust Score

75/100·Legitimacy signals, not safety

Capabilities

Network

Connects to: accounts.google.com, artifactregistry.googleapis.com, cloud.google.com...

Filesystem

Reads & Writes files

Process

Spawns child processes

Environment

Accesses: , CLUSTER_SPEC_ENV_VAR_NAME, KFP_DISABLE_EXECUTION_CACHING_BY_DEFAULT...