boto3 is the AWS SDK for Python. client('s3').get_object(...) and similar operations commonly ingest user input into bucket / key names — SSRF-like vectors through S3 URLs and IAM misconfiguration. Covering for rule writers that check AWS-specific patterns.
| FQN | Field | |
|---|---|---|
| boto3 | fqns[0] |
Wrong FQN → 0 findings. Verify with: change fqns to garbage → must produce 0 results.
from codepathfinder.go_rule import PyBoto3