🐛 Added regex validation for eval()

src/viadot/orchestration/prefect/utils.py

@@ -429,8 +429,10 @@ def _process_string(self, text: str) -> list[str] | str:
 
             if match_no_symbols in self.replacements:
                 replacement = self.replacements[match_no_symbols]
-            if not replacement:
-                replacement = eval(match_no_symbols)
+            if not replacement and bool(
+                re.match(r"^\s*pendulum\.\w+\(.*\)\s*$", match_no_symbols)
+            ):
+                replacement = eval(match_no_symbols)  # noqa: S307
             text = text.replace(
                 match,
                 (