Summary The security-guidance plugin's security_reminder_hook.py flags eval( using a bare substring match with no word boundary, so it false-positives on any identifier ending in ...eval immediately ...