Gave it a try but there were a lot of false positives. SQLModel's exec method for example gets flagged every time thinking it's python's exec() function.