diff --git a/sahara/cli/sahara_subprocess.py b/sahara/cli/sahara_subprocess.py
index 917d1c3d..8d356d32 100644
--- a/sahara/cli/sahara_subprocess.py
+++ b/sahara/cli/sahara_subprocess.py
@@ -13,7 +13,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-import pickle
+import pickle  # nosec
 import sys
 import traceback
 
@@ -29,9 +29,12 @@ def main():
             result = dict()
 
             try:
-                func = pickle.load(sys.stdin)
-                args = pickle.load(sys.stdin)
-                kwargs = pickle.load(sys.stdin)
+                # TODO(elmiko) these pickle usages should be
+                # reinvestigated to determine a more secure manner to
+                # deploy remote commands.
+                func = pickle.load(sys.stdin)  # nosec
+                args = pickle.load(sys.stdin)  # nosec
+                kwargs = pickle.load(sys.stdin)  # nosec
 
                 result['output'] = func(*args, **kwargs)
             except BaseException as e:
@@ -39,5 +42,5 @@ def main():
                 result['exception'] = cls_name + ': ' + str(e)
                 result['traceback'] = traceback.format_exc()
 
-            pickle.dump(result, sys.stdout)
+            pickle.dump(result, sys.stdout)  # nosec
             sys.stdout.flush()
diff --git a/sahara/utils/procutils.py b/sahara/utils/procutils.py
index f850aaeb..d652e67c 100644
--- a/sahara/utils/procutils.py
+++ b/sahara/utils/procutils.py
@@ -14,7 +14,7 @@
 # limitations under the License.
 
 import os
-import pickle
+import pickle  # nosec
 import sys
 
 from eventlet.green import subprocess
@@ -43,13 +43,15 @@ def run_in_subprocess(proc, func, args=None, kwargs=None, interactive=False):
     args = args or ()
     kwargs = kwargs or {}
     try:
-        pickle.dump(func, proc.stdin)
-        pickle.dump(args, proc.stdin)
-        pickle.dump(kwargs, proc.stdin)
+        # TODO(elmiko) these pickle usages should be reinvestigated to
+        # determine a more secure manner to deploy remote commands.
+        pickle.dump(func, proc.stdin)  # nosec
+        pickle.dump(args, proc.stdin)  # nosec
+        pickle.dump(kwargs, proc.stdin)  # nosec
         proc.stdin.flush()
 
         if not interactive:
-            result = pickle.load(proc.stdout)
+            result = pickle.load(proc.stdout)  # nosec
 
             if 'exception' in result:
                 raise exceptions.SubprocessException(result['exception'])