The project I was deploying is a small Flask-based image encryption tool — a personal hobby project. It encrypts and decrypts image pixels using AES to protect images locally before storage.
Pixel-by-pixel AES in Python is CPU-intensive and very slow, so I wrote the critical processing functions in C for efficiency, which produces .so files. The app also uses some Python libraries not installed on the server, like PyCryptodome, flask_session, and flask_wtf.
As a newcomer to HelioHost, I didn’t know the proper way to deploy such an app without SSH, so I used a custom node-pty + WebSocket based shell I developed myself to automate deployment: clone my repo, compile the C extension, and install dependencies. There was no intention to access other users’ data or compromise the server — it was only for my hobby project.