agentscope-skill

The provided code itself is not overtly malicious, but it exposes a high-risk capability (execute_shell_command) to agent-driven workflows that accept untrusted input. Without sandboxing, input validation, authorization, and auditing, an agent (or a poisoned prompt) could cause arbitrary command execution, data leakage, or system modification. Treat examples exposing shell execution as dangerous primitives; enforce strict controls before deploying in production.