langgraph
Fail
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The calculator tool implementation in SKILL.md uses the Python eval() function. This allows for the execution of arbitrary Python code if the input string is not strictly controlled and sanitized.
- [REMOTE_CODE_EXECUTION]: The skill exposes an execution vector where strings generated by an LLM in response to user input are passed directly to eval(). An attacker can exploit this via prompt injection to execute malicious commands on the host environment.
Recommendations
- AI detected serious security threats
Audit Metadata