modal-knowledge

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The content is mostly documentation, but it explicitly includes examples that execute arbitrary/untrusted code (e.g., sb.exec("python", "-c", code"), persistent sandbox pools, and web endpoints that could expose that functionality) which are high-risk patterns enabling remote code execution and potential data exfiltration if misused or misconfigured.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill includes a Code Playground example (references/sandboxes-code-execution.md) that accepts and executes arbitrary user-provided Python via a /execute FastAPI endpoint (request.code) using modal.Sandbox.create, clearly ingesting and running untrusted user-generated content.