langchain
Fail
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The calculator tool implemented in
SKILL.mdandreferences/agents.mduses theeval()function on input strings. This allows for the execution of arbitrary Python code and is a major security risk if input is untrusted.\n- [COMMAND_EXECUTION]: Thereferences/integration.mdfile demonstrates theShellTool, which enables an agent to run arbitrary commands directly in the system shell.\n- [REMOTE_CODE_EXECUTION]: ThePythonREPLToolshown inreferences/integration.mdallows the agent to execute arbitrary Python scripts in a REPL environment.\n- [REMOTE_CODE_EXECUTION]: The FAISS vector store loading example inreferences/integration.mdexplicitly usesallow_dangerous_deserialization=True, enabling potential code execution via malicious pickle files.\n- [PROMPT_INJECTION]: Therisky_api_calltool inreferences/agents.mdaccepts a user-provided URL endpoint, creating an attack surface for Indirect Prompt Injection and Server-Side Request Forgery (SSRF) attacks.
Recommendations
- AI detected serious security threats
Audit Metadata