langgraph
Fail
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The
calculatortool within the 'Basic Agent Graph' section uses the Pythoneval()function on theexpressionargument. This function executes the provided string as Python code, which is a dangerous practice when the input is not strictly controlled. - [REMOTE_CODE_EXECUTION]: Since the input to the
calculatortool is generated by an LLM based on user prompts, an attacker can use prompt injection to execute arbitrary code on the host system. For example, a prompt like 'Calculate import("os").system("ls")' could lead to unauthorized system access. There are no validation, sanitization, or sandboxing mechanisms shown in the provided example to mitigate this risk.
Recommendations
- AI detected serious security threats
Audit Metadata