Context-Inappropriate Capability
High
- Confidence
- 98% confidence
- Finding
- The calculator tool passes untrusted input directly to JavaScript eval(), which enables arbitrary code execution rather than mere arithmetic evaluation. In an agent setting, model-generated tool arguments can be influenced by user prompts or prompt injection, so this example can teach or normalize an unsafe pattern that could become directly exploitable if copied into real implementations.
