prompt-engineer

The skill bundle contains a high-risk code execution vulnerability in 'references/examples.md'. Specifically, the 'create_custom_agent' function implements a 'Calculator' tool using Python's 'eval()' function on unsanitized input, which allows for arbitrary code execution (RCE). While this appears to be an unintentional insecure coding pattern common in LLM framework examples rather than intentional malware, it represents a significant security flaw.