Context-Inappropriate Capability
High
- Confidence
- 99% confidence
- Finding
- The calculator tool executes untrusted input with Python eval, which enables arbitrary code execution if an attacker can influence the tool input. In an agent setting, LLM-generated or user-supplied text may reach this path, making code execution especially dangerous because it can lead to command execution, file access, or secret exfiltration.
