Context-Inappropriate Capability
Medium
- Confidence
- 99% confidence
- Finding
- The example defines a function tool that evaluates arbitrary Python expressions using eval on model-influenced input. In an agent skill context, this can enable code execution if the model passes attacker-controlled expressions, and the file’s purpose is only to demonstrate async SDK patterns, so this unsafe primitive is unnecessary and especially risky as copy-paste sample code.
