python-sdk
Warn
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: Multiple reference files, including
references/agent-patterns.mdandreferences/tool-builder.md, provide implementation examples using Python'seval()function on arguments passed from the AI agent (e.g.,eval(call.args['expression'])). This is an insecure coding practice that allows for arbitrary command execution if the agent's output is manipulated by a user or an external data source. - [DATA_EXFILTRATION]: The SDK documentation describes and encourages the use of file upload capabilities (
client.upload_file) and outbound webhook integrations. These features, combined with the agent's ability to read local files, create a significant surface for exfiltrating sensitive information if the agent's instructions are subverted. - [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
inferenceshpackage from public registries and references multiple external API endpoints for model inference and search capabilities. While these are core functionalities of the SDK, they introduce external dependencies into the execution environment.
Audit Metadata