dspy-codeact

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). The content includes an explicit eval-based tool (compute) and repeatedly states that user-provided tool functions run in the host Python process (outside the sandbox), creating a clear remote-code-execution and data-exfiltration attack surface if a malicious tool or untrusted input is used; no explicit backdoor or network-exfiltration call is present in the examples, but the patterns are high-risk.