sympy
Warn
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
autowrapandufuncifyutilities inreferences/code-generation-printing.mdto generate and compile C or Fortran source code at runtime, which involves the dynamic execution of generated code via system compilers. - [COMMAND_EXECUTION]: The reference file
references/code-generation-printing.mdprovides examples for usingpickle.load()to deserialize expressions, an unsafe operation that can lead to arbitrary code execution if the data source is malicious. - [PROMPT_INJECTION]: The skill provides ingestion points for untrusted strings through parsers like
parse_exprandparse_latexinreferences/code-generation-printing.md. These parsers operate without boundary markers or sanitization, and when combined with the skill's capabilities (such as file-writing and runtime compilation), they create a surface for indirect prompt injection and logic manipulation.
Audit Metadata