smolagents 代码注入漏洞

smolagents is a basic library for agents open-sourced by Hugging Face. A code injection vulnerability exists in smolagents that stems from an incomplete validation of the dunder attribute, which could lead to an escape from the Local Python execution environment sandbox...