agentscope icon indicating copy to clipboard operation
agentscope copied to clipboard
verified publisher icon modelscope

[Bug]: Security bug: Arbitrary code execution

Open SecureMPro opened this issue 1 year ago • 0 comments

Describe the bug Security bug: Arbitrary code execution

To Reproduce Hello Developer,

I have noticed that agentscope does not implement security measures to isolate the execution of user-provided code, which could lead to the takeover of the server running the code.

For instance, when I used the following prompt to execute code, agentscope directly opened the calculator on my computer:

agentscope.init(model_configs="./1.json")

service_toolkit = ServiceToolkit()
service_toolkit.add(execute_shell_command)

agent = ReActAgent(
    name="assistant",
    model_config_name="testll",
    verbose=True,
    service_toolkit=service_toolkit,
    max_iters=1,
)

msg = Msg("user", "help me to execute the following command: open -a calculator", role="user")
agent(msg)

If I were to execute malicious code, this could seriously compromise server security.

SecureMPro avatar Aug 15 '24 17:08 SecureMPro