Advisories for Pypi/Langroid package

TableChatAgent uses pandas eval(). If fed by untrusted user input, like the case of a public-facing LLM application, it may be vulnerable to code injection.

LanceDocChatAgent uses pandas eval() through compute_from_docs(): https://github.com/langroid/langroid/blob/18667ec7e971efc242505196f6518eb19a0abc1c/langroid/vector_store/base.py#L136-L150 As a result, an attacker may be able to make the agent run malicious commands through QueryPlan.dataframe_calc compromising the host system.

A LLM application leveraging XMLToolMessage class may be exposed to untrusted XML input that could result in DoS and/or exposing local files with sensitive information.