Name of the Vulnerable Software and Affected Versions:

composio versions 0.5.40 and later

Description:

The issue allows for command execution in composio openai, composio claude, and composio julep via the `handle tool calls` function. This is due to improper user input sanitization, leading to arbitrary command injection.

Recommendations:

For composio versions 0.5.40 and later, consider disabling the `handle tool calls` function as a temporary workaround until a patch is available. Restrict access to the composio openai, composio claude, and composio julep modules to minimize the risk of exploitation. Avoid using unsanitized user input in the affected functions until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.