composio >=0.5.40 is vulnerable to Command Execution in composioopenai, composioclaude, and composiojulep via the handletool_calls function.
"https://github.com/pypa/advisory-database/blob/main/vulns/composio-julep/PYSEC-2026-1268.yaml"