composio >=0.5.40 is vulnerable to Command Execution in composioopenai, composioclaude, and composiojulep via the handletool_calls function.
"https://github.com/pypa/advisory-database/blob/main/vulns/composio-claude/PYSEC-2026-2428.yaml"