CH0ico/CVE_choco_smolagent

The core issue lies in the trust model of additional_authorized_imports. When a developer authorizes the requests module (a common requirement for web-enabled agents), the sandbox does not enforce any egress filtering or URL validation. An attacker can leverage this to probe internal networks or exfiltrate sensitive data via OOB techniques.