tools.unsandboxed_exec_tool_names module

Tool names that warrant the ⚠️ indicator after tool use (UNSANDBOXED_EXEC).

The frozenset includes every tool whose handler may require PRIVILEGES["UNSANDBOXED_EXEC"] for some invocation paths — including tools that only check the privilege on a subset of inputs (e.g. http_request when verify_ssl is false). The ⚠️ is conservative: it does not mean every call used unsandboxed execution.

When adding a new tool gated by tools.alter_privileges.has_privilege() with PRIVILEGES["UNSANDBOXED_EXEC"] on any path, add its registry name here.

When the tool set grows, re-scan modules that call has_privilege(..., PRIVILEGES["UNSANDBOXED_EXEC"], ...) and extend this frozenset (see project notes or grep those files for "name": tool entries).