'use strict';

// Minimal HTTP-like handler exposing an unsafe eval sink for reachability.
// The handler is intentionally small to avoid external dependencies.
function handleRequest(body) {
  const code = body && body.code;
  if (typeof code !== 'string') {
    return { status: 400, body: 'bad request' };
  }

  // Dangerous: executes user-controlled code. The test drives this sink.
  // eslint-disable-next-line no-eval
  const result = eval(code);
  return { status: 200, body: String(result) };
}

module.exports = { handleRequest };