Add extra warning documentation for allow_dangerous_code flag

microsoft · Jul 2, 2024 · 3420f07 · 3420f07
1 parent 9d0fcad
commit 3420f07
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 0 deletions.
diff --git a/app/backend/approaches/tabulardataassistant.py b/app/backend/approaches/tabulardataassistant.py
@@ -106,6 +106,12 @@ def process_agent_scratch_pad(question, df):
     deployment_name=OPENAI_DEPLOYMENT_NAME)  
 
     question = save_chart(question)
+    # This agent relies on access to a python repl tool which can execute arbitrary code.
+    # This can be dangerous and requires a specially sandboxed environment to be safely used.
+    # Failure to properly sandbox this class can lead to arbitrary code execution vulnerabilities,
+    # which can lead to data breaches, data loss, or other security incidents. You must opt in
+    # to use this functionality by setting allow_dangerous_code=True.
+    # https://api.python.langchain.com/en/latest/agents/langchain_experimental.agents.agent_toolkits.pandas.base.create_pandas_dataframe_agent.html
     pdagent = create_pandas_dataframe_agent(chat, df, verbose=True,agent_type=AgentType.OPENAI_FUNCTIONS,allow_dangerous_code=True , handle_parsing_errors=True )
     for chunk in pdagent.stream({"input": question}):
         if "actions" in chunk:

diff --git a/docs/features/features.md b/docs/features/features.md
@@ -97,6 +97,12 @@ To learn more, please visit the [Cognitive Search](/docs/features/cognitive_sear
 
 We are rolling out the Math Assistant and Tabular Data Assistant in a preview mode. The Math Assistant combines natural language understanding with robust mathematical reasoning, enabling users to express mathematical queries in plain language and receive step-by-step solutions and insights.The Tabular Data Assistants allows users to ask natural language questions about tabular data stored in CSV files and extract insights from structured datasets with the ability to filter, aggregate, and perform computations on CSV data. The key strength of Agents lies in their ability to autonomously reason about tasks, decompose them into steps, and determine the appropriate tools and data sources to leverage, all without the need for predefined task definitions or rigid workflows.The Math Assistant and Tabular Data assistant are being released in preview mode as we continue to evaluate and mitigate the potential risks associated with autonomous reasoning Agents, such as misuse of external tools, lack of transparency, biased outputs, privacy concerns, and remote code execution vulnerabilities. With future release we plan work to enhance the safety and robustness of these autonomous reasoning capabilities.
 
+### :warning: Security Notice
+
+The Tabular Data Assistant relies on access to a python repl tool which can execute arbitrary code. This can be dangerous and requires a specially sandboxed environment to be safely used. Failure to run this code in a properly sandboxed environment can lead to arbitrary code execution vulnerabilities, which can lead to data breaches, data loss, or other security incidents.
+
+Do not use this code with untrusted inputs, with elevated permissions, or without consulting your security team about proper sandboxing!
+
 ## Customization and Personalization
 
 **User-Selectable Options:** Users can fine-tune their interactions by adjusting settings such as temperature and persona, tailoring the AI experience to their specific needs.