**题意:**GPT LangChain 实验性代理 - 允许危险代码
问题背景:
I'm creating a chatbot in VS Code where it will receive csv file through a prompt on Streamlit interface. However from the moment that file is loaded, it is showing a message with the following content:
ValueError: This agent relies on access to a python repl tool which can execute arbitrary code. This can be dangerous and requires a specially sandboxed environment to be safely used. Please read the security notice in the doc-string of this function. You must opt-in to use this functionality by setting allow_dangerous_code=True.For general security guidelines, please see: Security | 🦜️🔗 LangChain
Traceback
python
File "c:\Users\ \langchain-ask-csv\.venv\Lib\site-packages\streamlit\runtime\scriptrunner\script_runner.py", line 589, in _run_script
exec(code, module.__dict__)
File "C:\Users\ \langchain-ask-csv\main.py", line 46, in <module>
main()
File "C:\Users\ \langchain-ask-csv\main.py", line 35, in main
agent = create_csv_agent( OpenAI(), csv_file, verbose=True)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "c:\Users\
\langchain-ask-csv\.venv\Lib\site-packages\langchain_experimental\agents\agent_toolkits\csv\base.py", line 66, in create_csv_agent
return create_pandas_dataframe_agent(llm, df, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "c:\Users\ T\langchain-ask-csv\.venv\Lib\site-packages\langchain_experimental\agents\agent_toolkits\pandas\base.py", line 248, in create_pandas_dataframe_agent
raise ValueError(
Here's is part of the code where I'm passing the file:
python
def main():
load_dotenv()
# Load the OpenAI API key from the environment variable
if os.getenv("OPENAI_API_KEY") is None or os.getenv("OPENAI_API_KEY") == "":
print("OPENAI_API_KEY is not set")
exit(1)
else:
print("OPENAI_API_KEY is set")
st.set_page_config(page_title="Ask your CSV")
st.header("Ask your CSV 📈")
csv_file = st.file_uploader("Upload a CSV file", type="csv")
if csv_file is not None:
agent = create_csv_agent( OpenAI(), csv_file, verbose=True)
user_question = st.text_input("Ask a question about your CSV: ")
if user_question is not None and user_question != "":
with st.spinner(text="In progress..."):
st.write(agent.run(user_question))
if __name__ == "__main__":
main()
I checked the link given as suggestion and also tried to search on similar reports but haven't had success.
What might be wrong and how to fix it?
问题解决:
The referenced security notice is in langchain_experimental.agents.agent_toolkits.pandas.base.create_pandas_dataframe_agent --- 🦜🔗 LangChain 0.2.8.
Just do what the message tells you. Do a security analysis, create a sandbox environment for your thing to run in, and then add allow_dangerous_code=True
to the arguments you pass to create_csv_agent
, which just forwards the argument to create_pandas_dataframe_agent
and run it in the sandbox.