GPT LangChain experimental agent - allow dangerous code

题意：GPT LangChain 实验性代理 - 允许危险代码

问题背景：

I'm creating a chatbot in VS Code where it will receive csv file through a prompt on Streamlit interface. However from the moment that file is loaded, it is showing a message with the following content:

ValueError: This agent relies on access to a python repl tool which can execute arbitrary code. This can be dangerous and requires a specially sandboxed environment to be safely used. Please read the security notice in the doc-string of this function. You must opt-in to use this functionality by setting allow_dangerous_code=True.For general security guidelines, please see: Security | 🦜️🔗 LangChain

Traceback

File "c:\Users\  \langchain-ask-csv\.venv\Lib\site-packages\streamlit\runtime\scriptrunner\script_runner.py", line 589, in _run_scriptexec(code, module.__dict__)
File "C:\Users\ \langchain-ask-csv\main.py", line 46, in <module>main()
File "C:\Users\  \langchain-ask-csv\main.py", line 35, in mainagent = create_csv_agent( OpenAI(), csv_file, verbose=True)^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "c:\Users\
\langchain-ask-csv\.venv\Lib\site-packages\langchain_experimental\agents\agent_toolkits\csv\base.py", line 66, in create_csv_agentreturn create_pandas_dataframe_agent(llm, df, **kwargs)^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "c:\Users\ T\langchain-ask-csv\.venv\Lib\site-packages\langchain_experimental\agents\agent_toolkits\pandas\base.py", line 248, in create_pandas_dataframe_agentraise ValueError(

Here's is part of the code where I'm passing the file:

def main():load_dotenv()# Load the OpenAI API key from the environment variableif os.getenv("OPENAI_API_KEY") is None or os.getenv("OPENAI_API_KEY") == "":print("OPENAI_API_KEY is not set")exit(1)else:print("OPENAI_API_KEY is set")st.set_page_config(page_title="Ask your CSV")st.header("Ask your CSV 📈")csv_file = st.file_uploader("Upload a CSV file", type="csv")if csv_file is not None:agent = create_csv_agent( OpenAI(), csv_file, verbose=True)user_question = st.text_input("Ask a question about your CSV: ")if user_question is not None and user_question != "":with st.spinner(text="In progress..."):st.write(agent.run(user_question))if __name__ == "__main__":main()

I checked the link given as suggestion and also tried to search on similar reports but haven't had success.

What might be wrong and how to fix it?

问题解决：

The referenced security notice is in langchain_experimental.agents.agent_toolkits.pandas.base.create_pandas_dataframe_agent — 🦜🔗 LangChain 0.2.8.

Just do what the message tells you. Do a security analysis, create a sandbox environment for your thing to run in, and then add allow_dangerous_code=True to the arguments you pass to create_csv_agent, which just forwards the argument to create_pandas_dataframe_agent and run it in the sandbox.