I'm creating a chatbot in VS Code where it will receive csv file through a prompt on Streamlit interface. However from the moment that file is loaded, it is showing a message with the following content:
ValueError: This agent relies on access to a python repl tool which can execute arbitrary code. This can be dangerous and requires a specially sandboxed environment to be safely used. Please read the security notice in the doc-string of this function. You must opt-in to use this functionality by setting allow_dangerous_code=True.For general security guidelines, please see: https://python.langchain.com/v0.2/docs/security/
Traceback
File "c:\Users\ \langchain-ask-csv\.venv\Lib\site-packages\streamlit\runtime\scriptrunner\script_runner.py", line 589, in _run_script
exec(code, module.__dict__)
File "C:\Users\ \langchain-ask-csv\main.py", line 46, in <module>
main()
File "C:\Users\ \langchain-ask-csv\main.py", line 35, in main
agent = create_csv_agent( OpenAI(), csv_file, verbose=True)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "c:\Users\
\langchain-ask-csv\.venv\Lib\site-packages\langchain_experimental\agents\agent_toolkits\csv\base.py", line 66, in create_csv_agent
return create_pandas_dataframe_agent(llm, df, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "c:\Users\ T\langchain-ask-csv\.venv\Lib\site-packages\langchain_experimental\agents\agent_toolkits\pandas\base.py", line 248, in create_pandas_dataframe_agent
raise ValueError(
Here's is part of the code where I'm passing the file:
def main():
load_dotenv()
# Load the OpenAI API key from the environment variable
if os.getenv("OPENAI_API_KEY") is None or os.getenv("OPENAI_API_KEY") == "":
print("OPENAI_API_KEY is not set")
exit(1)
else:
print("OPENAI_API_KEY is set")
st.set_page_config(page_title="Ask your CSV")
st.header("Ask your CSV 📈")
csv_file = st.file_uploader("Upload a CSV file", type="csv")
if csv_file is not None:
agent = create_csv_agent( OpenAI(), csv_file, verbose=True)
user_question = st.text_input("Ask a question about your CSV: ")
if user_question is not None and user_question != "":
with st.spinner(text="In progress..."):
st.write(agent.run(user_question))
if __name__ == "__main__":
main()
I checked the link given as suggestion and also tried to search on similar reports but haven't had success.
What might be wrong and how to fix it?
The referenced security notice is in https://api.python.langchain.com/en/latest/agents/langchain_experimental.agents.agent_toolkits.pandas.base.create_pandas_dataframe_agent.html.
Just do what the message tells you. Do a security analysis, create a sandbox environment for your thing to run in, and then add allow_dangerous_code=True
to the arguments you pass to create_csv_agent
, which just forwards the argument to create_pandas_dataframe_agent
and run it in the sandbox.