chore: add better docs for safe_mode; load semgrep if available #709
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,61 @@ | ||
| # Safe Mode | ||
|
|
||
| **⚠️ Safe mode is experimental and does not provide any guarantees of safety or security.** | ||
|
|
||
| Open Interpreter is working on providing an experimental safety toolkit to help you feel more confident running the code generated by Open Interpreter. | ||
|
|
||
|
|
||
| Install Open Interpreter with the safety toolkit dependencies as part of the bundle: | ||
|
|
||
| ```shell | ||
| pip install open-interpreter[safe] | ||
| ``` | ||
|
|
||
| Alternatively, you can install the safety toolkit dependencies separately in your virtual environment: | ||
|
|
||
| ```shell | ||
| pip install semgrep | ||
| ``` | ||
|
|
||
| ## Features | ||
|
|
||
| - **No Auto Run**: Safe mode disables the ability to automatically execute code | ||
| - **Code Scanning**: Scan generated code for vulnerabilities with [`semgrep`](https://semgrep.dev/) | ||
|
|
||
| ## Enabling Safe Mode | ||
|
|
||
| You can enable safe mode by passing the `--safe` flag when invoking `interpreter` or by configuring `safe_mode` in your [config file](https://github.com/KillianLucas/open-interpreter#configuration). | ||
|
|
||
| The safe mode setting has three options: | ||
|
|
||
| - `off`: disables the safety toolkit (_default_) | ||
| - `ask`: prompts you to confirm that you want to scan code | ||
| - `auto`: automatically scans code | ||
|
|
||
| ### Example Config: | ||
|
|
||
| ```yaml | ||
| model: gpt-4 | ||
| temperature: 0 | ||
| debug_mode: false | ||
| safe_mode: ask | ||
| ``` | ||
|
|
||
| ## Roadmap | ||
|
|
||
| Some upcoming features that enable even more safety: | ||
|
|
||
| - [Execute code in containers](https://github.com/KillianLucas/open-interpreter/pull/459) | ||
|
|
||
| ## Tips & Tricks | ||
|
|
||
| You can adjust the `system_message` in your [config file](https://github.com/KillianLucas/open-interpreter#configuration) to include instructions for the model to scan packages with [`guarddog`]() before installing them. | ||
|
|
||
| ```yaml | ||
| model: gpt-4 | ||
| debug_mode: false | ||
| safe_mode: ask | ||
| system_message: | | ||
| # normal system message here | ||
| BEFORE INSTALLING ANY PACKAGES WITH pip OR npm YOU MUST SCAN THEM WITH `guarddog` FIRST. Run `guarddog pypi scan $package` for pip packages and `guarddog npm scan $package` for npm packages. `guarddog` only accepts one package name at a time. | ||
| ``` | ||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,19 @@ | ||
| import importlib.util | ||
| import sys | ||
|
|
||
| #borrowed from: https://stackoverflow.com/a/1051266/656011 | ||
| def check_for_package(package): | ||
| if package in sys.modules: | ||
| return True | ||
| elif (spec := importlib.util.find_spec(package)) is not None: | ||
| try: | ||
| module = importlib.util.module_from_spec(spec) | ||
|
|
||
| sys.modules[package] = module | ||
| spec.loader.exec_module(module) | ||
|
|
||
| return True | ||
| except ImportError: | ||
| return False | ||
| else: | ||
| return False |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We can leverage the
tool.poetry.extrasconfiguration to allow folks to optionally installsemgrepand other safety tools via the[safe]extra.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
YES. I love this idea.
I think it would be great to make a slimmed down version of OI called
[core](wouldn't even includerichor any terminal interface),[safe]for semgrep, perhaps docker, etc, then eventually[all]if we build features beyond safe mode with dependencies.