From 68599d98c20b1e3fbdabaef1b1fbe54cd06b98a4 Mon Sep 17 00:00:00 2001 From: Eugene Yurtsev Date: Thu, 19 Oct 2023 14:49:09 -0400 Subject: [PATCH] More security notes (#12040) Add more security notes --- .../agents/agent_toolkits/clickup/toolkit.py | 9 ++++++++- .../agents/agent_toolkits/nla/toolkit.py | 14 +++++++++++++- .../agents/agent_toolkits/powerbi/toolkit.py | 12 +++++++++++- .../langchain/chains/graph_qa/arangodb.py | 14 +++++++++++++- libs/langchain/langchain/chains/graph_qa/base.py | 14 +++++++++++++- .../langchain/langchain/chains/graph_qa/cypher.py | 14 +++++++++++++- .../langchain/chains/graph_qa/falkordb.py | 14 +++++++++++++- .../langchain/chains/graph_qa/hugegraph.py | 14 +++++++++++++- libs/langchain/langchain/chains/graph_qa/kuzu.py | 14 ++++++++++++-- .../langchain/chains/graph_qa/nebulagraph.py | 14 +++++++++++++- .../langchain/chains/graph_qa/neptune_cypher.py | 11 +++++++++++ .../langchain/langchain/chains/graph_qa/sparql.py | 15 ++++++++++++--- libs/langchain/langchain/graphs/arangodb_graph.py | 2 ++ libs/langchain/langchain/graphs/falkordb_graph.py | 2 ++ libs/langchain/langchain/graphs/hugegraph.py | 2 ++ libs/langchain/langchain/graphs/kuzu_graph.py | 2 ++ libs/langchain/langchain/graphs/memgraph_graph.py | 2 ++ libs/langchain/langchain/graphs/nebula_graph.py | 2 ++ libs/langchain/langchain/graphs/neo4j_graph.py | 2 ++ libs/langchain/langchain/graphs/neptune_graph.py | 2 ++ libs/langchain/langchain/graphs/networkx_graph.py | 2 ++ libs/langchain/langchain/graphs/rdf_graph.py | 2 ++ 22 files changed, 165 insertions(+), 14 deletions(-) diff --git a/libs/langchain/langchain/agents/agent_toolkits/clickup/toolkit.py b/libs/langchain/langchain/agents/agent_toolkits/clickup/toolkit.py index ea0c94df061..8028f5978fd 100644 --- a/libs/langchain/langchain/agents/agent_toolkits/clickup/toolkit.py +++ b/libs/langchain/langchain/agents/agent_toolkits/clickup/toolkit.py @@ -20,7 +20,14 @@ from langchain.utilities.clickup import ClickupAPIWrapper class ClickupToolkit(BaseToolkit): - """Clickup Toolkit.""" + """Clickup Toolkit. + + *Security Note*: This toolkit contains tools that can read and modify + the state of a service; e.g., by reading, creating, updating, deleting + data associated with this service. + + See https://python.langchain.com/docs/security for more information. + """ tools: List[BaseTool] = [] diff --git a/libs/langchain/langchain/agents/agent_toolkits/nla/toolkit.py b/libs/langchain/langchain/agents/agent_toolkits/nla/toolkit.py index 38fb1a52197..b0134ce3ab3 100644 --- a/libs/langchain/langchain/agents/agent_toolkits/nla/toolkit.py +++ b/libs/langchain/langchain/agents/agent_toolkits/nla/toolkit.py @@ -13,7 +13,19 @@ from langchain.utilities.requests import Requests class NLAToolkit(BaseToolkit): - """Natural Language API Toolkit.""" + """Natural Language API Toolkit. + + *Security Note*: This toolkit creates tools that enable making calls + to an Open API compliant API. + + The tools created by this toolkit may be able to make GET, POST, + PATCH, PUT, DELETE requests to any of the exposed endpoints on + the API. + + Control access to who can use this toolkit. + + See https://python.langchain.com/docs/security for more information. + """ nla_tools: Sequence[NLATool] = Field(...) """List of API Endpoint Tools.""" diff --git a/libs/langchain/langchain/agents/agent_toolkits/powerbi/toolkit.py b/libs/langchain/langchain/agents/agent_toolkits/powerbi/toolkit.py index 2f24a1cb7ab..2bbd1313c66 100644 --- a/libs/langchain/langchain/agents/agent_toolkits/powerbi/toolkit.py +++ b/libs/langchain/langchain/agents/agent_toolkits/powerbi/toolkit.py @@ -28,7 +28,17 @@ from langchain.utilities.powerbi import PowerBIDataset class PowerBIToolkit(BaseToolkit): - """Toolkit for interacting with Power BI dataset.""" + """Toolkit for interacting with Power BI dataset. + + *Security Note*: This toolkit interacts with an external service. + + Control access to who can use this toolkit. + + Make sure that the capabilities given by this toolkit to the calling + code are appropriately scoped to the application. + + See https://python.langchain.com/docs/security for more information. + """ powerbi: PowerBIDataset = Field(exclude=True) llm: Union[BaseLanguageModel, BaseChatModel] = Field(exclude=True) diff --git a/libs/langchain/langchain/chains/graph_qa/arangodb.py b/libs/langchain/langchain/chains/graph_qa/arangodb.py index e9e6767a4cb..48066c8ee1f 100644 --- a/libs/langchain/langchain/chains/graph_qa/arangodb.py +++ b/libs/langchain/langchain/chains/graph_qa/arangodb.py @@ -19,7 +19,19 @@ from langchain.schema import BasePromptTemplate class ArangoGraphQAChain(Chain): - """Chain for question-answering against a graph by generating AQL statements.""" + """Chain for question-answering against a graph by generating AQL statements. + + *Security note*: Make sure that the database connection uses credentials + that are narrowly-scoped to only include necessary permissions. + Failure to do so may result in data corruption or loss, since the calling + code may attempt commands that would result in deletion, mutation + of data if appropriately prompted or reading sensitive data if such + data is present in the database. + The best way to guard against such negative outcomes is to (as appropriate) + limit the permissions granted to the credentials used with this tool. + + See https://python.langchain.com/docs/security for more information. + """ graph: ArangoGraph = Field(exclude=True) aql_generation_chain: LLMChain diff --git a/libs/langchain/langchain/chains/graph_qa/base.py b/libs/langchain/langchain/chains/graph_qa/base.py index 358a3cf411c..8543c9a775b 100644 --- a/libs/langchain/langchain/chains/graph_qa/base.py +++ b/libs/langchain/langchain/chains/graph_qa/base.py @@ -14,7 +14,19 @@ from langchain.schema.language_model import BaseLanguageModel class GraphQAChain(Chain): - """Chain for question-answering against a graph.""" + """Chain for question-answering against a graph. + + *Security note*: Make sure that the database connection uses credentials + that are narrowly-scoped to only include necessary permissions. + Failure to do so may result in data corruption or loss, since the calling + code may attempt commands that would result in deletion, mutation + of data if appropriately prompted or reading sensitive data if such + data is present in the database. + The best way to guard against such negative outcomes is to (as appropriate) + limit the permissions granted to the credentials used with this tool. + + See https://python.langchain.com/docs/security for more information. + """ graph: NetworkxEntityGraph = Field(exclude=True) entity_extraction_chain: LLMChain diff --git a/libs/langchain/langchain/chains/graph_qa/cypher.py b/libs/langchain/langchain/chains/graph_qa/cypher.py index 1f59e522723..abbc5a85c34 100644 --- a/libs/langchain/langchain/chains/graph_qa/cypher.py +++ b/libs/langchain/langchain/chains/graph_qa/cypher.py @@ -77,7 +77,19 @@ def construct_schema( class GraphCypherQAChain(Chain): - """Chain for question-answering against a graph by generating Cypher statements.""" + """Chain for question-answering against a graph by generating Cypher statements. + + *Security note*: Make sure that the database connection uses credentials + that are narrowly-scoped to only include necessary permissions. + Failure to do so may result in data corruption or loss, since the calling + code may attempt commands that would result in deletion, mutation + of data if appropriately prompted or reading sensitive data if such + data is present in the database. + The best way to guard against such negative outcomes is to (as appropriate) + limit the permissions granted to the credentials used with this tool. + + See https://python.langchain.com/docs/security for more information. + """ graph: GraphStore = Field(exclude=True) cypher_generation_chain: LLMChain diff --git a/libs/langchain/langchain/chains/graph_qa/falkordb.py b/libs/langchain/langchain/chains/graph_qa/falkordb.py index b5ad8da4876..f973b876b26 100644 --- a/libs/langchain/langchain/chains/graph_qa/falkordb.py +++ b/libs/langchain/langchain/chains/graph_qa/falkordb.py @@ -35,7 +35,19 @@ def extract_cypher(text: str) -> str: class FalkorDBQAChain(Chain): - """Chain for question-answering against a graph by generating Cypher statements.""" + """Chain for question-answering against a graph by generating Cypher statements. + + *Security note*: Make sure that the database connection uses credentials + that are narrowly-scoped to only include necessary permissions. + Failure to do so may result in data corruption or loss, since the calling + code may attempt commands that would result in deletion, mutation + of data if appropriately prompted or reading sensitive data if such + data is present in the database. + The best way to guard against such negative outcomes is to (as appropriate) + limit the permissions granted to the credentials used with this tool. + + See https://python.langchain.com/docs/security for more information. + """ graph: FalkorDBGraph = Field(exclude=True) cypher_generation_chain: LLMChain diff --git a/libs/langchain/langchain/chains/graph_qa/hugegraph.py b/libs/langchain/langchain/chains/graph_qa/hugegraph.py index 9c11016cd1b..3618dedebb1 100644 --- a/libs/langchain/langchain/chains/graph_qa/hugegraph.py +++ b/libs/langchain/langchain/chains/graph_qa/hugegraph.py @@ -17,7 +17,19 @@ from langchain.schema.language_model import BaseLanguageModel class HugeGraphQAChain(Chain): - """Chain for question-answering against a graph by generating gremlin statements.""" + """Chain for question-answering against a graph by generating gremlin statements. + + *Security note*: Make sure that the database connection uses credentials + that are narrowly-scoped to only include necessary permissions. + Failure to do so may result in data corruption or loss, since the calling + code may attempt commands that would result in deletion, mutation + of data if appropriately prompted or reading sensitive data if such + data is present in the database. + The best way to guard against such negative outcomes is to (as appropriate) + limit the permissions granted to the credentials used with this tool. + + See https://python.langchain.com/docs/security for more information. + """ graph: HugeGraph = Field(exclude=True) gremlin_generation_chain: LLMChain diff --git a/libs/langchain/langchain/chains/graph_qa/kuzu.py b/libs/langchain/langchain/chains/graph_qa/kuzu.py index 8246e92588b..2b63edae6b3 100644 --- a/libs/langchain/langchain/chains/graph_qa/kuzu.py +++ b/libs/langchain/langchain/chains/graph_qa/kuzu.py @@ -14,8 +14,18 @@ from langchain.schema.language_model import BaseLanguageModel class KuzuQAChain(Chain): - """Chain for question-answering against a graph by generating Cypher statements for - Kùzu. + """Question-answering against a graph by generating Cypher statements for Kùzu. + + *Security note*: Make sure that the database connection uses credentials + that are narrowly-scoped to only include necessary permissions. + Failure to do so may result in data corruption or loss, since the calling + code may attempt commands that would result in deletion, mutation + of data if appropriately prompted or reading sensitive data if such + data is present in the database. + The best way to guard against such negative outcomes is to (as appropriate) + limit the permissions granted to the credentials used with this tool. + + See https://python.langchain.com/docs/security for more information. """ graph: KuzuGraph = Field(exclude=True) diff --git a/libs/langchain/langchain/chains/graph_qa/nebulagraph.py b/libs/langchain/langchain/chains/graph_qa/nebulagraph.py index 09dd52671ba..9bd5f5ec430 100644 --- a/libs/langchain/langchain/chains/graph_qa/nebulagraph.py +++ b/libs/langchain/langchain/chains/graph_qa/nebulagraph.py @@ -14,7 +14,19 @@ from langchain.schema.language_model import BaseLanguageModel class NebulaGraphQAChain(Chain): - """Chain for question-answering against a graph by generating nGQL statements.""" + """Chain for question-answering against a graph by generating nGQL statements. + + *Security note*: Make sure that the database connection uses credentials + that are narrowly-scoped to only include necessary permissions. + Failure to do so may result in data corruption or loss, since the calling + code may attempt commands that would result in deletion, mutation + of data if appropriately prompted or reading sensitive data if such + data is present in the database. + The best way to guard against such negative outcomes is to (as appropriate) + limit the permissions granted to the credentials used with this tool. + + See https://python.langchain.com/docs/security for more information. + """ graph: NebulaGraph = Field(exclude=True) ngql_generation_chain: LLMChain diff --git a/libs/langchain/langchain/chains/graph_qa/neptune_cypher.py b/libs/langchain/langchain/chains/graph_qa/neptune_cypher.py index 67f0303b0a4..dc6b5ca9502 100644 --- a/libs/langchain/langchain/chains/graph_qa/neptune_cypher.py +++ b/libs/langchain/langchain/chains/graph_qa/neptune_cypher.py @@ -85,6 +85,17 @@ class NeptuneOpenCypherQAChain(Chain): """Chain for question-answering against a Neptune graph by generating openCypher statements. + *Security note*: Make sure that the database connection uses credentials + that are narrowly-scoped to only include necessary permissions. + Failure to do so may result in data corruption or loss, since the calling + code may attempt commands that would result in deletion, mutation + of data if appropriately prompted or reading sensitive data if such + data is present in the database. + The best way to guard against such negative outcomes is to (as appropriate) + limit the permissions granted to the credentials used with this tool. + + See https://python.langchain.com/docs/security for more information. + Example: .. code-block:: python diff --git a/libs/langchain/langchain/chains/graph_qa/sparql.py b/libs/langchain/langchain/chains/graph_qa/sparql.py index 2e1c017748b..98dee88f3b8 100644 --- a/libs/langchain/langchain/chains/graph_qa/sparql.py +++ b/libs/langchain/langchain/chains/graph_qa/sparql.py @@ -21,9 +21,18 @@ from langchain.schema.language_model import BaseLanguageModel class GraphSparqlQAChain(Chain): - """ - Chain for question-answering against an RDF or OWL graph by generating - SPARQL statements. + """Question-answering against an RDF or OWL graph by generating SPARQL statements. + + *Security note*: Make sure that the database connection uses credentials + that are narrowly-scoped to only include necessary permissions. + Failure to do so may result in data corruption or loss, since the calling + code may attempt commands that would result in deletion, mutation + of data if appropriately prompted or reading sensitive data if such + data is present in the database. + The best way to guard against such negative outcomes is to (as appropriate) + limit the permissions granted to the credentials used with this tool. + + See https://python.langchain.com/docs/security for more information. """ graph: RdfGraph = Field(exclude=True) diff --git a/libs/langchain/langchain/graphs/arangodb_graph.py b/libs/langchain/langchain/graphs/arangodb_graph.py index 6176f92e0ca..b9e4530058e 100644 --- a/libs/langchain/langchain/graphs/arangodb_graph.py +++ b/libs/langchain/langchain/graphs/arangodb_graph.py @@ -14,6 +14,8 @@ class ArangoGraph: data is present in the database. The best way to guard against such negative outcomes is to (as appropriate) limit the permissions granted to the credentials used with this tool. + + See https://python.langchain.com/docs/security for more information. """ def __init__(self, db: Any) -> None: diff --git a/libs/langchain/langchain/graphs/falkordb_graph.py b/libs/langchain/langchain/graphs/falkordb_graph.py index 39aed253856..9829dac345b 100644 --- a/libs/langchain/langchain/graphs/falkordb_graph.py +++ b/libs/langchain/langchain/graphs/falkordb_graph.py @@ -43,6 +43,8 @@ class FalkorDBGraph(GraphStore): data is present in the database. The best way to guard against such negative outcomes is to (as appropriate) limit the permissions granted to the credentials used with this tool. + + See https://python.langchain.com/docs/security for more information. """ def __init__( diff --git a/libs/langchain/langchain/graphs/hugegraph.py b/libs/langchain/langchain/graphs/hugegraph.py index f70f79bcd69..a052efce4d0 100644 --- a/libs/langchain/langchain/graphs/hugegraph.py +++ b/libs/langchain/langchain/graphs/hugegraph.py @@ -12,6 +12,8 @@ class HugeGraph: data is present in the database. The best way to guard against such negative outcomes is to (as appropriate) limit the permissions granted to the credentials used with this tool. + + See https://python.langchain.com/docs/security for more information. """ def __init__( diff --git a/libs/langchain/langchain/graphs/kuzu_graph.py b/libs/langchain/langchain/graphs/kuzu_graph.py index b069de9ed3d..eda7417f940 100644 --- a/libs/langchain/langchain/graphs/kuzu_graph.py +++ b/libs/langchain/langchain/graphs/kuzu_graph.py @@ -12,6 +12,8 @@ class KuzuGraph: data is present in the database. The best way to guard against such negative outcomes is to (as appropriate) limit the permissions granted to the credentials used with this tool. + + See https://python.langchain.com/docs/security for more information. """ def __init__(self, db: Any, database: str = "kuzu") -> None: diff --git a/libs/langchain/langchain/graphs/memgraph_graph.py b/libs/langchain/langchain/graphs/memgraph_graph.py index 69eb0e2c85c..17d25d6d413 100644 --- a/libs/langchain/langchain/graphs/memgraph_graph.py +++ b/libs/langchain/langchain/graphs/memgraph_graph.py @@ -24,6 +24,8 @@ class MemgraphGraph(Neo4jGraph): data is present in the database. The best way to guard against such negative outcomes is to (as appropriate) limit the permissions granted to the credentials used with this tool. + + See https://python.langchain.com/docs/security for more information. """ def __init__( diff --git a/libs/langchain/langchain/graphs/nebula_graph.py b/libs/langchain/langchain/graphs/nebula_graph.py index 5053cbc9e58..a1b25e81c28 100644 --- a/libs/langchain/langchain/graphs/nebula_graph.py +++ b/libs/langchain/langchain/graphs/nebula_graph.py @@ -29,6 +29,8 @@ class NebulaGraph: data is present in the database. The best way to guard against such negative outcomes is to (as appropriate) limit the permissions granted to the credentials used with this tool. + + See https://python.langchain.com/docs/security for more information. """ def __init__( diff --git a/libs/langchain/langchain/graphs/neo4j_graph.py b/libs/langchain/langchain/graphs/neo4j_graph.py index df4230c6c4a..4f656742365 100644 --- a/libs/langchain/langchain/graphs/neo4j_graph.py +++ b/libs/langchain/langchain/graphs/neo4j_graph.py @@ -40,6 +40,8 @@ class Neo4jGraph(GraphStore): data is present in the database. The best way to guard against such negative outcomes is to (as appropriate) limit the permissions granted to the credentials used with this tool. + + See https://python.langchain.com/docs/security for more information. """ def __init__( diff --git a/libs/langchain/langchain/graphs/neptune_graph.py b/libs/langchain/langchain/graphs/neptune_graph.py index fc7c79ba3cc..6ecdde6e761 100644 --- a/libs/langchain/langchain/graphs/neptune_graph.py +++ b/libs/langchain/langchain/graphs/neptune_graph.py @@ -47,6 +47,8 @@ class NeptuneGraph: data is present in the database. The best way to guard against such negative outcomes is to (as appropriate) limit the permissions granted to the credentials used with this tool. + + See https://python.langchain.com/docs/security for more information. """ def __init__( diff --git a/libs/langchain/langchain/graphs/networkx_graph.py b/libs/langchain/langchain/graphs/networkx_graph.py index d7aeeac4d97..81b7862fab2 100644 --- a/libs/langchain/langchain/graphs/networkx_graph.py +++ b/libs/langchain/langchain/graphs/networkx_graph.py @@ -57,6 +57,8 @@ class NetworkxEntityGraph: data is present in the database. The best way to guard against such negative outcomes is to (as appropriate) limit the permissions granted to the credentials used with this tool. + + See https://python.langchain.com/docs/security for more information. """ def __init__(self, graph: Optional[Any] = None) -> None: diff --git a/libs/langchain/langchain/graphs/rdf_graph.py b/libs/langchain/langchain/graphs/rdf_graph.py index 69489424a84..f3388238ed9 100644 --- a/libs/langchain/langchain/graphs/rdf_graph.py +++ b/libs/langchain/langchain/graphs/rdf_graph.py @@ -103,6 +103,8 @@ class RdfGraph: data is present in the database. The best way to guard against such negative outcomes is to (as appropriate) limit the permissions granted to the credentials used with this tool. + + See https://python.langchain.com/docs/security for more information. """ def __init__(