From f4bec9686d6a2d07a0f0540b34f9313b0cd5ae89 Mon Sep 17 00:00:00 2001 From: Eugene Yurtsev Date: Wed, 18 Oct 2023 15:00:56 -0400 Subject: [PATCH] Add more security notes (#11990) Add more security notes --- libs/langchain/langchain/chains/llm_requests.py | 11 ++++++++++- libs/langchain/langchain/chains/natbot/base.py | 13 +++++++++++++ .../langchain/chains/natbot/crawler.py | 17 ++++++++++++++++- .../langchain/chains/sql_database/query.py | 15 +++++++++++++++ 4 files changed, 54 insertions(+), 2 deletions(-) diff --git a/libs/langchain/langchain/chains/llm_requests.py b/libs/langchain/langchain/chains/llm_requests.py index 95028d69e61..4abe365106e 100644 --- a/libs/langchain/langchain/chains/llm_requests.py +++ b/libs/langchain/langchain/chains/llm_requests.py @@ -15,7 +15,16 @@ DEFAULT_HEADERS = { class LLMRequestsChain(Chain): - """Chain that requests a URL and then uses an LLM to parse results.""" + """Chain that requests a URL and then uses an LLM to parse results. + + **Security Note**: This chain can make GET requests to arbitrary URLs, + including internal URLs. + + Control access to who can run this chain and what network access + this chain has. + + See https://python.langchain.com/docs/security for more information. + """ llm_chain: LLMChain requests_wrapper: TextRequestsWrapper = Field( diff --git a/libs/langchain/langchain/chains/natbot/base.py b/libs/langchain/langchain/chains/natbot/base.py index e772ee7b428..e6c334f5fff 100644 --- a/libs/langchain/langchain/chains/natbot/base.py +++ b/libs/langchain/langchain/chains/natbot/base.py @@ -16,6 +16,19 @@ from langchain.schema.language_model import BaseLanguageModel class NatBotChain(Chain): """Implement an LLM driven browser. + **Security Note**: This toolkit provides code to control a web-browser. + + The web-browser can be used to navigate to: + + - Any URL (including any internal network URLs) + - And local files + + Exercise care if exposing this chain to end-users. Control who is able to + access and use this chain, and isolate the network access of the server + that hosts this chain. + + See https://python.langchain.com/docs/security for more information. + Example: .. code-block:: python diff --git a/libs/langchain/langchain/chains/natbot/crawler.py b/libs/langchain/langchain/chains/natbot/crawler.py index 442781e551c..8aa35d95259 100644 --- a/libs/langchain/langchain/chains/natbot/crawler.py +++ b/libs/langchain/langchain/chains/natbot/crawler.py @@ -49,7 +49,22 @@ class ElementInViewPort(TypedDict): class Crawler: - """A crawler for web pages.""" + """A crawler for web pages. + + **Security Note**: This is an implementation of a crawler that uses a browser via + Playwright. + + This crawler can be used to load arbitrary webpages INCLUDING content + from the local file system. + + Control access to who can submit crawling requests and what network access + the crawler has. + + Make sure to scope permissions to the minimal permissions necessary for + the application. + + See https://python.langchain.com/docs/security for more information. + """ def __init__(self) -> None: try: diff --git a/libs/langchain/langchain/chains/sql_database/query.py b/libs/langchain/langchain/chains/sql_database/query.py index 73253259046..99c0fff0a32 100644 --- a/libs/langchain/langchain/chains/sql_database/query.py +++ b/libs/langchain/langchain/chains/sql_database/query.py @@ -33,6 +33,21 @@ def create_sql_query_chain( ) -> Runnable[Union[SQLInput, SQLInputWithTables], str]: """Create a chain that generates SQL queries. + *Security Note*: This chain generates SQL queries for the given database. + + The SQLDatabase class provides a get_table_info method that can be used + to get column information as well as sample data from the table. + + To mitigate risk of leaking sensitive data, limit permissions + to read and scope to the tables that are needed. + + Optionally, use the SQLInputWithTables input type to specify which tables + are allowed to be accessed. + + Control access to who can submit requests to this chain. + + See https://python.langchain.com/docs/security for more information. + Args: llm: The language model to use db: The SQLDatabase to generate the query for