Merge pull request OpenInterpreter#709 from InterwebAlchemy/feature/s…

…afe-mode-docs chore: add better docs for safe_mode; load semgrep if available
joshuavial · Oct 30, 2023 · 887efa7 · 887efa7
2 parents 58fea13 + 40a5e69
commit 887efa7
Show file tree

Hide file tree

Showing 6 changed files with 93 additions and 3 deletions.
diff --git a/README.md b/README.md
@@ -349,6 +349,8 @@ You can run `interpreter -y` or set `interpreter.auto_run = True` to bypass this
 - Watch Open Interpreter like a self-driving car, and be prepared to end the process by closing your terminal.
 - Consider running Open Interpreter in a restricted environment like Google Colab or Replit. These environments are more isolated, reducing the risks of executing arbitrary code.
 
+There is **experimental** support for a [safe mode](./docs/SAFE_MODE.md) to help mitigate some risks.
+
 ## How Does it Work?
 
 Open Interpreter equips a [function-calling language model](https://platform.openai.com/docs/guides/gpt/function-calling) with an `exec()` function, which accepts a `language` (like "Python" or "JavaScript") and `code` to run.

diff --git a/docs/SAFE_MODE.md b/docs/SAFE_MODE.md
@@ -0,0 +1,61 @@
+# Safe Mode
+
+**⚠️ Safe mode is experimental and does not provide any guarantees of safety or security.**
+
+Open Interpreter is working on providing an experimental safety toolkit to help you feel more confident running the code generated by Open Interpreter.
+
+
+Install Open Interpreter with the safety toolkit dependencies as part of the bundle:
+
+```shell
+pip install open-interpreter[safe]
+```
+
+Alternatively, you can install the safety toolkit dependencies separately in your virtual environment:
+
+```shell
+pip install semgrep
+```
+
+## Features
+
+- **No Auto Run**: Safe mode disables the ability to automatically execute code
+- **Code Scanning**: Scan generated code for vulnerabilities with [`semgrep`](https://semgrep.dev/)
+
+## Enabling Safe Mode
+
+You can enable safe mode by passing the `--safe` flag when invoking `interpreter` or by configuring `safe_mode` in your [config file](https://github.com/KillianLucas/open-interpreter#configuration).
+
+The safe mode setting has three options:
+
+- `off`: disables the safety toolkit (_default_)
+- `ask`: prompts you to confirm that you want to scan code
+- `auto`: automatically scans code
+
+### Example Config:
+
+```yaml
+model: gpt-4
+temperature: 0
+debug_mode: false
+safe_mode: ask
+```
+
+## Roadmap
+
+Some upcoming features that enable even more safety:
+
+- [Execute code in containers](https://github.com/KillianLucas/open-interpreter/pull/459)
+
+## Tips & Tricks
+
+You can adjust the `system_message` in your [config file](https://github.com/KillianLucas/open-interpreter#configuration) to include instructions for the model to scan packages with [`guarddog`]() before installing them.
+
+```yaml
+model: gpt-4
+debug_mode: false
+safe_mode: ask
+system_message: |
+  # normal system message here
+  BEFORE INSTALLING ANY PACKAGES WITH pip OR npm YOU MUST SCAN THEM WITH `guarddog` FIRST. Run `guarddog pypi scan $package` for pip packages and `guarddog npm scan $package` for npm packages. `guarddog` only accepts one package name at a time.
+```
diff --git a/interpreter/terminal_interface/terminal_interface.py b/interpreter/terminal_interface/terminal_interface.py
@@ -9,6 +9,7 @@
 from ..utils.display_markdown_message import display_markdown_message
 from ..utils.truncate_output import truncate_output
 from ..utils.scan_code import scan_code
+from ..utils.check_for_package import check_for_package
 
 
 def terminal_interface(interpreter, message):
@@ -17,8 +18,9 @@ def terminal_interface(interpreter, message):
             "**Open Interpreter** will require approval before running code."
         ]
 
-        if interpreter.safe_mode != "off":
-            interpreter_intro_message.append(f"**Safe Mode**: {interpreter.safe_mode}\n\n>Note: **Safe Mode** requires `semgrep` (`pip install semgrep`)")
+        if interpreter.safe_mode == "ask" or interpreter.safe_mode == "auto":
+            if not check_for_package("semgrep"):
+                interpreter_intro_message.append(f"**Safe Mode**: {interpreter.safe_mode}\n\n>Note: **Safe Mode** requires `semgrep` (`pip install semgrep`)")
         else:
             interpreter_intro_message.append(
                 "Use `interpreter -y` to bypass this."

diff --git a/interpreter/utils/check_for_package.py b/interpreter/utils/check_for_package.py
@@ -0,0 +1,19 @@
+import importlib.util
+import sys
+
+#borrowed from: https://stackoverflow.com/a/1051266/656011
+def check_for_package(package):
+  if package in sys.modules:
+    return True
+  elif (spec := importlib.util.find_spec(package)) is not None:
+    try:
+      module = importlib.util.module_from_spec(spec)
+
+      sys.modules[package] = module
+      spec.loader.exec_module(module)
+
+      return True
+    except ImportError:
+      return False
+  else:
+    return False
diff --git a/poetry.lock b/poetry.lock
diff --git a/pyproject.toml b/pyproject.toml
@@ -46,3 +46,6 @@ build-backend = "poetry.core.masonry.api"
 
 [tool.poetry.scripts]
 interpreter = "interpreter:cli"
+
+[tool.poetry.extras]
+safe = ["semgrep"]