PandasAI executes Python code that is generated by Large Language Models (LLMs). While this provides powerful data analysis capabilities, it’s crucial to understand the security implications, especially in production use cases where your application might be exposed to potential malicious attacks.
When building applications that allow users to interact with PandasAI, there’s a potential risk that malicious users might attempt to manipulate the LLM into generating harmful code. To mitigate this risk, PandasAI provides a secure sandbox environment with the following features:
Isolated Execution: Code runs in a completely isolated Docker container
Offline Operation: The sandbox runs entirely offline, preventing any external network requests
Resource Limitations: Strict controls on system resource usage
File System Isolation: Protected access to the file system
To use the sandbox environment, you first need to install the required package and have Docker running on your system:
Copy
pip install pandasai-docker
Make sure you have Docker running on your system before using the sandbox
environment.
Here’s how to enable the sandbox for your PandasAI chat:
Copy
import pandasai as paifrom pandasai_docker import DockerSandboxpai.api_key.set("YOUR_API_KEY")# initialize the sandboxsandbox = DockerSandbox()sandbox.start()# read a csv as dfdf = pai.read_csv("./data/heart.csv")# pass the df and the sandboxresult = pai.chat("plot total heart patients by gender", df, sandbox=sandbox)# display the chartresult.show()# stop the sandbox (docker container)sandbox.stop()
For production-ready use cases, we offer several advanced sandbox options as part of our Enterprise license. These include:
Custom security policies
Advanced resource management
Enhanced monitoring capabilities
Additional isolation layers
If you need more information about our Enterprise sandbox options or require assistance with implementation, please contact us at pm@sinaptik.ai. Our team can help you choose and configure the right security solution for your specific use case.