Add posibility to execute Code in Containers

[Yanni8]

Checked

• I searched existing ideas and did not find a similar one
• I added a very descriptive title
• I've clearly described the feature request and motivation for it

Feature request

AutoGen currently uses, by default, Docker containers to execute Python code.
I think this is a great way of minimizing the Risks of llm generated code.

Lang Chain offers a lot of different Tools where code gets automatically generated and executed. For example, the Pandas Tool.

I think it would be great to also implement a way to run those tools in an isolated environment like a Docker container.

Motivation

Running llm generated code is a security risk. Either because a user asks the LLM to generate malicious code or the llm generating malicious code on accident.

This is a major issue when working with those tools.

Proposal (If applicable)

No response

[eyurtsev]

This is a feature we'd love to have in LangChain. The core team has it on the backend, but we don't have cycles to implement it right now. If someone wants to take a stab at it, we'd appreciate the contribution.

We'd want an ability to properly look the code in the container; i.e., also include options to isolate it from the network to the extent possible etc

[tizkovatereza]

Hello @eyurtsev , wanted to ask - how is the code from Langchain tools executed currently? Does it differ from tool to tool, or is there some common approach?
I'm curious, because I couldn't find any info on this.

Thank you!

[mlejva]

hey @Yanni8 this will be a shameless promotion (feel free to delete this LangChain team) but check out https://e2b.dev/docs. I think we might be building what you need. A safe cloud runtime for AI agents. The most typical use case is building custom code interpreters with us.
We're fully open source https://github.com/e2b-dev

[Duncan-Haywood]

I would also strongly like to see this done. It's a hesitation in choosing langchain (lang-graph) over autogen for a framework to use for multi-agent workflows. I like the graph representation better for the greater control and flexibility and also the more mature support for async streaming and tool integrations, but the missing docker-ization for secure code execution is a hesitation in choosing langchain over autogen. I think it'd be good to do since I imagine more workflows will be moving to multi-agent and need code execution.