To report a security vulnerability, please contact: security@huggingface.co
To learn more about running agents more securely, please see the Secure Code Execution tutorial which covers sandboxing with E2B, YepCode, Docker, and WebAssembly.
smolagents provides several options for secure code execution:
-
E2B Sandbox: Uses E2B to run code in a secure, isolated environment.
-
YepCode Sandbox: Uses YepCode cloud-based serverless runtime for secure code execution with automatic package installation.
-
Docker Sandbox: Runs code in an isolated Docker container.
-
WebAssembly Sandbox: Executes Python code securely in a sandboxed WebAssembly environment using Pyodide and Deno's secure runtime.
We recommend using one of these sandboxed execution options when running untrusted code.