Benhao Tang's picture

Benhao Tang PRO

benhaotang

AI & ML interests

Physics Master student in theoretical particle physics at UniversitΓ€t Heidelberg, actively looking into the possibilities of integrating AI into future physics research.

Recent Activity

liked a model 1 day ago
deepseek-ai/DeepSeek-V3-0324
liked a model 7 days ago
ds4sd/SmolDocling-256M-preview
liked a model 9 days ago
KandirResearch/CiSiMi-v0.1
View all activity

Organizations

None yet

benhaotang's activity

reacted to albertvillanova's post with πŸ‘ 17 days ago
view post
Post
3681
πŸš€ New smolagents update: Safer Local Python Execution! 🦾🐍

With the latest release, we've added security checks to the local Python interpreter: every evaluation is now analyzed for dangerous builtins, modules, and functions. πŸ”’

Here's why this matters & what you need to know! πŸ§΅πŸ‘‡

1️⃣ Why is local execution risky? ⚠️
AI agents that run arbitrary Python code can unintentionally (or maliciously) access system files, run unsafe commands, or exfiltrate data.

2️⃣ New Safety Layer in smolagents πŸ›‘οΈ
We now inspect every return value during execution:
βœ… Allowed: Safe built-in types (e.g., numbers, strings, lists)
β›” Blocked: Dangerous functions/modules (e.g., os.system, subprocess, exec, shutil)

3️⃣ Immediate Benefits πŸ’‘
- Prevent agents from accessing unsafe builtins
- Block unauthorized file or network access
- Reduce accidental security vulnerabilities

4️⃣ Security Disclaimer ⚠️
🚨 Despite these improvements, local Python execution is NEVER 100% safe. 🚨
If you need true isolation, use a remote sandboxed executor like Docker or E2B.

5️⃣ The Best Practice: Use Sandboxed Execution πŸ”
For production-grade AI agents, we strongly recommend running code in a Docker or E2B sandbox to ensure complete isolation.

6️⃣ Upgrade Now & Stay Safe! πŸš€
Check out the latest smolagents release and start building safer AI agents today.

πŸ”— https://github.com/huggingface/smolagents

What security measures do you take when running AI-generated code? Let’s discuss! πŸ‘‡

#AI #smolagents #Python #Security
  • 2 replies
Β·
replied to their post about 1 month ago
view reply

image.png

OK, grok 3 deep research also failed on my benchmark...

And this is the final solution it gives me:

Use wsl --shutdown before hibernating; if it fails, try net stop LxssManager.

What? How about just tell me if WSL have problem, just do not using WSL... How can this be a solution when there is even an official troubleshooting guide that provide more solutions. This is the even worst than gemini and perplexity, at least they read the official guide, just got lost in github issue threads... Now I really want to know how OpenAI's compares to mine, if I have 200 dollars.