OpenHands icon indicating copy to clipboard operation
OpenHands copied to clipboard
verified publisher icon All-Hands-AI

Add more information about safety of running OpenDevin to the README

Open code2graph opened this issue 1 year ago • 8 comments

OpenDevin is an agent and I am super worried whether it is safe to run OpenDevin or not.

For example, it can steal sensitive information, password etc.

How do you guarantee it is safe to run it in a local machine?

code2graph avatar Apr 03 '24 00:04 code2graph

Don't send sensitive information to it and you won't have cause to worry. The same goes for ChatGPT, Gemini, or any other model.

kjenney avatar Apr 03 '24 00:04 kjenney

You can use a local llama server

andrescevp avatar Apr 03 '24 00:04 andrescevp

I am not worrying about ChatGPT, Gemini. These are established company.

I am more about about the OpenDevin code itself.

code2graph avatar Apr 03 '24 00:04 code2graph

well you can check code by your self... I am checking it to extend this or help with the project... seems to be clean... nothing weird for now... :smile:

andrescevp avatar Apr 03 '24 01:04 andrescevp

I am not worrying about ChatGPT, Gemini. These are established company.

I am more about about the OpenDevin code itself.

Please don't post sensitive information to any model. There is absolutely no good reason to do so.

kjenney avatar Apr 03 '24 01:04 kjenney

@code2graph there is most likely a risk since the model is capable of creating and executing its own code. It all really depends if you point the model in a direction that is a problem. For example if you gave it the workspace of sys32 that would be a really bad idea. It is most likely safe to run if you don't give it files like @kjenney said and you don't try to make it do something malicious. With LLM's there is always a risk that they hallucinate something and go off the rails so if your computer has really important information you should look into using a VM or something similar to mitigate risks.

JayQuimby avatar Apr 03 '24 01:04 JayQuimby

We should add more information about the safety measures that are in place with OpenDevin (docker sandbox, etc.) and why those are still not perfect, to the README.

neubig avatar Apr 03 '24 11:04 neubig

I am not worrying about ChatGPT, Gemini. These are established company.

Yes, but you actually don't know what they do.

I am more about about the OpenDevin code itself. For example, it can steal sensitive information, password etc.

All code are opensource, so you don't need to worry it will steal sensitive information on purpose. You can chcek the code logic.

there is most likely a risk since the model is capable of creating and executing its own code

Agree with that, and that is one of the reason why we run it in a sandbox/docker. Still more improvement and welcome any suggestions.

yufansong avatar Apr 04 '24 21:04 yufansong