docs: add bash_executor example#1391
Conversation
Signed-off-by: Akihiko Kuroda <akihikokuroda2020@gmail.com>
Signed-off-by: Akihiko Kuroda <akihikokuroda2020@gmail.com>
| # Semicolon: substring check (dangerous even in some quote contexts) | ||
| if ";" in arg: | ||
| # Allow escaped semicolons (\;) used in find -exec syntax | ||
| if ";" in arg and "\\;" not in arg: |
There was a problem hiding this comment.
If I am understanding the code trace correctly it looks like this:
BashEnvironment._validate_command (in shell.py:834)
shlex.split (shell.py:849)
_is_dangerous_command(shell.py:868)
check_all_patterns(shell.py:144)
check_all_patterns(_bash_patterns.py:248)
ShellOperatorPattern.check(_bash_patterns.py:91)
This check final check was updated to allow escaped semicolons specifically (;).
However if since shlex.split is already called, is the backslash not already removed?
ie
command as typed : find logs -name '*.log' -exec cat {} \;
after shlex.split
shlex.split(command) : ['find', 'logs', '-name', '*.log', '-exec', 'cat', '{}', ';']
There was a problem hiding this comment.
@AngeloDanducci your are right. There are issues processing "". Some code are changed to fix this issue.
Signed-off-by: Akihiko Kuroda <akihikokuroda2020@gmail.com>
Pull Request
Issue
Fixes #1390
Description
Adds a comprehensive example demonstrating safe Python code generation with
bash_executororchestration for CLI data processing tasks. Shows how to avoid shell operators by using Python control flow for orchestrating multiple bash commands.Key Features:
bash_executor()callsPythonSyntaxValidrequirementpython_toolwith configurable execution tiersChanges
New Files
docs/examples/requirements/code_generation_and_execution_bash.py- Full example with 5 data processing tasksModified Files
mellea/stdlib/tools/_bash_patterns.py- Relaxed semicolon guardrail to allow escaped semicolons (\;) forfind -execsyntaxdocs/examples/requirements/README.md- Added comprehensive documentation section for the new exampledocs/examples/README.md- Updated requirements section highlighting the new exampleExamples Provided
Example 1: Find and count ERROR entries
User request: Find all ERROR entries in the log files and count them
Output: Total ERROR entries found in all logs: 6
Example 2: Count total lines in files
User request: List all log files and count the total number of lines across all of them
Output: Total number of lines across all log files: 24
Example 3: Display file contents
User request: Show the contents of all data files in the data directory
Output: Displays all CSV data files
Example 4: Find and display WARN entries
User request: Find all WARN entries in the log files and display the files containing them
Output: logs/app_1.log: contains 2 WARN entries
logs/app_2.log: contains 2 WARN entries
logs/app_3.log: contains 2 WARN entries
Example 5: Aggregate ERROR entries
User request: Count how many log files contain ERROR entries
Output: Total ERROR entries across all log files: 6
Technical Details
Key Design Principles
|), redirects (>,>>), and unescaped semicolonsresult.success,result.stdout,result.skip_messagepython_tooltier for subprocess isolationBash Guardrail Enhancement
Relaxed the semicolon guardrail in
_bash_patterns.pyto allow escaped semicolons (\;):\;) are allowed forfind -exec ... \;patternsfindcommand patterns while blocking shell chainingLLM Prompt Enhancements
Enhanced the prompt with:
^anchors)Testing
All 5 examples execute successfully with correct output
All 49 bash guardrail tests pass
Code passes ruff formatting (
ruff format)Code passes ruff linting (
ruff check)Code passes mypy type checking (
mypy)Verification