Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security & Performance Issue: Unlimited Code Output in LLM Context #1588

Open
ovenzeze opened this issue Feb 10, 2025 · 1 comment
Open

Security & Performance Issue: Unlimited Code Output in LLM Context #1588

ovenzeze opened this issue Feb 10, 2025 · 1 comment

Comments

@ovenzeze
Copy link

ovenzeze commented Feb 10, 2025
edited
Loading

Issue Description

When executing code that produces large amounts of output (e.g., directory listings, file contents, system information), all output is sent to the LLM in its entirety before being truncated in the final response. This raises both security and performance concerns:

  1. Security Risk:

    • Sensitive information in large outputs (logs, system info, file contents) is sent to the LLM
    • Even if truncated in the final response, the LLM has already processed the complete output
    • This could lead to unintended data exposure

  2. Performance Impact:

    • Unnecessary token consumption when sending large outputs to the LLM
    • Increased API costs
    • Potential context window overflow

Example

# Simple code that generates large output
import os
for root, dirs, files in os.walk("/"):
    print(f"Directory: {root}")
    for file in files:
        print(f"  File: {file}")

Current behavior:

  1. Code executes and generates complete output
  2. Complete output is sent to LLM
  3. LLM processes all output
  4. Response is truncated for display

Proposed Solution

Add output limiting at the source (code execution) level:

  1. Add a configurable max_output_lines or max_output_bytes parameter
  2. Implement truncation during code execution, before sending to LLM
  3. Add clear indicators when output is truncated

This aligns with the project's philosophy of simplicity and security while maintaining core functionality.

Questions

  1. Would this feature align with the project's scope?
  2. Should this be configurable per execution or as a global setting?
  3. What would be a reasonable default limit?

Additional Context

This issue was discovered while building a service using Open Interpreter's API. The complete output being sent to the LLM was noticed through debug logs and token usage metrics.

Describe the solution you'd like

Add output limiting at the source (code execution) level:

  1. Add a configurable max_output_lines or max_output_bytes parameter
  2. Implement truncation during code execution, before sending to LLM
  3. Add clear indicators when output is truncated

This aligns with the project's philosophy of simplicity and security while maintaining core functionality.

Describe alternatives you've considered

No response

Additional context

No response
@CyanideByte
Copy link
Contributor

CyanideByte commented Feb 14, 2025
edited
Loading

Try this setting:
interpreter --max_output 1000
https://docs.openinterpreter.com/settings/all-settings#max-output

It looks like by default this value is set to 2800.
It should do what you're describing, truncating output from code execution.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@CyanideByte @ovenzeze