Sandbox container tool code for inspect_ai
Reason this release was yanked:
Doesn't properly support kali linux
Project description
Multi-tool Shared Image
Stateless / Stateful Design
Inspect calls into the sandboxed image are done statelessly via docker exec python multi-tool.py.
Some tools can be implemented without the need for any in-process state. For those tools, the tool code will be executed within the multi-tool.py process.
For tools that require the maintenance of state over the lifetime of and sandbox, this image marshals tool calls into a long running process via JSON RPC to an http server process. That server then dispatches tool calls to tool specific @method handlers.
Stateful Tool Design Pattern
Each stateful tool should have its own subdirectory that contains the following files:
-
json_rpc_methods.pyThis module contains all of the JSON RPC
@methodfunctions — one for each tool (e.g. the web browser tool is actually a set of distinct tools). It is responsible for unpacking the JSON RPC request and forwarding the call to a transport-agnostic, strongly typed, stateful controller. -
tool_types.pyThis module includes the
pydanticmodels representing the types for tool call parameters and results. -
controller.pyThis is transport-agnostic, strongly typed code that manages the tool specific in-process state and performs requested commands.
Compatibility
The Inspect framework will insure that the most recently published image of a particular tag will be downloaded when an eval is executed. This means that, from a cross-version perspective, we only have to worry about old tool code interacting with newer container code. The inverse is not possible.
Because of this, when publishing new major version images, care must be taken to retain the old version entrypoint called by tools.
For example, older versions of the web_browser_tool() performed docker exec's against /app/web_browser/web_client.py and /app/web_browser/web_client_new_session.py. A newer version of the image changed the entry point to /opt/inspect/multi-tool-v1.py.
This means that newer versions of the image must retain the old entry points in a backwardly compatible way. Typically, the implementation of those old entry points will be updated to adapt and call the new version of the code.
[!TIP] For this reason, it is a best practice to include a version number in the filename of the
docker execentry points.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file inspect_tool_support-0.1.2.tar.gz.
File metadata
- Download URL: inspect_tool_support-0.1.2.tar.gz
- Upload date:
- Size: 56.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.1
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
c5afe508ce527c529747dbb052a4744ac9998199e5e023bc3638363dbe95982b
|
|
| MD5 |
b908f65b4e438754fd24a9cd5e22c2cd
|
|
| BLAKE2b-256 |
d2d0ad759c47a13e3e017857e39f50715d46709f2856a75767e9d0528fdd3e2f
|
File details
Details for the file inspect_tool_support-0.1.2-py3-none-any.whl.
File metadata
- Download URL: inspect_tool_support-0.1.2-py3-none-any.whl
- Upload date:
- Size: 68.4 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.1
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
29af6e398402c83abedda59b8d581a79ba54c71de5d15ed6aaa3eb3b04bdd2a2
|
|
| MD5 |
e3ce0b359b42a16ca6a2280cfc301ce0
|
|
| BLAKE2b-256 |
7aa0ef95e33576589a4a13b23a6aa4128ca062898198c3e9f80d219d0e69519d
|
