企业微信
飞书
选择您喜欢的方式加入群聊
扫码添加咨询专家
在 AI 驱动的数据分析系统中,如何让 LLM 生成的代码安全、高效地执行,是一个核心挑战。AskTable 的 ReportAgent 采用了一种创新的架构:JSX 编译 + Python 沙箱执行,实现了数据报告的动态生成。
ReportAgent 负责生成数据报告组件,其核心流程包括:
load_dataframe()class ReportAgent(DBAgent):
def __init__(self, datasource: DataSourceAdmin, assumed_role: RoleAdmin | None = None):
super().__init__(
prompt_name="agent/report_generator",
datasource=datasource,
assumed_role=assumed_role,
)
self.add_tool(self.show_table)
self.add_tool(self.search_metadata)
self.add_tool(self.execute_sql)
self.set_output_parser(self.output_parser)
self.compiled_code: str | None = None
self.source_code: str | None = None
self.referenced_dataframes: list[str] = []
LLM 生成的代码需要包裹在
<code>...</code>def output_parser(self, output: str) -> None:
# 1. 提取代码块
pattern = r"<code>(.*?)</code>"
match = re.search(pattern, output, re.DOTALL)
if not match:
raise ValueError("Invalid output format. Expected: <code>...</code>")
code = match.group(1).strip()
# 2. 提取 DataFrame 引用
load_df_pattern = r"load_dataframe\(\s*['\"]( df_[A-Za-z0-9]+)['\"]\s*\)"
referenced_dataframes = re.findall(load_df_pattern, code)
if not referenced_dataframes:
raise ValueError("No load_dataframe('df_id') pattern found in code.")
# 3. 编译 JSX 代码
self.compiled_code = compile_jsx(code)
self.source_code = code
# 4. 验证 DataFrame 是否存在
missing_ids = set(referenced_dataframes) - set(self.data_workspace.keys())
if missing_ids:
raise ValueError(f"Referenced dataframes {missing_ids} are not in the data workspace")
self.referenced_dataframes = referenced_dataframes
JSX 编译通过远程服务实现,避免在 Python 环境中引入 Node.js 依赖:
BASE_URL = "http://localhost:5300/jsx"
def compile_jsx(code: str) -> str:
response = requests.post(BASE_URL, json={"code": code})
if response.status_code != 200:
raise Exception(response.json()["error"])
return response.json()["compiledCode"]
编译服务使用 Babel 进行 JSX 转译:
// Node.js 编译服务
const express = require('express');
const babel = require('@babel/core');
app.post('/jsx', (req, res) => {
const { code } = req.body;
try {
const result = babel.transformSync(code, {
presets: ['@babel/preset-react'],
plugins: ['@babel/plugin-transform-modules-commonjs']
});
res.json({ compiledCode: result.code });
} catch (error) {
res.status(400).json({ error: error.message });
}
});
<code>
import { BarChart } from '@/components/charts';
function SalesReport() {
const data = load_dataframe('df_abc123');
return (
<div className="report">
<h2>月度销售报告</h2>
<BarChart
data={data}
xField="month"
yField="sales"
title="2024 年销售趋势"
/>
<p>总销售额: {data.reduce((sum, row) => sum + row.sales, 0)}</p>
</div>
);
}
</code>
对于数据处理和分析任务,ReportAgent 支持执行 Python 代码:
class CorrAnalyzerAgent(DBAgent):
def __init__(self, datasource, assumed_role=None, preference=None, user_profile=None):
super().__init__(
prompt_name="agent/analysis_report_generator",
datasource=datasource,
assumed_role=assumed_role,
)
self.add_tool(self.execute_python)
self.executor = PythonExecutor(packages=["pandas", "numpy", "scipy"])
class PythonExecutor:
def __init__(self, packages: list[str] = DEFAULT_PACKAGES):
self._base_url = BASE_URL
self._packages = packages
self._executor_id = self._create_executor(packages)
def _create_executor(self, packages: list[str]) -> str:
"""创建隔离的执行器实例"""
response = requests.post(
f"{self._base_url}/python/executor",
json={"packages": packages},
)
if response.status_code != 201:
raise Exception(f"Failed to create executor: {response.text}")
return response.json()["executor_id"]
使用 Pickle + Base64 进行 DataFrame 传输:
def send_dataframes(self, dataframes: dict[str, pd.DataFrame]) -> None:
for df_name, df in dataframes.items():
# 序列化 DataFrame
pickled_df = base64.b64encode(pickle.dumps(df)).decode()
# 注入到执行环境
code = dedent(f"""
import pickle
import base64
df = pickle.loads(base64.b64decode('{pickled_df}'))
_saved_dataframes['{df_name}'] = {{
"df": df,
"description": "initial dataframe"
}}
""")
self._execute(code=code)
def execute(self, code: str, variables: dict = {}, dataframes: dict = {}) -> CodeExecutionResponse:
# 1. 注入变量
if variables:
pickled_vars = base64.b64encode(pickle.dumps(variables)).decode()
code_inject = f"""
vars_dict = pickle.loads(base64.b64decode('{pickled_vars}'))
locals().update(vars_dict)
"""
self._execute(code=code_inject)
# 2. 注入 DataFrame
if dataframes:
self.send_dataframes(dataframes)
# 3. 执行用户代码
return self._execute(code=code)
def _execute(self, code: str) -> CodeExecutionResponse:
response = requests.post(
f"{self._base_url}/python/executor/{self._executor_id}/code",
json={"code": code},
)
response_json = response.json()
# 反序列化 DataFrame
dataframes = {}
for df_name, df_data in response_json.get("dataframes", {}).items():
raw_df = pickle.loads(base64.b64decode(df_data))
if raw_df:
dataframes[df_name] = ResponseDataframe(
df=raw_df.get("df"),
description=raw_df.get("description"),
sql=None,
)
return CodeExecutionResponse(
stdout=response_json.get("stdout"),
error=response_json.get("error"),
executor_id=response_json.get("executor_id"),
dataframes=dataframes,
)
code = """
import pandas as pd
# 加载数据
df = load_dataframe('df_raw_sales')
# 数据清洗
df_cleaned = df.dropna()
df_cleaned['date'] = pd.to_datetime(df_cleaned['date'])
df_cleaned = df_cleaned[df_cleaned['amount'] > 0]
# 保存结果
df_id = save_dataframe(df_cleaned, "清洗后的销售数据")
print(f"清洗完成,共 {len(df_cleaned)} 条记录")
"""
result = executor.execute(code)
print(result["stdout"]) # "清洗完成,共 1234 条记录"
code = """
import pandas as pd
import numpy as np
from scipy import stats
# 加载数据
df = load_dataframe('df_sales')
# 计算统计指标
mean_sales = df['amount'].mean()
median_sales = df['amount'].median()
std_sales = df['amount'].std()
# 相关性分析
corr = df[['amount', 'quantity']].corr()
print(f"平均销售额: {mean_sales:.2f}")
print(f"中位数: {median_sales:.2f}")
print(f"标准差: {std_sales:.2f}")
print(f"相关系数:\\n{corr}")
"""
result = executor.execute(code)
code = """
import pandas as pd
# 加载数据
df = load_dataframe('df_orders')
# 按月汇总
df['month'] = pd.to_datetime(df['date']).dt.to_period('M')
monthly_sales = df.groupby('month').agg({
'amount': 'sum',
'order_id': 'count'
}).reset_index()
monthly_sales.columns = ['月份', '销售额', '订单数']
# 保存结果
df_id = save_dataframe(monthly_sales, "月度销售汇总")
"""
result = executor.execute(code)
每个执行器实例只能使用创建时指定的包:
executor = PythonExecutor(packages=["pandas", "numpy", "scipy"])
# 无法使用 requests、os 等危险包
每个执行器实例独立运行,互不干扰:
executor1 = PythonExecutor(packages=["pandas"])
executor2 = PythonExecutor(packages=["numpy"])
# executor1 和 executor2 完全隔离
执行器服务端设置超时限制,防止无限循环:
# 服务端配置
EXECUTION_TIMEOUT = 30 # 30 秒超时
限制内存和 CPU 使用:
# Docker 容器资源限制
docker run --memory="512m" --cpus="1.0" python-executor
同一会话中复用执行器实例,避免重复创建:
class CorrAnalyzerAgent:
def __init__(self):
# 创建一次,多次使用
self.executor = PythonExecutor(packages=["pandas", "numpy", "scipy"])
执行器内部缓存 DataFrame,避免重复传输:
# 第一次传输
executor.send_dataframes({"df_1": df})
# 后续代码可直接使用
code = "df = load_dataframe('df_1')"
合并多个小操作为一次执行:
code = """
df1 = load_dataframe('df_1')
df2 = load_dataframe('df_2')
result = pd.merge(df1, df2, on='id')
save_dataframe(result, "合并结果")
"""
AskTable 的 JSX 编译与 Python 沙箱执行系统,通过以下技术实现了安全、高效的代码执行:
这种架构不仅保证了安全性,还为 LLM 生成的代码提供了可靠的执行环境,是 AI 驱动数据分析系统的关键基础设施。