Open
Description
Required prerequisites
- I have searched the Issue Tracker and Discussions that this hasn't already been reported. (+1 or comment there if it has.)
- Consider asking first in a Discussion.
Motivation
Internal tools would be executed and raw output (which can be sensitive) could be exposed to the LLM. This prevents security risks, privacy issues.
We can introduce a "Secure Execution Wrapper" or extend the existing external_tool interface paradigm. This wrapper would:
- Be responsible for actually invoking the specified tool.
- Capture the full output from the tool.
- Internally manage or store this sensitive output (e.g., in a secure, session-specific context).
- Return only a non-sensitive placeholder, handle, status code, or a sanitized summary to the LLM, instead of the raw tool output.
This allows the LLM to orchestrate the execution of tools without gaining access to their potentially sensitive results.
Solution
No response
Alternatives
No response
Additional context
No response
Metadata
Metadata
Assignees
Type
Projects
Status
No status