Add security notes to agent toolkits (#11989)

Add more security notes to agent toolkits.

libs/langchain/langchain/agents/agent_toolkits/ainetwork/toolkit.py

@@ -17,7 +17,14 @@ if TYPE_CHECKING:
 
 
 class AINetworkToolkit(BaseToolkit):
-    """Toolkit for interacting with AINetwork Blockchain."""
+    """Toolkit for interacting with AINetwork Blockchain.
+
+    *Security Note*: This toolkit contains tools that can read and modify
+        the state of a service; e.g., by reading, creating, updating, deleting
+        data associated with this service.
+
+        See https://python.langchain.com/docs/security for more information.
+    """
 
     network: Optional[Literal["mainnet", "testnet"]] = "testnet"
     interface: Optional[Ain] = None

libs/langchain/langchain/agents/agent_toolkits/amadeus/toolkit.py

@@ -14,7 +14,7 @@ if TYPE_CHECKING:
 
 
 class AmadeusToolkit(BaseToolkit):
-    """Toolkit for interacting with Office365."""
+    """Toolkit for interacting with Amadeus which offers APIs for travel search."""
 
     client: Client = Field(default_factory=authenticate)
 

libs/langchain/langchain/agents/agent_toolkits/multion/toolkit.py

@@ -10,7 +10,17 @@ from langchain.tools.multion.update_session import MultionUpdateSession
 
 
 class MultionToolkit(BaseToolkit):
-    """Toolkit for interacting with the Browser Agent"""
+    """Toolkit for interacting with the Browser Agent.
+
+    **Security Note**: This toolkit contains tools that interact with the
+        user's browser via the multion API which grants an agent
+        access to the user's browser.
+
+        Please review the documentation for the multion API to understand
+        the security implications of using this toolkit.
+
+        See https://python.langchain.com/docs/security for more information.
+    """
 
     class Config:
         """Pydantic config."""

libs/langchain/langchain/agents/agent_toolkits/office365/toolkit.py

@@ -17,7 +17,20 @@ if TYPE_CHECKING:
 
 
 class O365Toolkit(BaseToolkit):
-    """Toolkit for interacting with Office 365."""
+    """Toolkit for interacting with Office 365.
+
+    *Security Note*: This toolkit contains tools that can read and modify
+        the state of a service; e.g., by reading, creating, updating, deleting
+        data associated with this service.
+
+        For example, this toolkit can be used search through emails and events,
+        send messages and event invites, and create draft messages.
+
+        Please make sure that the permissions given by this toolkit
+        are appropriate for your use case.
+
+        See https://python.langchain.com/docs/security for more information.
+    """
 
     account: Account = Field(default_factory=authenticate)
 

libs/langchain/langchain/agents/agent_toolkits/openapi/base.py

@@ -30,7 +30,20 @@ def create_openapi_agent(
     agent_executor_kwargs: Optional[Dict[str, Any]] = None,
     **kwargs: Any,
 ) -> AgentExecutor:
-    """Construct an OpenAPI agent from an LLM and tools."""
+    """Construct an OpenAPI agent from an LLM and tools.
+
+    *Security Note*: When creating an OpenAPI agent, check the permissions
+        and capabilities of the underlying toolkit.
+
+        For example, if the default implementation of OpenAPIToolkit
+        uses the RequestsToolkit which contains tools to make arbitrary
+        network requests against any URL (e.g., GET, POST, PATCH, PUT, DELETE),
+
+        Control access to who can submit issue requests using this toolkit and
+        what network access it has.
+
+        See https://python.langchain.com/docs/security for more information.
+    """
     tools = toolkit.get_tools()
     prompt = ZeroShotAgent.create_prompt(
         tools,

libs/langchain/langchain/agents/agent_toolkits/openapi/toolkit.py

@@ -23,7 +23,22 @@ from langchain.utilities.requests import TextRequestsWrapper
 
 
 class RequestsToolkit(BaseToolkit):
-    """Toolkit for making REST requests."""
+    """Toolkit for making REST requests.
+
+    *Security Note*: This toolkit contains tools to make GET, POST, PATCH, PUT,
+        and DELETE requests to an API.
+
+        Exercise care in who is allowed to use this toolkit. If exposing
+        to end users, consider that users will be able to make arbitrary
+        requests on behalf of the server hosting the code. For example,
+        users could ask the server to make a request to a private API
+        that is only accessible from the server.
+
+        Control access to who can submit issue requests using this toolkit and
+        what network access it has.
+
+        See https://python.langchain.com/docs/security for more information.
+    """
 
     requests_wrapper: TextRequestsWrapper
 
@@ -39,7 +54,15 @@ class RequestsToolkit(BaseToolkit):
 
 
 class OpenAPIToolkit(BaseToolkit):
-    """Toolkit for interacting with an OpenAPI API."""
+    """Toolkit for interacting with an OpenAPI API.
+
+    *Security Note*: This toolkit contains tools that can read and modify
+        the state of a service; e.g., by creating, deleting, or updating,
+        reading underlying data.
+
+        For example, this toolkit can be used to delete data exposed via
+        an OpenAPI compliant API.
+    """
 
     json_agent: AgentExecutor
     requests_wrapper: TextRequestsWrapper