diff --git a/src/crewai/task.py b/src/crewai/task.py index 4d74b9a3c..c775fb88c 100644 --- a/src/crewai/task.py +++ b/src/crewai/task.py @@ -533,9 +533,10 @@ class Task(BaseModel): if var_name in inputs and isinstance(inputs[var_name], list): try: idx = int(index) - if 0 <= idx < len(inputs[var_name]): + list_value = inputs[var_name] + if isinstance(list_value, list) and 0 <= idx < len(list_value): placeholder = f"{{{var_name}[{index}]}}" - value = str(inputs[var_name][idx]) + value = str(list_value[idx]) result = result.replace(placeholder, value) except (ValueError, IndexError): pass @@ -564,9 +565,10 @@ class Task(BaseModel): if var_name in inputs and isinstance(inputs[var_name], list): try: idx = int(index) - if 0 <= idx < len(inputs[var_name]): + list_value = inputs[var_name] + if isinstance(list_value, list) and 0 <= idx < len(list_value): placeholder = f"{{{var_name}[{index}]}}" - value = str(inputs[var_name][idx]) + value = str(list_value[idx]) result = result.replace(placeholder, value) except (ValueError, IndexError): pass diff --git a/src/crewai/utilities/jinja_templating.py b/src/crewai/utilities/jinja_templating.py index c9603dc1f..1204a9b44 100644 --- a/src/crewai/utilities/jinja_templating.py +++ b/src/crewai/utilities/jinja_templating.py @@ -1,7 +1,8 @@ -from typing import Any, Dict, List, Optional, Union -import jinja2 -import re from datetime import datetime +import re +from typing import Any, Dict, List, Optional, Union + +import jinja2 def to_jinja_template(input_string: str) -> str: """ @@ -64,6 +65,7 @@ def render_template( env = jinja2.Environment( undefined=jinja2.StrictUndefined, # Raise errors for undefined variables + autoescape=True # Enable autoescaping for security ) env.filters['date'] = lambda d, format='%Y-%m-%d': d.strftime(format) if isinstance(d, datetime) else str(d) diff --git a/src/crewai/utilities/string_utils.py b/src/crewai/utilities/string_utils.py index d794f33aa..3db166d2a 100644 --- a/src/crewai/utilities/string_utils.py +++ b/src/crewai/utilities/string_utils.py @@ -1,6 +1,6 @@ import re -from typing import Any, Dict, List, Optional, Union from datetime import datetime +from typing import Any, Dict, List, Optional, Union from crewai.utilities.jinja_templating import render_template diff --git a/tests/test_templating.py b/tests/test_templating.py index a2d81d854..026325cdb 100644 --- a/tests/test_templating.py +++ b/tests/test_templating.py @@ -1,6 +1,8 @@ -import pytest import datetime + +import pytest from typing import Dict, List + from crewai.agent import Agent from crewai.task import Task diff --git a/tests/utilities/test_jinja_templating.py b/tests/utilities/test_jinja_templating.py index 9784db736..2231584cc 100644 --- a/tests/utilities/test_jinja_templating.py +++ b/tests/utilities/test_jinja_templating.py @@ -1,8 +1,10 @@ -import pytest import datetime +from typing import Any, Dict, List + +import pytest from pydantic import BaseModel -from typing import List, Dict, Any -from crewai.utilities.jinja_templating import to_jinja_template, render_template + +from crewai.utilities.jinja_templating import render_template, to_jinja_template class Person(BaseModel): name: str diff --git a/tests/utilities/test_string_utils.py b/tests/utilities/test_string_utils.py index 0fce79322..4fb281e46 100644 --- a/tests/utilities/test_string_utils.py +++ b/tests/utilities/test_string_utils.py @@ -1,5 +1,6 @@ -from typing import Any, Dict, List, Union import datetime +from typing import Any, Dict, List, Union + import pytest from pydantic import BaseModel