docs: document CodeInterpreterTool removal and RAG path/URL validation

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-04 16:52:37 +00:00 · 2026-04-07 00:07:02 -07:00
parent 4e585a40d9
commit 4c8f289a0a
24 changed files with 291 additions and 49 deletions
--- a/docs/en/concepts/agents.mdx
+++ b/docs/en/concepts/agents.mdx
@@ -308,16 +308,12 @@ multimodal_agent = Agent(

 #### Code Execution

- `allow_code_execution`: Must be True to run code
- `code_execution_mode`:
-  - `"safe"`: Uses Docker (recommended for production)
-  - `"unsafe"`: Direct execution (use only in trusted environments)
+<Warning>
+  `allow_code_execution` and `code_execution_mode` are deprecated. `CodeInterpreterTool` has been removed from `crewai-tools`. Use a dedicated sandbox service such as [E2B](https://e2b.dev) or [Modal](https://modal.com) for secure code execution.
+</Warning>

-<Note>
-  This runs a default Docker image. If you want to configure the docker image,
-  the checkout the Code Interpreter Tool in the tools section. Add the code
-  interpreter tool as a tool in the agent as a tool parameter.
-</Note>
+- `allow_code_execution` _(deprecated)_: Previously enabled built-in code execution via `CodeInterpreterTool`.
+- `code_execution_mode` _(deprecated)_: Previously controlled execution mode (`"safe"` for Docker, `"unsafe"` for direct execution).

 #### Advanced Features

@@ -667,9 +663,9 @@ asyncio.run(main())

 ### Security and Code Execution

- When using `allow_code_execution`, be cautious with user input and always validate it
- Use `code_execution_mode: "safe"` (Docker) in production environments
- Consider setting appropriate `max_execution_time` limits to prevent infinite loops
+<Warning>
+  `allow_code_execution` and `code_execution_mode` are deprecated and `CodeInterpreterTool` has been removed. Use a dedicated sandbox service such as [E2B](https://e2b.dev) or [Modal](https://modal.com) for secure code execution.
+</Warning>

 ### Performance Optimization

--- a/docs/en/tools/ai-ml/codeinterpretertool.mdx
+++ b/docs/en/tools/ai-ml/codeinterpretertool.mdx
@@ -7,6 +7,10 @@ mode: "wide"

 # `CodeInterpreterTool`

+<Warning>
+  **Deprecated:** `CodeInterpreterTool` has been removed from `crewai-tools`. The `allow_code_execution` and `code_execution_mode` parameters on `Agent` are also deprecated. Use a dedicated sandbox service — [E2B](https://e2b.dev) or [Modal](https://modal.com) — for secure, isolated code execution.
+</Warning>
+
 ## Description

 The `CodeInterpreterTool` enables CrewAI agents to execute Python 3 code that they generate autonomously. This functionality is particularly valuable as it allows agents to create code, execute it, obtain the results, and utilize that information to inform subsequent decisions and actions.
--- a/docs/en/tools/file-document/csvsearchtool.mdx
+++ b/docs/en/tools/file-document/csvsearchtool.mdx
@@ -75,4 +75,20 @@ tool = CSVSearchTool(
        },
    }
 )
+
+## Security
+
+### Path Validation
+
+File paths provided to this tool are validated against the current working directory. Paths that resolve outside the working directory are rejected with a `ValueError`.
+
+To allow paths outside the working directory (for example, in tests or trusted pipelines), set the environment variable:
+
+```shell
+CREWAI_TOOLS_ALLOW_UNSAFE_PATHS=true
+```
+
+### URL Validation
+
+URL inputs are validated: `file://` URIs and requests targeting private or reserved IP ranges are blocked to prevent server-side request forgery (SSRF) attacks.
 ```
--- a/docs/en/tools/file-document/directorysearchtool.mdx
+++ b/docs/en/tools/file-document/directorysearchtool.mdx
@@ -67,4 +67,16 @@ tool = DirectorySearchTool(
        },
    }
 )
+
+## Security
+
+### Path Validation
+
+Directory paths provided to this tool are validated against the current working directory. Paths that resolve outside the working directory are rejected with a `ValueError`.
+
+To allow paths outside the working directory (for example, in tests or trusted pipelines), set the environment variable:
+
+```shell
+CREWAI_TOOLS_ALLOW_UNSAFE_PATHS=true
+```
 ```
--- a/docs/en/tools/file-document/jsonsearchtool.mdx
+++ b/docs/en/tools/file-document/jsonsearchtool.mdx
@@ -74,3 +74,19 @@ tool = JSONSearchTool(
    }
 )
 ```
+
+## Security
+
+### Path Validation
+
+File paths provided to this tool are validated against the current working directory. Paths that resolve outside the working directory are rejected with a `ValueError`.
+
+To allow paths outside the working directory (for example, in tests or trusted pipelines), set the environment variable:
+
+```shell
+CREWAI_TOOLS_ALLOW_UNSAFE_PATHS=true
+```
+
+### URL Validation
+
+URL inputs are validated: `file://` URIs and requests targeting private or reserved IP ranges are blocked to prevent server-side request forgery (SSRF) attacks.
--- a/docs/en/tools/file-document/pdfsearchtool.mdx
+++ b/docs/en/tools/file-document/pdfsearchtool.mdx
@@ -105,4 +105,20 @@ tool = PDFSearchTool(
        },
    }
 )
+
+## Security
+
+### Path Validation
+
+File paths provided to this tool are validated against the current working directory. Paths that resolve outside the working directory are rejected with a `ValueError`.
+
+To allow paths outside the working directory (for example, in tests or trusted pipelines), set the environment variable:
+
+```shell
+CREWAI_TOOLS_ALLOW_UNSAFE_PATHS=true
+```
+
+### URL Validation
+
+URL inputs are validated: `file://` URIs and requests targeting private or reserved IP ranges are blocked to prevent server-side request forgery (SSRF) attacks.
 ```