Implementation:CrewAIInc CrewAI Code Interpreter Tool
| Knowledge Sources | |
|---|---|
| Domains | Code Execution, Tool Integration, Security |
| Last Updated | 2026-02-11 00:00 GMT |
Overview
CodeInterpreterTool is a CrewAI tool that executes Python code in isolated environments, providing three execution modes: Docker containers (safe), restricted sandbox (fallback), and unsafe mode (direct host execution).
Description
The tool enables agents to run dynamically generated Python code with library installation support. It implements a multi-layered security approach:
- Docker isolation (primary) -- Builds and manages Docker containers with volume mounts for code execution. Automatically builds the Docker image if not found, installs required libraries via pip inside the container, executes code, and cleans up containers after each run.
- Restricted sandbox (fallback) -- The SandboxPython class restricts dangerous imports (os, sys, subprocess, shutil, importlib, inspect, tempfile, sysconfig, builtins) and blocks unsafe builtins (exec, eval, open, compile, input, globals, locals, vars, help, dir). It replaces the __import__ function with a restricted version.
- Unsafe mode (explicit opt-in) -- Executes code directly on the host machine using os.system for library installation and exec for code execution. Only for trusted environments.
The tool automatically detects Docker availability and falls back to the restricted sandbox when Docker is not running.
Usage
Use this tool when agents need to execute Python code for data analysis, mathematical computations, file processing, or programmatic problem-solving. Always prefer Docker mode for production deployments. The unsafe mode should only be used in fully trusted environments.
Code Reference
Source Location
- Repository: CrewAI
- File: lib/crewai-tools/src/crewai_tools/tools/code_interpreter_tool/code_interpreter_tool.py
- Lines: 1-392
Signature
class CodeInterpreterTool(BaseTool):
name: str = "Code Interpreter"
description: str = "Interprets Python3 code strings with a final print statement."
args_schema: type[BaseModel] = CodeInterpreterSchema
default_image_tag: str = "code-interpreter:latest"
code: str | None = None
user_dockerfile_path: str | None = None
user_docker_base_url: str | None = None
unsafe_mode: bool = False
Import
from crewai_tools.tools.code_interpreter_tool.code_interpreter_tool import CodeInterpreterTool
I/O Contract
Inputs
| Name | Type | Required | Description |
|---|---|---|---|
| code | str | Yes | Python3 code to be interpreted; should include a final print statement for output |
| libraries_used | list[str] | Yes | List of library names to install via pip before execution (e.g., ["numpy", "pandas"]) |
Constructor Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| default_image_tag | str | No | Docker image tag to use (default: "code-interpreter:latest") |
| code | str | No | Default code to execute if not provided at runtime |
| user_dockerfile_path | str | No | Path to a custom Dockerfile for building the execution image |
| user_docker_base_url | str | No | Custom Docker daemon URL |
| unsafe_mode | bool | No | If True, executes code directly on host without isolation (default: False) |
Outputs
| Name | Type | Description |
|---|---|---|
| return | str | Output from the executed code (stdout from print statements), or an error message string |
Usage Examples
Basic Usage
from crewai_tools.tools.code_interpreter_tool.code_interpreter_tool import CodeInterpreterTool
# Default mode: uses Docker if available, falls back to sandbox
tool = CodeInterpreterTool()
result = tool._run(
code="import numpy as np\nresult = np.mean([1, 2, 3, 4, 5])\nprint(result)",
libraries_used=["numpy"]
)
# Unsafe mode (only for trusted environments)
tool = CodeInterpreterTool(unsafe_mode=True)
result = tool._run(
code="result = sum(range(100))\nprint(result)",
libraries_used=[]
)
Related Pages
Page Connections
Double-click a node to navigate. Hold to expand connections.
Principle
Implementation
Heuristic
Environment