"Future of Planners" blogpost - (1) Python vs. C# (2) Prompt injection attacks

[eamon-otuathail]

I have two comments on this blogpost by Matthew Bolanos:
https://devblogs.microsoft.com/semantic-kernel/the-future-of-planners-in-semantic-kernel/

1 ) I note it states the generated code will be in Python. For dev teams using Python only or a mix of Python and C#, this is fine. For dev teams that only use C# and do not use Python at all (this would include plenty of enterprise dev teams), then the introduction of Python in their tech stack is of concern. Even when they read this in the blogpost:

"We also get concern from C# and Java developers who think this will require them to author Python code. Just like the Handlebars planner, we do not expect developers to be author these plans. This is a language that only the LLM needs to know to create plans for the user during runtime and Python appears to be the best language LLMs can generate today."

they will still be worried. For a non-trivial project, at some point a human developer will have to look at the generated code - for debugging, internal documentation, creating custom dev tools / scripts, automated testing, responding to pen testing queries and similar. If there is no Python experience on the team, that is a problem. I think C# app dev teams would rather the generated code be in C#.

2 ) The threat of prompt injection attacks will grow over time:
https://www.ibm.com/topics/prompt-injection
especially in the area of generated code. I am sure internally the Semantic Kernel team and OpenAI folks are taking steps to counter this threat - perhaps it would be a good idea to add a page to the Semantic Kernel documentation at https://learn.microsoft.com/en-us/semantic-kernel/ explaining any steps application developers using Semantic Kernel should take to deal with prompt injection attacks (most will already be quite familiar dealing with SQL injection attacks).

[sophialagerkranspandey]

If you use pure function calling you can use any language you'd like. If you're using code interpreter this will be returned in python as this returns the best results, from there this can be adjusted into your language of preference.
For your second question this is something that the Semantic Kernel team have addressed. Thanks!