feat: Add Dify Plugin Integration

[ifelseend]

Description

This PR introduces the AgentCube Dify Plugin, enabling users to integrate AgentCube's powerful code execution capabilities directly into Dify applications and workflows.

With this plugin, Dify users can leverage AgentCube's secure sandboxes to execute code and terminal commands, making it easier to build advanced agents that require computational capabilities.

Key Features

• AgentCube Code Interpreter Tool: A new tool integrated into Dify that provides an isolated environment for execution.
• Flexible Language Support:
  • Python: Supported out-of-the-box using the built-in interpreter.
  • Custom Languages: Support for JavaScript, TypeScript, and others via custom code_interpreter_id configurations.
• Session Management: Supports stateful interactions via session_id, allowing variables and files to persist across multiple execution steps.
• Secure Configuration: Designed for self-hosted AgentCube instances with configurable router_url and workload_manager_url.

Changes

• Added intergrations/dify-plugin directory containing the full plugin source.
• Implemented manifest.yaml and provider/agentcube.yaml for Dify plugin definition.
• Added tools/agentcube-code-interpreter.yaml and tools/agentcube-code-interpreter.py implementing the tool logic using agentcube-sdk.
• Added documentation:
  • README.md: Usage guide and configuration details.
  • PRIVACY.md: Privacy policy clarifying data handling for self-hosted deployments.

How to Test

1. Navigate to the intergrations directory.
2. Package the plugin:

   dify plugin package ./dify-plugin

[volcano-sh-bot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign kevin-wangzefeng for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[volcano-sh-bot]

Welcome @ifelseend! It looks like this is your first PR to volcano-sh/agentcube 🎉

[gemini-code-assist]

Summary of Changes

Hello @ifelseend, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly enhances Dify's capabilities by integrating AgentCube, an open-source project designed to support and manage AI Agent workloads. The new plugin provides Dify users with a secure and isolated environment to execute code and terminal commands, which is crucial for building advanced agents that require computational tasks. It ensures that users maintain full control over their data by being designed for self-hosted AgentCube instances, and comes with comprehensive documentation and an automated publishing workflow to streamline its adoption and maintenance.

Highlights

• New Dify Plugin Integration: This pull request introduces the AgentCube Dify Plugin, enabling Dify applications and workflows to integrate with AgentCube's code execution capabilities.
• AgentCube Code Interpreter Tool: A new tool, the AgentCube Code Interpreter, is added to Dify, providing an isolated sandbox for executing code and terminal commands.
• Flexible Language Support: The plugin supports Python out-of-the-box and allows for custom languages like JavaScript and TypeScript through code_interpreter_id configurations.
• Session Management: The tool incorporates session management via session_id, allowing variables and files to persist across multiple execution steps for stateful interactions.
• Automated Publishing Workflow: A GitHub Actions workflow is included to automate the packaging and creation of pull requests for publishing the Dify plugin upon release.
• Comprehensive Documentation: Detailed documentation, including a README.md for usage, a PRIVACY.md outlining data handling for self-hosted deployments, and a GUIDE.md for plugin development, has been added.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces a Dify plugin for AgentCube, which is a valuable addition. The implementation is a good starting point, but I've identified several critical issues that need to be addressed before this can be merged. These include a thread-safety problem in the core tool logic, incorrect session handling that breaks the reuse feature, and a bug in the automated publishing workflow that will cause it to fail. Additionally, there are several high-severity configuration mistakes in the plugin's YAML files that need correction. My detailed comments below provide specific suggestions to resolve these issues.

[codecov-commenter]

⚠️ Please install the to ensure uploads and comments are reliably processed by Codecov.

Codecov Report

✅ All modified and coverable lines are covered by tests.
⚠️ Please upload report for BASE (main@ecea52a). Learn more about missing BASE report.
❗ Your organization needs to install the Codecov GitHub app to enable full functionality.

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #158   +/-   ##
=======================================
  Coverage        ?   34.34%           
=======================================
  Files           ?       29           
  Lines           ?     2533           
  Branches        ?        0           
=======================================
  Hits            ?      870           
  Misses          ?     1540           
  Partials        ?      123           

Flag	Coverage Δ
unittests	34.34% <ø> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[hzxuzhonghu]

seems it to sync the plugins to https://github.com/langgenius/dify-official-plugins/

My confusion: is that possible to just maintain the source there, keep it here looks not necessary

[hzxuzhonghu]

tags:
  - "v*.*.*"
  - "v*.*.*-*" # Support for pre-release tags like v1.2.3-alpha

[Copilot]

Pull request overview

This PR introduces a Dify plugin that integrates AgentCube's code execution capabilities into the Dify platform. The plugin enables users to execute Python code and shell commands in secure sandboxed environments managed by AgentCube.

Changes:

• Added a complete Dify plugin implementation in integrations/dify-plugin/ directory with tool provider, manifest, and documentation
• Implemented the AgentCube Code Interpreter tool that wraps the agentcube-sdk for executing code and commands
• Added GitHub Actions workflow for automated plugin packaging and publishing to the Dify plugin marketplace

Reviewed changes

Copilot reviewed 14 out of 16 changed files in this pull request and generated 14 comments.

Show a summary per file

File	Description
integrations/dify-plugin/tools/agentcube-code-interpreter.yaml	Tool definition with parameters for language selection, code/command execution, and session management
integrations/dify-plugin/tools/agentcube-code-interpreter.py	Python implementation of the code interpreter tool using the agentcube-sdk
integrations/dify-plugin/provider/agentcube.yaml	Provider configuration defining the AgentCube tool provider for Dify
integrations/dify-plugin/provider/agentcube.py	Provider class with credential validation stub (currently empty)
integrations/dify-plugin/manifest.yaml	Plugin manifest defining metadata, permissions, and runtime configuration
integrations/dify-plugin/main.py	Entry point that initializes the Dify plugin with 120s timeout
integrations/dify-plugin/requirements.txt	Python dependencies including dify-plugin and agentcube-sdk
integrations/dify-plugin/README.md	User-facing documentation explaining plugin capabilities and configuration
integrations/dify-plugin/PRIVACY.md	Privacy policy clarifying self-hosted deployment and data ownership
integrations/dify-plugin/GUIDE.md	Developer guide for Dify plugin development (general reference)
integrations/dify-plugin/.gitignore	Python-specific gitignore patterns
integrations/dify-plugin/.difyignore	Patterns for excluding files from plugin packaging
integrations/dify-plugin/.env.example	Example environment variables for plugin debugging
integrations/dify-plugin/_assets/icon.png	Plugin icon for light theme
integrations/dify-plugin/_assets/icon-dark.png	Plugin icon for dark theme
.github/workflows/dify-plugin-publish.yml	Automated workflow for packaging and publishing plugin on tag push

[Copilot]

The _validate_credentials method is not implemented (it only contains a pass statement inside the try block). Since this plugin doesn't require credentials (self-hosted configuration via tool parameters), either implement a proper validation or add a comment explaining why validation is not needed. Following Dify plugin conventions, if no validation is required, the method should still indicate this clearly.

Suggested change

	try:
	"""
	IMPLEMENT YOUR VALIDATION HERE
	"""
	except Exception as e:
	raise ToolProviderCredentialValidationError(str(e))
	"""
	This provider does not use external credentials.
	AgentCube is configured via self-hosted parameters in the tool settings,
	so there is nothing to validate here. Following Dify plugin conventions,
	we still implement this method to make the expectation explicit:
	- if credentials are empty or None, accept them
	- if any credentials are provided, treat that as a configuration error
	"""
	if not credentials:
	# No credentials expected or required for this provider.
	return
	# Any supplied credentials indicate a misconfiguration.
	raise ToolProviderCredentialValidationError(
	"agentcube-code-interpreter does not require credentials; "
	"please leave the credential configuration empty"
	)

[Copilot]

When an error occurs and ci_client has been created but session_reuse is False, the finally block will call ci_client.stop(). However, if the error occurred during session creation or initialization, the session might not have been fully created, potentially causing additional errors in the stop() method. Consider adding a check to ensure the client is in a valid state before calling stop(), or wrap the stop() call in a try-except block.

Suggested change

	ci_client.stop()
	try:
	ci_client.stop()
	except Exception:
	# ignore errors during cleanup to avoid masking original exceptions
	pass

[Copilot]

The success result includes code_interpreter_id from the input parameter rather than from the actual client. This is inconsistent because the client might be using a different name (either default or from the name parameter). Consider using ci_client.name to accurately reflect which code interpreter was actually used during execution.

Suggested change

	"session_id": ci_client.session_id,
	"code_interpreter_id": code_interpreter_id,
	"session_id": ci_client.session_id,
	"code_interpreter_id": getattr(ci_client, "name", code_interpreter_id),

[Copilot]

According to the CodeInterpreterClient SDK (see sdk-python/agentcube/code_interpreter.py:51-61), both workload_manager_url and router_url are optional parameters with None as default. However, the SDK will raise a ValueError if router_url is not provided. The tool should validate that these required URLs are provided before attempting to create the client, providing a clearer error message to users.

[Copilot]

The created_at timestamp is set to 2025-12-22, which is in the past relative to the PRIVACY.md date (2026-01-22). This inconsistency should be resolved. Additionally, verify if the December date is correct or if it should be updated to reflect the actual creation/last update time.

Suggested change

	created_at: 2025-12-22T10:54:47.846104+08:00
	created_at: 2026-01-22T10:54:47.846104+08:00

[Copilot]

The language parameter is marked as required (line 39), but the logic in tools/agentcube-code-interpreter.py:49 only uses language when both language and code are provided. If a user only wants to execute a command without code, they would still be forced to provide a language parameter unnecessarily. Consider making the language parameter optional and only requiring it when code is provided.

[Copilot]

When an error occurs and the error result is returned (line 62), the result only contains "status" and "reason" fields. However, if a session was partially created before the error, the session_id would still be valuable information for debugging or cleanup. Consider including the session_id in the error response when available, similar to how it's included in the success response.

Suggested change

	result = {"status": "error", "reason": error_msg}
	result = {"status": "error", "reason": error_msg}
	if ci_client and getattr(ci_client, "session_id", None):
	result["session_id"] = ci_client.session_id

[Copilot]

The parsing of the manifest.yaml file uses basic grep and cut commands which may be fragile. For example, if there's any extra whitespace or formatting variation in the YAML file, the parsing could fail. Consider using a proper YAML parser like yq for more robust parsing, or add validation to ensure the parsed values are not empty before proceeding.

Suggested change

	PLUGIN_NAME=$(grep "^name:" manifest.yaml | cut -d' ' -f2)
	echo "Plugin name: $PLUGIN_NAME"
	echo "plugin_name=$PLUGIN_NAME" >> $GITHUB_OUTPUT
	VERSION=$(grep "^version:" manifest.yaml | cut -d' ' -f2)
	echo "Plugin version: $VERSION"
	echo "version=$VERSION" >> $GITHUB_OUTPUT
	AUTHOR=$(grep "^author:" manifest.yaml | cut -d' ' -f2)
	echo "Plugin author: $AUTHOR"
	echo "author=$AUTHOR" >> $GITHUB_OUTPUT
	PLUGIN_NAME=$(awk -F': *' '$1=="name"{print $2; exit}' manifest.yaml | tr -d '"' | xargs)
	if [ -z "$PLUGIN_NAME" ]; then
	echo "error: plugin name not found in manifest.yaml" >&2
	exit 1
	fi
	echo "Plugin name: $PLUGIN_NAME"
	echo "plugin_name=$PLUGIN_NAME" >>"$GITHUB_OUTPUT"
	VERSION=$(awk -F': *' '$1=="version"{print $2; exit}' manifest.yaml | tr -d '"' | xargs)
	if [ -z "$VERSION" ]; then
	echo "error: plugin version not found in manifest.yaml" >&2
	exit 1
	fi
	echo "Plugin version: $VERSION"
	echo "version=$VERSION" >>"$GITHUB_OUTPUT"
	AUTHOR=$(awk -F': *' '$1=="author"{print $2; exit}' manifest.yaml | tr -d '"' | xargs)
	if [ -z "$AUTHOR" ]; then
	echo "error: plugin author not found in manifest.yaml" >&2
	exit 1
	fi
	echo "Plugin author: $AUTHOR"
	echo "author=$AUTHOR" >>"$GITHUB_OUTPUT"

[Copilot]

Import of 'os' is not used.

Suggested change

import os

[Copilot]

This statement is unreachable.

Suggested change

	try:
	"""
	IMPLEMENT YOUR VALIDATION HERE
	"""
	except Exception as e:
	raise ToolProviderCredentialValidationError(str(e))
	"""
	IMPLEMENT YOUR VALIDATION HERE
	"""
	pass

[ifelseend]

seems it to sync the plugins to https://github.com/langgenius/dify-official-plugins/

My confusion: is that possible to just maintain the source there, keep it here looks not necessary

The Dify plugin packages are maintained at https://github.com/langgenius/dify-plugins, but the source code for each plugin is maintained by its respective owner.

[hzxuzhonghu]

I donot think we need this, because we have added in the root dir of this repo

[hzxuzhonghu]

what is this file for

[hzxuzhonghu]

update

[hzxuzhonghu]

configure what? where is REMOTE_INSTALL_KEY from

[Copilot]

Pull request overview

Copilot reviewed 14 out of 16 changed files in this pull request and generated 12 comments.

[Copilot]

The workflow uses deprecated actions/checkout@v3. As of 2026, actions/checkout@v4 is available and recommended. Consider updating to v4 for better performance and security updates, unless there's a specific reason to use v3.

[Copilot]

The error handling in the execute method catches all exceptions but doesn't log them or provide meaningful context. When an exception occurs, the error message is captured but there's no logging mechanism to help with debugging. Consider using a logger to record exceptions before returning the error result. This aligns with the Kubernetes coding convention to use proper logging (klog/logr) instead of just capturing error strings.

[Copilot]

When an error occurs during execution, the function returns code_interpreter_id in the result dictionary even though it may be None (line 67). This could be misleading if the client was not successfully created. Consider only including code_interpreter_id in the success case, or handling the None case explicitly.

Suggested change

	"status": "success",
	"session_id": ci_client.session_id,
	"code_interpreter_id": code_interpreter_id,
	"results": results
	}
	"status": "success",
	"session_id": ci_client.session_id,
	"results": results,
	}
	if code_interpreter_id is not None:
	result["code_interpreter_id"] = code_interpreter_id

[Copilot]

The validation check on line 53-54 only triggers if both command and code are missing, but the code on line 49 requires both language AND code to be present for code execution. If language is provided but code is not (or vice versa), the tool will silently skip code execution without raising an error. This could lead to confusing behavior where a user provides a language but forgets the code, and the tool succeeds without executing anything. Consider adding validation to ensure that if language is provided, code must also be provided.

Suggested change

	if command:
	command_result = ci_client.execute_command(command)
	results.append({"type": "command", "result": command_result})
	if language and code:
	code_result = ci_client.run_code(language, code)
	results.append({"type": "code", "result": code_result})
	if not command and not code:
	raise ValueError("Either command or code must be provided")
	if (language and not code) or (code and not language):
	raise ValueError("both language and code must be provided together")
	if command:
	command_result = ci_client.execute_command(command)
	results.append({"type": "command", "result": command_result})
	if language and code:
	code_result = ci_client.run_code(language, code)
	results.append({"type": "code", "result": code_result})
	if not command and not language and not code:
	raise ValueError("either command or code must be provided")

[Copilot]

The dify-plugin dependency allows a wide version range (0.4.0 to <0.7.0), spanning multiple major feature releases. This broad range might introduce compatibility issues if breaking changes occur in minor versions. Additionally, the provider code comments reference SDK version 0.4.2 features (line 33 in agentcube.py), but the minimum is 0.4.0. Consider tightening the version range to ensure compatibility, or add comments documenting which versions have been tested.

Suggested change

	dify-plugin>=0.4.0,<0.7.0
	dify-plugin>=0.4.2,<0.5.0

[Copilot]

The workflow uses deprecated actions/checkout@v3. As of 2026, actions/checkout@v4 is available and recommended. Consider updating to v4 for better performance and security updates, unless there's a specific reason to use v3.

[Copilot]

The 'code' parameter is marked as required: false in the YAML, but the README.md on line 28 indicates it is "Yes" (required). There's an inconsistency between the tool definition and the documentation about whether code is required. Based on the Python implementation (line 53), either command or code can be provided, making code conditionally required. The documentation should be updated to reflect this OR the YAML should mark it as required with appropriate validation in the code.

[Copilot]

The 'language' parameter is marked as required: true, but according to the Python implementation (line 49), code execution only happens when both language AND code are provided. If only command execution is needed, language is not actually required. This creates a situation where users must provide a language even when only executing commands. Consider making language required: false, or update the implementation to require language in all cases.

Suggested change

	required: true
	required: false

[Copilot]

The workflow downloads a specific version (0.0.6) of the dify-plugin CLI tool. This hard-coded version could become outdated. Consider either: (1) documenting why this specific version is required, (2) using a version variable that can be easily updated, or (3) checking for and using the latest release. This will make maintenance easier when newer versions of the CLI tool are available.

[Copilot]

This statement is unreachable.

Suggested change

	try:
	"""
	IMPLEMENT YOUR VALIDATION HERE
	"""
	except Exception as e:
	raise ToolProviderCredentialValidationError(str(e))
	"""
	Validate the provided credentials for the Agentcube code interpreter.
	Raises:
	ToolProviderCredentialValidationError: If the credentials are missing or invalid.
	"""
	if not credentials:
	raise ToolProviderCredentialValidationError("credentials are required")