Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
These frequently asked questions explain the capabilities, usage, and safeguards of code interpreter in Copilot Studio. Code interpreter lets an agent generate and run Python code to carry out a request specified in a prompt. Here are some common questions and answers about this feature.
What is code interpreter in Copilot Studio?
Code interpreter is a Python execution engine integrated within Copilot Studio and prompt builder prompts. It allows users to run code in a secure, sandboxed environment to perform data analysis, process Word, Excel, PowerPoint and PDF files, and generate visualizations. Inputs include data files and prompt instructions; outputs can be modified files, reports, charts, and text summaries.
What can code interpreter in Copilot Studio do?
Code interpreter uses its Python execution capability to support tasks such as creating and updating Excel workbooks, copying formatting, analyzing datasets, performing statistical computations, and generating charts. It enables developers and business analysts to automate complex workflows within Copilot Studio agents and prompt builder prompts.
What are the intended uses of code interpreter?
Primary use cases include data auditing, report generation, file transformation, and visualization. Enterprises use it to automate financial audits, synthetic data generation, PDF form creation, and interactive data exploration without leaving Power Platform.
How was code interpreter evaluated? What metrics are used to measure performance?
We perform functionality tests to validate correct execution of Python code, accuracy checks for data processing tasks, and performance benchmarks for execution latency. Metrics include success rate of file operations, error rate for code execution, and average execution time. Evaluation spans internal pilots and customer feedback loops via previews.
What are the limitations? How can users minimize their impact?
Limitations include:
- Lack of support for reading text from image-based PDF content
- Session timeouts for long-running tasks
- Restrictions on external network access
- No support for calling prompts as tools directly from within topics
- No support for reading files with data protections
- Images created with code interpreter are not rendered in the Teams and Microsoft 365 Copilot channel
Text-based PDFs can be read. To minimize impact of session timeouts, split large datasets into smaller files, use optimized code for performance, and follow provided best practices in prompt design. To call prompts from an agent topic, you can call the prompt from within a Power Automate flow, and then call the flow within an agent topic.
What operational factors and settings allow for effective and responsible use?
Effective use requires enabling the feature at the tenant level and in individual agents or prompts. Administrators can configure environmental access and monitor execution logs. Users can pick the model to use in prompts to tune behavior.
How do I provide feedback?
End users and admins can provide feedback through the Power Platform admin center's support channels, or through the feedback option in Copilot Studio. Customer success managers and technical support teams also collect and triage feedback for product improvements.
Does the code interpreter execute unverified or unsafe code?
No. Code execution is sandboxed and isolated, with strict constraints to prevent unsafe operations such as network access, system-level commands, or unauthorized file operations. Each execution is scoped to the specific prompt or agent session and follows Microsoft's secure AI design principles.
Can the code interpreter access customer or tenant data outside of what is provided in the prompt?
No. The code interpreter only accesses the files and inputs explicitly provided during the session. It doesn't have access to broader tenant data, user context, or external systems unless configured explicitly through integration features.
Where is the code executed, and how is the environment secured?
Code is executed in a Microsoft-hosted environment that adheres to Microsoft’s enterprise-grade compliance, including SOC 2, ISO 27001, and GDPR requirements. The compute is ephemeral, created during a session and disposed of afterward to prevent data persistence.
Can enterprises monitor or govern how the code interpreter is used?
Yes, tenant admins must enable the capability in the Power Platform admin center. This setting is off by default. Organizations can control environment-level access, audit prompt execution history as explained in Monitor prompt builder models and prompts activity.
How does Microsoft ensure responsible use of AI in prompts and agents?
All AI interactions—including interactions involving the code interpreter—adhere to Microsoft’s Responsible AI principles, such as transparency, accountability, and reliability. Prompts are logged, monitored, and can be reviewed for traceability and compliance.
Are models trained on customer data or executed code?
No. Microsoft doesn't use customer data or executed code from code interpreter sessions to train models. All data is processed in compliance with Microsoft’s data handling commitments under the Microsoft Products and Services Data Protection Addendum (DPA).
Can users inadvertently exfiltrate sensitive information through prompts?
Enterprise customers are encouraged to implement guardrails such as input validation, prompt design guidance, and usage policies. Copilot Studio also integrates with data policies and compliance tooling within Power Platform to reduce risk of data leakage.
What safeguards are in place to prevent misuse of code interpreter by users?
Admins can restrict access at the environment level and review prompt activity. Further, AI-generated code execution is sandboxed with no access to internal systems or networks, and prompt capabilities are limited to permitted data/file boundaries.
How can customers ensure explainability and traceability of code interpreter actions?
Prompt inputs, generated code, outputs (for example, files), and prompt execution traces are all available for audit and reviews. This supports regulatory compliance and transparency in AI-assisted workflows.
Does code interpreter support sovereign cloud or data residency controls?
Currently, code interpreter is available in public clouds. Support for sovereign clouds (for example, GCC, GCC High) isn't yet available. Data residency commitments align with Power Platform regional availability.