| Name | Type | Description |
|---|---|---|
owner_repo_commit* | str | The full name of the prompt to pull from in the format of
|
include_model | bool | None | Default: NoneWhether to include the model configuration in the pulled
prompt. When |
api_url | str | None | Default: NoneThe URL of the LangChain Hub API. Defaults to the hosted API service if you have an API key set, or a localhost instance if not. |
api_key | str | None | Default: None |
Pull an object from the hub and returns it as a LangChain object.
Treat every prompt pulled from the hub as untrusted, regardless of
the owner. Public prompts authored by other users are obviously
external content, but prompts from your own account — or your
organization's account — are also unsafe if that account, a
teammate's account, or the upstream prompt has been compromised.
A single malicious commit to a prompt your code pulls is enough to
execute attacker-controlled configuration on every machine that runs
pull().
pull() deserializes the manifest via load(), so the
langchain_core.load.load threat model applies — a manifest can
intentionally configure a model with a custom base URL, headers,
model name, or other constructor arguments. These are supported
features, but they also mean the prompt contents are executable
configuration rather than plain text: a compromised prompt can
redirect API traffic, inject headers, or trigger arbitrary code paths
in the classes it instantiates.
Prefer the LangSmith SDK directly. If you must use pull(), pin the
commit hash, audit the manifest before deserializing, and never run
it against an account whose access controls you cannot vouch for.
The API key to use to authenticate with the LangChain Hub API.
