Running Python

The AI generates Python; HISAB runs it sandboxed; results land in your sheet.

What it is

When a task needs real computation — reconciliation, fuzzy matching, building a PDF or a deck, parsing a statement — the AI writes Python and HISAB runs it for you. You never install Python, pip, or any package yourself: a CPython 3.11 runtime is bundled with the add-in and unpacked on first launch (the 64-bit build for 64-bit Excel, the 32-bit build for 32-bit Excel). It runs entirely offline and isolated — no network, no access to your wider filesystem.

First run: "sandbox not ready" — close and reopen Excel.

On a brand-new install the Python runtime is unpacked but may not finish initialising until Excel restarts. If the AI's very first Python step fails right after install — or you see a "Python sandbox not available / not ready" message — close Excel completely and reopen it. The runtime finishes setting up on the next launch and Python then works normally. You only ever hit this once.

Bundled packages

The runtime ships with a curated set of packages, installed from bundled wheels at startup. A script may import only from this allowlist; anything outside it is rejected before it runs.

SciPy is not bundled — there is no 32-bit wheel for Python 3.11, and HISAB matches Excel's bitness. Scripts that would reach for scipy.stats use numpy and the statistics module instead.

Sandbox guarantees

Every script is checked before it executes and then runs under hard limits:

Validation happens in two layers — a static scan of the source before anything runs, plus a restricted set of builtins inside the interpreter as a backstop.

Excel I/O from Python

The script never touches Excel directly. HISAB injects a host object into every run; each method routes through the same tool layer (and the same approval / write-guard rules) as an AI-initiated call. Common methods:

# read a range (returns the workbook data as text the script parses)
data = host.read_values("A1:E1000", "Bank Statement")

# list the sheets in the workbook
sheets = host.list_sheets()

# create a sheet
host.create_sheet("Reconciliation Summary")

# write many cells at once
host.bulk_write("Mismatches", rows)

# write one cell or a formula
host.write_cell("A1", "Total", "Summary")
host.write_formula("B2", "=SUM(B3:B100)", "Summary")

# force a recalculation (same as pressing F9)
host.calculate()

# read a disk file the user authorised (returns base64 you decode in-memory)
raw = host.read_file(path)

# save an output file -> %APPDATA%\HISAB\Outputs\
host.write_file("report.pdf", pdf_bytes_base64)

# call any HISAB tool by name with a JSON payload
host.call_tool("apply_standard_format", json.dumps({ ... }))

You don't write any of this yourself — the AI does. It is shown here so you can read what HISAB is doing when a Python step runs, and so the audit log makes sense. Reads and writes obey your current operating mode: in Ask mode the write methods are refused; in Action mode they are queued for your approval like any other write.