mirrors/hermes-agent
1
0
Fork 0
mirror of https://github.com/NousResearch/hermes-agent.git synced 2026-04-25 00:51:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix: allow agent-created skills with caution-level findings

Browse source 
Agent-created skills were using the same policy as community hub
installs, blocking any skill with medium/high severity findings
(e.g. docker pull, pip install, git clone). This meant the agent
couldn't create skills that reference Docker or other common tools.

Changed agent-created policy from (allow, block, block) to
(allow, allow, block) — matching the trusted policy. Caution-level
findings (medium/high severity) are now allowed through, while
dangerous findings (critical severity like exfiltration, prompt
injection, reverse shells) remain blocked.

Added 4 tests covering the agent-created policy: safe allowed,
caution allowed, dangerous blocked, force override.
This commit is contained in:
Test 2026-03-17 12:18:53 -07:00
parent 6e4415e865
commit 0fab46f65c
2 changed files with 29 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
tools/skills_guard.py
View file

@ -43,7 +43,7 @@ INSTALL_POLICY = {
"builtin": ("allow", "allow", "allow"),
"trusted": ("allow", "allow", "block"),
"community": ("allow", "block", "block"),
"agent-created": ("allow", "block", "block"),
"agent-created": ("allow", "allow", "block"),
}
VERDICT_INDEX = {"safe": 0, "caution": 1, "dangerous": 2}