mirrors/hermes-agent
1
0
Fork 0
mirror of https://github.com/NousResearch/hermes-agent.git synced 2026-05-17 04:31:55 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 9

fix(delegation): add edge-case tests and SSRF caveat docstring

Browse source 
Red-team QA pass found no bugs but two test gaps:

- Whitespace-only api_key now tested (falls through to placeholder)
- IPv6 loopback [::1] now tested (already worked, just untested)
- 172.32.x boundary now tested (correctly NOT treated as private)
- Docstring note about private-network SSRF caveat: placeholder key
  gets 401'd by real auth servers, fail-fast by design
This commit is contained in:
AJ 2026-04-22 23:09:51 -04:00
parent 0e4bc9474d
commit 501ac3ff0a
2 changed files with 31 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

9
tools/delegate_tool.py
View file

@ -2106,6 +2106,15 @@ def _is_local_base_url(base_url: Optional[str]) -> bool:
- localhost / loopback (127.0.0.1, ::1)
- .local mDNS hostnames (e.g. studio.local)
- RFC 1918 private networks (10/8, 172.16/12, 192.168/16)
.. note::
Any URL that resolves as "local" by this function will receive a
placeholder ``"ollama"`` API key. If an internal service on a
private network actually requires authentication (e.g. a corporate
AI gateway at 192.168.x.x), the placeholder key will be rejected
by that server (401/403). This is intentional local servers that
genuinely don't need auth work out-of-the-box, while misconfigured
endpoints fail loudly rather than silently.
"""
if not base_url:
return False