mirrors/hermes-agent
1
0
Fork 0
mirror of https://github.com/NousResearch/hermes-agent.git synced 2026-05-18 04:41:56 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 7

fix: approval DELETE pattern DOTALL flag allows newline bypass

Browse source
This commit is contained in:
amathxbt 2026-05-12 18:50:31 -07:00 committed by Teknium
parent 8ac351407e
commit 80374d4dd9
1 changed files with 3 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

4
tools/approval.py
View file

@ -314,7 +314,9 @@ DANGEROUS_PATTERNS = [
(r'\bdd\s+.*if=', "disk copy"), (r'\bdd\s+.*if=', "disk copy"),
(r'>\s*/dev/sd', "write to block device"), (r'>\s*/dev/sd', "write to block device"),
(r'\bDROP\s+(TABLE|DATABASE)\b', "SQL DROP"), (r'\bDROP\s+(TABLE|DATABASE)\b', "SQL DROP"),
(r'\bDELETE\s+FROM\b(?!.*\bWHERE\b)', "SQL DELETE without WHERE"), # Use [^\n]* instead of .* so DOTALL mode does not cause a WHERE clause on the
# *next* line to satisfy the negative lookahead, silently allowing DELETE without WHERE.
(r'\bDELETE\s+FROM\b(?![^\n]*\bWHERE\b)', "SQL DELETE without WHERE"),
(r'\bTRUNCATE\s+(TABLE)?\s*\w', "SQL TRUNCATE"), (r'\bTRUNCATE\s+(TABLE)?\s*\w', "SQL TRUNCATE"),
(r'>\s*/etc/', "overwrite system config"), (r'>\s*/etc/', "overwrite system config"),
(r'\bsystemctl\s+(-[^\s]+\s+)*(stop|restart|disable|mask)\b', "stop/restart system service"), (r'\bsystemctl\s+(-[^\s]+\s+)*(stop|restart|disable|mask)\b', "stop/restart system service"),