mirror of
https://github.com/NousResearch/hermes-agent.git
synced 2026-07-08 13:12:08 +00:00
fix(cli,tui-gateway): sanitize env and redact output in exec quick commands
HermesCLI.process_command() and tui_gateway command.dispatch both handle type: exec quick commands via subprocess.run(shell=True) with no env= parameter, so the child inherits the full process environment — all API keys and bot tokens stored in os.environ are visible to the script. Any output is returned raw to the terminal or web-UI client without redaction. Fix: mirror the approach applied to gateway/run.py in #23584. Apply _sanitize_subprocess_env() before spawning the subprocess and redact_sensitive_text() on the collected output before display. Symmetric across all three exec quick-command paths. Parity with gateway/run.py fix in #23584.
This commit is contained in:
parent
55d92516c8
commit
c8e5f999c2
2 changed files with 17 additions and 1 deletions
9
cli.py
9
cli.py
|
|
@ -8600,12 +8600,19 @@ class HermesCLI(CLIAgentSetupMixin, CLICommandsMixin):
|
|||
try:
|
||||
# shell=True is intentional: quick_commands are user-defined
|
||||
# shell snippets from config.yaml — not agent/LLM controlled.
|
||||
# Sanitize env to prevent credential leakage —
|
||||
# quick commands run in the CLI process which
|
||||
# has all API keys in os.environ.
|
||||
from tools.environments.local import _sanitize_subprocess_env
|
||||
sanitized_env = _sanitize_subprocess_env(os.environ.copy())
|
||||
result = subprocess.run(
|
||||
exec_cmd, shell=True, capture_output=True,
|
||||
text=True, timeout=30
|
||||
text=True, timeout=30, env=sanitized_env
|
||||
)
|
||||
output = result.stdout.strip() or result.stderr.strip()
|
||||
if output:
|
||||
from agent.redact import redact_sensitive_text
|
||||
output = redact_sensitive_text(output)
|
||||
self._console_print(_rich_text_from_ansi(output))
|
||||
else:
|
||||
self._console_print("[dim]Command returned no output[/]")
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue