mirror of
https://github.com/NousResearch/hermes-agent.git
synced 2026-05-29 06:31:32 +00:00
security: restrict default webhook toolset capabilities (#30745)
This commit is contained in:
Teknium
GitHub
parent
c3caca6584
commit
e4a1220f83
1 changed files with 11 additions and 1 deletions
12
toolsets.py
12
toolsets.py
|
|
@ -72,6 +72,16 @@ _HERMES_CORE_TOOLS = [
|
|||
"computer_use",
|
||||
]
|
||||
|
||||
# Webhook events may originate from untrusted third-party content (for example,
|
||||
# public PR titles/comments). Keep the default webhook toolset intentionally
|
||||
# constrained to avoid local file/system execution by prompt injection.
|
||||
_HERMES_WEBHOOK_SAFE_TOOLS = [
|
||||
"web_search",
|
||||
"web_extract",
|
||||
"vision_analyze",
|
||||
"clarify",
|
||||
]
|
||||
|
||||
|
||||
# Core toolset definitions
|
||||
# These can include individual tools or reference other toolsets
|
||||
|
|
@ -523,7 +533,7 @@ TOOLSETS = {
|
|||
|
||||
"hermes-webhook": {
|
||||
"description": "Webhook toolset - receive and process external webhook events",
|
||||
"tools": _HERMES_CORE_TOOLS,
|
||||
"tools": _HERMES_WEBHOOK_SAFE_TOOLS,
|
||||
"includes": []
|
||||
},
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue