teknium1 fbfccbb3ee fix(security): align cron invisible-unicode set with install-time scanner ... The cron runtime tripwire (_scan_cron_prompt) used a 10-char invisible-unicode set while the install-time scanner (threat_patterns.INVISIBLE_CHARS) flags 17. The cron-local set was missing U+2062-U+2064 (invisible math operators) and U+2066-U+2069 (directional isolates), so a directive obfuscated with one of those codepoints (e.g. "ig<U+2063>nore all previous instructions") slipped past the runtime cron gate while being caught at install time. Import the canonical set so the cron tripwire and install scanner can't drift apart again. Emoji-ZWJ protection (_zwj_has_emoji_neighbour) is unchanged. Fixes #35075 Co-authored-by: rlaope <piyrw9754@gmail.com>		2026-06-26 01:11:11 -07:00
..
ci	fix(ci): only run supplychain checks in pr	2026-06-23 09:46:25 -07:00
lib	fix(install): repair existing managed-Node global prefix on re-run	2026-06-14 17:34:11 +07:00
tests	test(install): add ConvertTo-LongPath helper for 8.3 short paths	2026-06-20 16:24:52 -07:00
whatsapp-bridge	fix(whatsapp): restart stale bridge processes instead of silently reusing them (#44205)	2026-06-11 03:47:29 -07:00
analyze_livetest.py	test(tool-search): add live A/B harness, drop checked-in transcripts	2026-05-29 02:04:12 -07:00
benchmark_browser_eval.py	perf(browser): route browser_console eval through supervisor's persistent CDP WS (180x faster) (#23226)	2026-05-10 07:37:55 -07:00
build_model_catalog.py	codebase: add encoding='utf-8' to all bare open() calls (PLW1514)	2026-05-08 14:27:40 -07:00
build_skills_index.py	fix(skills): let ClawHub index build walk past the 12s browse budget (#44500)	2026-06-11 18:03:11 -04:00
check-windows-footguns.py	fix(scripts): fix UnicodeEncodeError in footgun checker on Windows	2026-05-16 23:05:27 -07:00
check_subprocess_stdin.py	fix: keep interactive OAuth setup-token inheriting stdin	2026-06-08 22:46:57 -07:00
contributor_audit.py	chore: release v0.16.0 (2026.6.5) (#40206)	2026-06-05 17:55:43 -07:00
discord-voice-doctor.py	codebase: add encoding='utf-8' to all bare open() calls (PLW1514)	2026-05-08 14:27:40 -07:00
docker_config_migrate.py	fix(docker): restore config backups after failed boot migration	2026-06-24 15:23:23 +10:00
hermes-gateway	fix: prevent systemd restart storm on gateway connection failure	2026-03-21 09:26:39 -07:00
install.cmd	fix(docs): update all install instructions everywhere	2026-06-04 21:07:45 -04:00
install.ps1	fix(install): discard managed lockfile churn before stashing	2026-06-25 23:49:11 -07:00
install.sh	fix(install): discard managed lockfile churn before stashing	2026-06-25 23:49:11 -07:00
install_psutil_android.py	fix(android): reject unsafe tar members in psutil compatibility installer	2026-05-28 02:36:09 -07:00
keystroke_diagnostic.py	docs: add Windows-Specific Quirks section to hermes-agent skill + keystroke diagnostic	2026-05-08 14:27:40 -07:00
kill_modal.sh	refactor: replace swe-rex with native Modal SDK for Modal backend (#3538)	2026-03-28 11:21:44 -07:00
lint_diff.py	feat(ci): add typecheck (warnings only in CI)	2026-05-06 10:58:12 -04:00
LIVETEST_README.md	test(tool-search): add live A/B harness, drop checked-in transcripts	2026-05-29 02:04:12 -07:00
profile-tui.py	Merge remote-tracking branch 'origin/main' into fix/bundle-size	2026-05-11 16:01:04 -04:00
release.py	fix(security): align cron invisible-unicode set with install-time scanner	2026-06-26 01:11:11 -07:00
run_tests.sh	test(pets): make slow pet generation suite opt-in	2026-06-25 00:44:53 -05:00
run_tests_parallel.py	fix(tests): remove no-longer-needed forensics	2026-06-12 13:42:42 -04:00
sample_and_compress.py	refactor: codebase-wide lint cleanup — unused imports, dead code, and inefficient patterns (#5821)	2026-04-07 10:25:31 -07:00
setup_open_webui.sh	fix(install): use resolved python variable in setup_open_webui.sh	2026-05-16 22:54:22 -07:00
tool_search_livetest.py	test(tool-search): redact secrets from harness transcripts + console	2026-05-29 02:04:12 -07:00