hermes-agent

mirror of https://github.com/NousResearch/hermes-agent.git synced 2026-05-08 03:01:47 +00:00

History

Teknium 2c7c30be69 fix(security): harden terminal safety and sandbox file writes (#1653 ) * fix(security): harden terminal safety and sandbox file writes Two security improvements: 1. Dangerous command detection: expand shell -c pattern to catch combined flags (bash -lc, bash -ic, ksh -c) that were previously undetected. Pattern changed from matching only 'bash -c' to matching any shell invocation with -c anywhere in the flags. 2. File write sandboxing: add HERMES_WRITE_SAFE_ROOT env var that constrains all write_file/patch operations to a configured directory tree. Opt-in — when unset, behavior is unchanged. Useful for gateway/messaging deployments that should only touch a workspace. Based on PR #1085 by ismoilh. * fix: correct "POSIDEON" typo to "POSEIDON" in banner ASCII art The poseidon skin's banner_logo had the E and I letters swapped, spelling "POSIDEON-AGENT" instead of "POSEIDON-AGENT". --------- Co-authored-by: ismoilh <ismoilh@users.noreply.github.com> Co-authored-by: unmodeled-tyler <unmodeled.tyler@proton.me>		2026-03-17 02:22:12 -07:00
..
browser_providers	feat(browser): multi-provider cloud browser support + Browser Use integration	2026-03-17 00:16:34 -07:00
environments	fix(security): block sandbox backend creds from subprocess env (#1264 )	2026-03-17 02:20:42 -07:00
__init__.py	feat: compress cron management into one tool	2026-03-14 12:21:50 -07:00
approval.py	fix(security): harden terminal safety and sandbox file writes (#1653 )	2026-03-17 02:22:12 -07:00
browser_tool.py	feat(browser): multi-provider cloud browser support + Browser Use integration	2026-03-17 00:16:34 -07:00
checkpoint_manager.py	feat: major /rollback improvements — enabled by default, diff preview, file-level restore, conversation undo, terminal checkpoints	2026-03-16 04:43:37 -07:00
clarify_tool.py	feat(tools): centralize tool emoji metadata in registry + skin integration	2026-03-15 20:21:21 -07:00
code_execution_tool.py	fix: improve execute_code error logging and harden cleanup (#1623 )	2026-03-16 23:13:26 -07:00
cronjob_tools.py	fix(tools): remove unnecessary crontab requirement from cronjob tool (#1638 )	2026-03-17 01:40:02 -07:00
debug_helpers.py	refactor: consolidate debug logging across tools with shared DebugSession class	2026-02-21 03:53:24 -08:00
delegate_tool.py	feat(tools): centralize tool emoji metadata in registry + skin integration	2026-03-15 20:21:21 -07:00
file_operations.py	fix(security): harden terminal safety and sandbox file writes (#1653 )	2026-03-17 02:22:12 -07:00
file_tools.py	fix: prevent infinite 400 loop on context overflow + block prompt injection via cache files (#1630 , #1558 )	2026-03-17 01:50:59 -07:00
fuzzy_match.py	feat: permissive block_anchor thresholds and unicode normalization (#1539 )	2026-03-16 05:29:25 -07:00
homeassistant_tool.py	feat(tools): centralize tool emoji metadata in registry + skin integration	2026-03-15 20:21:21 -07:00
honcho_tools.py	fix(honcho): isolate session routing for multi-user gateway (#1500 )	2026-03-16 00:23:47 -07:00
image_generation_tool.py	feat(tools): centralize tool emoji metadata in registry + skin integration	2026-03-15 20:21:21 -07:00
interrupt.py	feat: enhance interrupt handling and container resource configuration	2026-02-23 02:11:33 -08:00
mcp_tool.py	feat(mcp): make selective tool loading capability-aware	2026-03-14 06:22:02 -07:00
memory_tool.py	feat: improve memory prioritization + aggressive skill updates (inspired by OpenAI Codex)	2026-03-16 06:52:32 -07:00
mixture_of_agents_tool.py	feat(tools): centralize tool emoji metadata in registry + skin integration	2026-03-15 20:21:21 -07:00
openrouter_client.py	refactor: route ad-hoc LLM consumers through centralized provider router	2026-03-11 20:02:36 -07:00
patch_parser.py	fix(patch): use regex to detect line-number prefix to avoid corrupting pipe chars	2026-03-14 03:47:13 -07:00
process_registry.py	feat(tools): centralize tool emoji metadata in registry + skin integration	2026-03-15 20:21:21 -07:00
registry.py	feat(tools): centralize tool emoji metadata in registry + skin integration	2026-03-15 20:21:21 -07:00
rl_training_tool.py	feat(tools): centralize tool emoji metadata in registry + skin integration	2026-03-15 20:21:21 -07:00
send_message_tool.py	fix(tools): chunk long messages in send_message_tool before dispatch (#1552 )	2026-03-17 01:52:43 -07:00
session_search_tool.py	fix(logging): improve error logging in session search tool (#1533 )	2026-03-16 05:22:00 -07:00
skill_manager_tool.py	Merge pull request #1537 from aydnOktay/improve/skill-manager-error-logging	2026-03-17 01:53:58 -07:00
skills_guard.py	fix(skills): honor policy table for dangerous verdicts	2026-03-14 11:27:02 -07:00
skills_hub.py	feat: add NeuTTS optional skill + local TTS provider backend	2026-03-17 02:13:34 -07:00
skills_sync.py	fix: make skills manifest writes atomic	2026-03-08 23:53:57 -07:00
skills_tool.py	fix: prevent infinite 400 loop on context overflow + block prompt injection via cache files (#1630 , #1558 )	2026-03-17 01:50:59 -07:00
terminal_tool.py	fix(docker): gate cwd workspace mount behind config	2026-03-16 05:20:56 -07:00
tirith_security.py	fix: send_animation metadata, MarkdownV2 inline code splitting, tirith cosign-free install (#1626 )	2026-03-16 23:39:41 -07:00
todo_tool.py	feat(tools): centralize tool emoji metadata in registry + skin integration	2026-03-15 20:21:21 -07:00
transcription_tools.py	fix: restore local STT fallback for gateway voice notes	2026-03-15 21:51:40 -07:00
tts_tool.py	feat: add NeuTTS optional skill + local TTS provider backend	2026-03-17 02:13:34 -07:00
vision_tools.py	feat(tools): centralize tool emoji metadata in registry + skin integration	2026-03-15 20:21:21 -07:00
voice_mode.py	fix: propagate STT disable through shared transcription config	2026-03-14 22:09:59 -07:00
web_tools.py	feat(tools): centralize tool emoji metadata in registry + skin integration	2026-03-15 20:21:21 -07:00