0xbyt4 2efd9bbac4 fix: resolve symlink bypass in write deny list on macOS ... On macOS, /etc is a symlink to /private/etc. The _is_write_denied() function resolves the input path with os.path.realpath() but the deny list entries were stored as literal strings ("/etc/shadow"). This meant the resolved path "/private/etc/shadow" never matched, allowing writes to sensitive system files on macOS. Fix: Apply os.path.realpath() to deny list entries at module load time so both sides of the comparison use resolved paths. Adds 19 regression tests in tests/tools/test_write_deny.py.		2026-02-26 13:30:55 +03:00
..
environments	feat(docker): add support check for Docker's --storage-opt option	2026-02-26 01:15:56 -08:00
__init__.py	refactor: streamline cron job handling and update CLI commands	2026-02-21 16:21:19 -08:00
approval.py	Hermes Agent UX Improvements	2026-02-22 02:16:11 -08:00
browser_tool.py	feat: enhance interrupt handling and container resource configuration	2026-02-23 02:11:33 -08:00
clarify_tool.py	More major refactor/tech debt removal!	2026-02-21 20:22:33 -08:00
code_execution_tool.py	Fix: #41	2026-02-25 21:16:15 -08:00
cronjob_tools.py	Harden agent attack surface: scan writes to memory, skills, cron, and context files	2026-02-25 23:43:15 -05:00
debug_helpers.py	refactor: consolidate debug logging across tools with shared DebugSession class	2026-02-21 03:53:24 -08:00
delegate_tool.py	Fix subagent auth: propagate parent API key to child agents	2026-02-25 22:37:36 -05:00
file_operations.py	fix: resolve symlink bypass in write deny list on macOS	2026-02-26 13:30:55 +03:00
file_tools.py	feat: add ephemeral prefill messages and system prompt loading	2026-02-23 23:55:42 -08:00
fuzzy_match.py	Cleanup time!	2026-02-20 23:23:32 -08:00
image_generation_tool.py	More major refactor/tech debt removal!	2026-02-21 20:22:33 -08:00
interrupt.py	feat: enhance interrupt handling and container resource configuration	2026-02-23 02:11:33 -08:00
memory_tool.py	Harden agent attack surface: scan writes to memory, skills, cron, and context files	2026-02-25 23:43:15 -05:00
mixture_of_agents_tool.py	More major refactor/tech debt removal!	2026-02-21 20:22:33 -08:00
openrouter_client.py	refactor: integrate Nous Portal support in auxiliary client	2026-02-25 18:39:36 -08:00
patch_parser.py	Add file manipulation tools and enhance setup scripts	2026-02-05 03:49:46 -08:00
process_registry.py	More major refactor/tech debt removal!	2026-02-21 20:22:33 -08:00
registry.py	More major refactor/tech debt removal!	2026-02-21 20:22:33 -08:00
rl_training_tool.py	More major refactor/tech debt removal!	2026-02-21 20:22:33 -08:00
send_message_tool.py	feat: enhance interrupt handling and container resource configuration	2026-02-23 02:11:33 -08:00
session_search_tool.py	refactor: integrate Nous Portal support in auxiliary client	2026-02-25 18:39:36 -08:00
skill_manager_tool.py	Harden agent attack surface: scan writes to memory, skills, cron, and context files	2026-02-25 23:43:15 -05:00
skills_guard.py	Harden agent attack surface: scan writes to memory, skills, cron, and context files	2026-02-25 23:43:15 -05:00
skills_hub.py	refactor: enhance error handling with structured logging across multiple modules	2026-02-21 03:32:11 -08:00
skills_sync.py	refactor: enhance error handling with structured logging across multiple modules	2026-02-21 03:32:11 -08:00
skills_tool.py	More major refactor/tech debt removal!	2026-02-21 20:22:33 -08:00
terminal_tool.py	feat: enhance README and improve environment configuration	2026-02-23 21:15:35 -08:00
todo_tool.py	More major refactor/tech debt removal!	2026-02-21 20:22:33 -08:00
transcription_tools.py	feat: enhance README and update API client initialization	2026-02-23 20:59:39 -08:00
tts_tool.py	refactor: enhance session content handling in AIAgent and update TTS output path	2026-02-25 04:22:03 -08:00
vision_tools.py	refactor: integrate Nous Portal support in auxiliary client	2026-02-25 18:39:36 -08:00
web_tools.py	refactor: integrate Nous Portal support in auxiliary client	2026-02-25 18:39:36 -08:00