teknium1 30c417fe70 feat: add website blocklist enforcement for web/browser tools (#1064) ... Adds security.website_blocklist config for user-managed domain blocking across URL-capable tools. Enforced at the tool level (not monkey-patching) so it's safe and predictable. - tools/website_policy.py: shared policy loader with domain normalization, wildcard support (*.tracking.example), shared file imports, and structured block metadata - web_extract: pre-fetch URL check + post-redirect recheck - web_crawl: pre-crawl URL check + per-page URL recheck - browser_navigate: pre-navigation URL check - Blocked responses include blocked_by_policy metadata so the agent can explain exactly what was denied Config: security: website_blocklist: enabled: true domains: ["evil.com", "*.tracking.example"] shared_files: ["team-blocklist.txt"] Salvaged from PR #1086 by @kshitijk4poor. Browser post-redirect checks deferred (browser_tool was fully rewritten since the PR branched). Co-authored-by: kshitijk4poor <kshitijk4poor@users.noreply.github.com>		2026-03-17 02:59:39 -07:00
..
__init__.py	chore: release v0.3.0 (v2026.3.17)	2026-03-17 00:38:48 -07:00
auth.py	fix: remove ANTHROPIC_BASE_URL env var to avoid collisions (#1675)	2026-03-17 02:51:49 -07:00
banner.py	fix(cli): non-blocking startup update check and banner deduplication	2026-03-14 21:45:50 -07:00
callbacks.py	refactor(cli): implement approval locking mechanism to serialize concurrent requests	2026-03-13 23:59:18 -07:00
checklist.py	fix: skip hanging tests + add global test timeout	2026-03-12 01:23:28 -07:00
claw.py	fix(claw): warn when API keys are skipped during OpenClaw migration (#1580)	2026-03-17 02:10:36 -07:00
clipboard.py	fix: clean up empty file after failed wl-paste clipboard extraction	2026-03-11 02:56:19 -07:00
codex_models.py	fix: add codex forward-compat model listing	2026-03-13 21:34:01 -07:00
colors.py	feat(cli): skin-aware light/dark theme mode with terminal auto-detection	2026-03-17 02:51:40 -07:00
commands.py	feat: add /tools disable/enable/list slash commands with session reset (#1652)	2026-03-17 02:05:26 -07:00
config.py	feat: add website blocklist enforcement for web/browser tools (#1064)	2026-03-17 02:59:39 -07:00
cron.py	docs: clarify gateway service scopes (#1378)	2026-03-14 21:17:41 -07:00
curses_ui.py	refactor: extract shared curses checklist, fix skill discovery perf	2026-03-11 03:06:15 -07:00
default_soul.py	feat: seed a default global SOUL.md	2026-03-14 08:05:30 -07:00
doctor.py	feat: add Kilo Code (kilocode) as first-class inference provider (#1666)	2026-03-17 02:40:34 -07:00
env_loader.py	fix(config): reload .env over stale shell overrides	2026-03-15 06:46:28 -07:00
gateway.py	revert: revert SMS (Telnyx) platform adapter for review	2026-03-17 02:53:30 -07:00
main.py	feat: add Kilo Code (kilocode) as first-class inference provider (#1666)	2026-03-17 02:40:34 -07:00
models.py	feat: add Alibaba Cloud provider and Anthropic base_url override (#1673)	2026-03-17 02:49:22 -07:00
pairing.py	Cleanup time!	2026-02-20 23:23:32 -08:00
plugins.py	feat: first-class plugin architecture (#1555)	2026-03-16 07:17:36 -07:00
runtime_provider.py	fix: remove ANTHROPIC_BASE_URL env var to avoid collisions (#1675)	2026-03-17 02:51:49 -07:00
setup.py	feat: add Kilo Code (kilocode) as first-class inference provider (#1666)	2026-03-17 02:40:34 -07:00
skills_config.py	fix: wire email platform into toolset mappings + add documentation	2026-03-11 06:34:32 -07:00
skills_hub.py	fix: add --yes flag to bypass confirmation in /skills install and uninstall (#1647)	2026-03-17 01:59:07 -07:00
skin_engine.py	feat(cli): skin-aware light/dark theme mode with terminal auto-detection	2026-03-17 02:51:40 -07:00
status.py	revert: revert SMS (Telnyx) platform adapter for review	2026-03-17 02:53:30 -07:00
tools_config.py	feat: add /tools disable/enable/list slash commands with session reset (#1652)	2026-03-17 02:05:26 -07:00
uninstall.py	feat(gateway): scope systemd service name to HERMES_HOME	2026-03-16 04:42:46 -07:00