mirrors/hermes-agent
1
0
Fork 0
mirror of https://github.com/NousResearch/hermes-agent.git synced 2026-05-04 02:21:47 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 5
hermes-agent/tests/tools
History
Teknium eb28145f36
feat(approval): hardline blocklist for unrecoverable commands (#15878) 
Adds a floor below --yolo: a tiny set of commands so catastrophic they
should never run via the agent, regardless of --yolo, gateway /yolo,
approvals.mode=off, or cron approve mode.  Opting into yolo is trusting
the agent with your files and services — not trusting it to wipe the
disk or power the box off.

The list is deliberately small (12 patterns), covering only
unrecoverable ops:
- rm -rf targeting /, /home, /etc, /usr, /var, /boot, /bin, /sbin,
  /lib, ~, $HOME
- mkfs (any variant)
- dd + redirection to raw block devices (/dev/sd*, /dev/nvme*, etc.)
- fork bomb
- kill -1 / kill -9 -1
- shutdown, reboot, halt, poweroff, init 0/6, telinit 0/6,
  systemctl poweroff/reboot/halt/kexec

Recoverable-but-costly commands (git reset --hard, rm -rf /tmp/x,
chmod -R 777, curl | sh) stay in DANGEROUS_PATTERNS where yolo can
still pass them through — that's what yolo is for.

Container backends (docker/singularity/modal/daytona) continue to
bypass both hardline and dangerous checks, since nothing they do can
touch the host.

Inspired by Mercury Agent's permission-hardened blocklist.
2026-04-25 22:07:12 -07:00
..
__init__.py
test_accretion_caps.py
test_ansi_strip.py
test_approval.py test: cover absolute paths in project env/config approval regex 2026-04-23 14:05:36 -07:00
test_approval_heartbeat.py
test_base_environment.py fix(env): safely quote ~/ subpaths in wrapped cd commands 2026-04-24 15:25:12 -07:00
test_browser_camofox.py fix(tests): resolve 17 persistent CI test failures (#15084) 2026-04-24 03:46:46 -07:00
test_browser_camofox_persistence.py
test_browser_camofox_state.py test: stop testing mutable data — convert change-detectors to invariants (#13363) 2026-04-20 23:20:33 -07:00
test_browser_cdp_override.py
test_browser_cdp_tool.py fix(tests): resolve 17 persistent CI test failures (#15084) 2026-04-24 03:46:46 -07:00
test_browser_cleanup.py
test_browser_cloud_fallback.py
test_browser_console.py
test_browser_content_none_guard.py
test_browser_hardening.py
test_browser_homebrew_paths.py
test_browser_orphan_reaper.py
test_browser_secret_exfil.py
test_browser_ssrf_local.py
test_browser_supervisor.py feat(browser): CDP supervisor — dialog detection + response + cross-origin iframe eval (#14540) 2026-04-23 22:23:37 -07:00
test_budget_config.py
test_checkpoint_manager.py fix(tests): resolve 17 persistent CI test failures (#15084) 2026-04-24 03:46:46 -07:00
test_clarify_tool.py
test_clipboard.py
test_code_execution.py
test_code_execution_modes.py
test_command_guards.py
test_config_null_guard.py
test_credential_files.py
test_cron_approval_mode.py feat(approval): hardline blocklist for unrecoverable commands (#15878) 2026-04-25 22:07:12 -07:00
test_cron_prompt_injection.py
test_cronjob_tools.py
test_daytona_environment.py
test_debug_helpers.py
test_delegate.py fix(delegate): resolve subagent approval prompts without deadlocking parent TUI (#15491) 2026-04-24 22:37:22 -07:00
test_delegate_subagent_timeout_diagnostic.py feat(delegate): diagnostic dump when a subagent times out with 0 API calls (#15105) 2026-04-24 04:58:32 -07:00
test_delegate_toolset_scope.py
test_discord_tool.py feat(discord): split discord_server into discord + discord_admin tools 2026-04-25 04:50:14 -07:00
test_docker_environment.py fix(docker): add SETUID/SETGID caps so gosu drop in entrypoint succeeds 2026-04-22 18:13:14 -07:00
test_docker_find.py
test_dockerfile_pid1_reaping.py fix(docker): reap orphaned subprocesses via tini as PID 1 (#15116) 2026-04-24 05:22:34 -07:00
test_env_passthrough.py fix(env_passthrough): reject Hermes provider credentials from skill passthrough (#13523) 2026-04-21 06:14:25 -07:00
test_feishu_tools.py
test_file_operations.py tools: normalize file tool pagination bounds 2026-04-22 06:11:41 -07:00
test_file_operations_edge_cases.py tools: normalize file tool pagination bounds 2026-04-22 06:11:41 -07:00
test_file_ops_cwd_tracking.py
test_file_read_guards.py
test_file_staleness.py fix(file_tools): resolve bookkeeping paths against live terminal cwd 2026-04-23 15:11:52 -07:00
test_file_state_registry.py feat(delegate): cross-agent file state coordination for concurrent subagents (#13718) 2026-04-21 16:41:26 -07:00
test_file_sync.py
test_file_sync_back.py
test_file_sync_perf.py
test_file_tools.py fix(tests): resolve 17 persistent CI test failures (#15084) 2026-04-24 03:46:46 -07:00
test_file_tools_container_config.py
test_file_tools_live.py
test_file_write_safety.py
test_force_dangerous_override.py
test_fuzzy_match.py fix(patch): gate 'did you mean?' to no-match + extend to v4a/skill_manage 2026-04-21 02:03:46 -07:00
test_hardline_blocklist.py feat(approval): hardline blocklist for unrecoverable commands (#15878) 2026-04-25 22:07:12 -07:00
test_hidden_dir_filter.py
test_homeassistant_tool.py
test_image_generation.py feat(image-gen): add GPT Image 2 to FAL catalog (#13677) 2026-04-21 13:35:31 -07:00
test_image_generation_env.py Normalize FAL_KEY env handling (ignore whitespace-only values) 2026-04-21 02:04:21 -07:00
test_image_generation_plugin_dispatch.py fix(image-gen): force-refresh plugin providers in long-lived sessions 2026-04-23 03:01:18 -07:00
test_interrupt.py
test_llm_content_none_guard.py
test_local_background_child_hang.py
test_local_env_blocklist.py
test_local_interrupt_cleanup.py
test_local_shell_init.py fix(terminal): auto-source ~/.profile and ~/.bash_profile so n/nvm PATH survives (#14534) 2026-04-23 05:15:37 -07:00
test_local_tempdir.py
test_managed_browserbase_and_modal.py
test_managed_media_gateways.py
test_managed_modal_environment.py
test_managed_server_tool_support.py
test_managed_tool_gateway.py
test_mcp_circuit_breaker.py test(mcp): add failing tests for circuit-breaker recovery 2026-04-21 05:19:03 -07:00
test_mcp_dynamic_discovery.py
test_mcp_oauth.py
test_mcp_oauth_bidirectional.py
test_mcp_oauth_cold_load_expiry.py
test_mcp_oauth_integration.py
test_mcp_oauth_manager.py
test_mcp_probe.py
test_mcp_reconnect_signal.py
test_mcp_stability.py fix(mcp): per-process PID isolation prevents cross-session crash on restart 2026-04-23 15:11:47 -07:00
test_mcp_structured_content.py
test_mcp_tool.py fix(mcp): seed protocol header before HTTP initialize 2026-04-23 22:01:24 -07:00
test_mcp_tool_401_handling.py
test_mcp_tool_issue_948.py
test_mcp_tool_session_expired.py fix(mcp): auto-reconnect + retry once when the transport session expires (#13383) 2026-04-24 05:28:45 -07:00
test_memory_tool.py
test_memory_tool_import_fallback.py
test_mixture_of_agents_tool.py chore(release): map devorun author + convert MoA defaults test to invariant 2026-04-23 15:14:11 -07:00
test_modal_bulk_upload.py
test_modal_sandbox_fixes.py
test_modal_snapshot_isolation.py
test_notify_on_complete.py
test_osv_check.py
test_parse_env_var.py guard terminal_tool import-time env parsing 2026-04-22 14:45:50 -07:00
test_patch_parser.py
test_process_registry.py
test_read_loop_detection.py
test_registry.py fix(tests): resolve 17 persistent CI test failures (#15084) 2026-04-24 03:46:46 -07:00
test_resolve_path.py fix(file_tools): resolve bookkeeping paths against live terminal cwd 2026-04-23 15:11:52 -07:00
test_rl_training_tool.py
test_schema_sanitizer.py fix: sanitize tool schemas for llama.cpp backends; restore MCP in TUI (#15032) 2026-04-24 02:44:46 -07:00
test_search_hidden_dirs.py
test_send_message_missing_platforms.py
test_send_message_tool.py fix(send_message): accept E.164 phone numbers for signal/sms/whatsapp (#12936) 2026-04-20 03:02:44 -07:00
test_session_search.py
test_signal_media.py feat(send_message): add media delivery support for Signal 2026-04-20 13:24:15 -07:00
test_singularity_preflight.py
test_skill_env_passthrough.py
test_skill_improvements.py
test_skill_manager_tool.py feat(skills-guard): gate agent-created scanner on config.skills.guard_agent_created (default off) 2026-04-23 06:20:47 -07:00
test_skill_size_limits.py
test_skill_view_path_check.py
test_skill_view_traversal.py
test_skills_guard.py feat(skills-guard): gate agent-created scanner on config.skills.guard_agent_created (default off) 2026-04-23 06:20:47 -07:00
test_skills_hub.py
test_skills_hub_clawhub.py
test_skills_sync.py feat(skills_sync): surface collision with reset-hint 2026-04-23 05:09:08 -07:00
test_skills_tool.py fix(skills): drop raw_content to avoid doubling skill payload 2026-04-24 15:15:07 -07:00
test_spotify_client.py refactor(spotify): convert to built-in bundled plugin under plugins/spotify (#15174) 2026-04-24 07:06:11 -07:00
test_ssh_bulk_upload.py
test_ssh_environment.py fix(tools): keep SSH ControlMaster socket path under macOS 104-byte limit 2026-04-20 03:07:32 -07:00
test_symlink_prefix_confusion.py
test_sync_back_backends.py
test_terminal_compound_background.py
test_terminal_exit_semantics.py
test_terminal_foreground_timeout_cap.py
test_terminal_none_command_guard.py
test_terminal_output_transform_hook.py test: stop testing mutable data — convert change-detectors to invariants (#13363) 2026-04-20 23:20:33 -07:00
test_terminal_requirements.py
test_terminal_timeout_output.py
test_terminal_tool.py
test_terminal_tool_pty_fallback.py
test_terminal_tool_requirements.py
test_threaded_process_handle.py
test_tirith_security.py
test_todo_tool.py
test_tool_backend_helpers.py
test_tool_call_parsers.py
test_tool_output_limits.py feat(skills): add design-md skill for Google's DESIGN.md spec (#14876) 2026-04-23 21:51:19 -07:00
test_tool_result_storage.py
test_transcription.py fix(stt): map cloud-only model names to valid local size for faster-whisper (#2544) 2026-04-20 05:18:48 -07:00
test_transcription_tools.py fix(transcription): fall back to CPU when CUDA runtime libs are missing 2026-04-24 02:50:14 -07:00
test_tts_gemini.py
test_tts_kittentts.py feat(tts): complete KittenTTS integration (tools/setup/docs/tests) 2026-04-21 01:28:32 -07:00
test_tts_max_text_length.py fix(tts): use per-provider input-character caps instead of global 4000 (#13743) 2026-04-21 17:49:39 -07:00
test_tts_mistral.py
test_tts_speed.py
test_url_safety.py feat(security): add global toggle to allow private/internal URL resolution 2026-04-22 14:38:59 -07:00
test_vision_tools.py
test_voice_cli_integration.py feat(voice): add cli beep toggle 2026-04-21 00:29:29 -07:00
test_voice_mode.py
test_watch_patterns.py fix(terminal): three-layer defense against watch_patterns notification spam (#15642) 2026-04-25 06:41:58 -07:00
test_web_tools_config.py
test_web_tools_tavily.py
test_website_policy.py
test_windows_compat.py
test_write_deny.py fix(tests): resolve 17 persistent CI test failures (#15084) 2026-04-24 03:46:46 -07:00
test_yolo_mode.py feat(approval): hardline blocklist for unrecoverable commands (#15878) 2026-04-25 22:07:12 -07:00
test_zombie_process_cleanup.py fix(tests): resolve 17 persistent CI test failures (#15084) 2026-04-24 03:46:46 -07:00