mirrors/hermes-agent
1
0
Fork 0
mirror of https://github.com/NousResearch/hermes-agent.git synced 2026-05-08 03:01:47 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 7
hermes-agent/tools
History
sheeki003 375ce8a881 feat(security): add tirith pre-exec command scanning 
Integrate tirith as a pre-execution security scanner that detects
homograph URLs, pipe-to-interpreter patterns, terminal injection,
zero-width Unicode, and environment variable manipulation — threats
the existing 50-pattern dangerous command detector doesn't cover.

Architecture: gather-then-decide — both tirith and the dangerous
command detector run before any approval prompt, preventing gateway
force=True replay from bypassing one check when only the other was
shown to the user.

New files:
- tools/tirith_security.py: subprocess wrapper with auto-installer,
  mandatory cosign provenance verification, non-blocking background
  download, disk-persistent failure markers with retryable-cause
  tracking (cosign_missing auto-clears when cosign appears on PATH)
- tests/tools/test_tirith_security.py: 62 tests covering exit code
  mapping, fail_open, cosign verification, background install,
  HERMES_HOME isolation, and failure recovery
- tests/tools/test_command_guards.py: 21 integration tests for the
  combined guard orchestration

Modified files:
- tools/approval.py: add check_all_command_guards() orchestrator,
  add allow_permanent parameter to prompt_dangerous_approval()
- tools/terminal_tool.py: replace _check_dangerous_command with
  consolidated check_all_command_guards
- cli.py: update _approval_callback for allow_permanent kwarg,
  call ensure_installed() at startup
- gateway/run.py: iterate pattern_keys list on replay approval,
  call ensure_installed() at startup
- hermes_cli/config.py: add security config defaults, split
  commented sections for independent fallback
- cli-config.yaml.example: document tirith security config
2026-03-14 00:11:27 -07:00
..
environments fix(cli): respect HERMES_HOME in all remaining hardcoded ~/.hermes paths 2026-03-13 21:32:53 -07:00
__init__.py docs: complete Daytona backend documentation coverage 2026-03-06 03:37:05 -08:00
approval.py feat(security): add tirith pre-exec command scanning 2026-03-14 00:11:27 -07:00
browser_tool.py feat: call_llm/async_call_llm + config slots + migrate all consumers 2026-03-11 20:52:19 -07:00
checkpoint_manager.py fix: improve git error logging in checkpoint manager 2026-03-11 09:00:09 -07:00
clarify_tool.py More major refactor/tech debt removal! 2026-02-21 20:22:33 -08:00
code_execution_tool.py fix: head+tail truncation for execute_code stdout 2026-03-11 00:26:13 -07:00
cronjob_tools.py fix: Signal adapter parity pass — integration gaps, clawdbot features, env var simplification 2026-03-08 21:00:21 -07:00
debug_helpers.py refactor: consolidate debug logging across tools with shared DebugSession class 2026-02-21 03:53:24 -08:00
delegate_tool.py feat(delegate): add observability metadata to subagent results (#1175) 2026-03-13 08:07:12 -07:00
file_operations.py Merge PR #533: fix: use regex for search output parsing to handle Windows drive-letter paths 2026-03-09 23:18:42 -07:00
file_tools.py fix: replace debug print() with logger.error() in file_tools 2026-03-11 04:38:07 -07:00
fuzzy_match.py Cleanup time! 2026-02-20 23:23:32 -08:00
homeassistant_tool.py feat: enhance Home Assistant integration with service discovery and setup 2026-03-03 05:16:53 -08:00
honcho_tools.py feat(honcho): honcho_context can query any peer (user or ai) 2026-03-10 16:21:07 -04:00
image_generation_tool.py fix: add exc_info=True to image generation error logging 2026-03-11 09:15:45 -07:00
interrupt.py feat: enhance interrupt handling and container resource configuration 2026-02-23 02:11:33 -08:00
mcp_tool.py merge: resolve conflicts with origin/main 2026-03-12 00:29:04 -07:00
memory_tool.py Fix memory tool entry parsing when content contains section sign 2026-02-28 01:33:41 +03:00
mixture_of_agents_tool.py More major refactor/tech debt removal! 2026-02-21 20:22:33 -08:00
openrouter_client.py refactor: route ad-hoc LLM consumers through centralized provider router 2026-03-11 20:02:36 -07:00
patch_parser.py fix: align _apply_delete comment with actual behavior 2026-02-28 22:58:01 +02:00
process_registry.py fix(cli): respect HERMES_HOME in all remaining hardcoded ~/.hermes paths 2026-03-13 21:32:53 -07:00
registry.py Merge PR #275: fix(batch_runner): preserve traceback when batch worker fails 2026-03-05 01:44:05 -08:00
rl_training_tool.py Merge branch 'main' into fix/packaging-bugs 2026-03-13 03:15:45 -07:00
send_message_tool.py feat: add email gateway platform (IMAP/SMTP) 2026-03-11 06:32:01 -07:00
session_search_tool.py feat: call_llm/async_call_llm + config slots + migrate all consumers 2026-03-11 20:52:19 -07:00
skill_manager_tool.py Make skill file writes atomic 2026-03-07 00:49:10 +03:00
skills_guard.py feat: call_llm/async_call_llm + config slots + migrate all consumers 2026-03-11 20:52:19 -07:00
skills_hub.py fix: ClawHub skill install — use /download ZIP endpoint (#1060) 2026-03-12 08:26:24 -07:00
skills_sync.py fix: make skills manifest writes atomic 2026-03-08 23:53:57 -07:00
skills_tool.py fix: improve gateway secret capture guidance message 2026-03-13 04:10:22 -07:00
terminal_tool.py feat(security): add tirith pre-exec command scanning 2026-03-14 00:11:27 -07:00
tirith_security.py feat(security): add tirith pre-exec command scanning 2026-03-14 00:11:27 -07:00
todo_tool.py fix: escalate read/search blocking, track search loops, filter completed todos 2026-03-08 23:01:21 +03:00
transcription_tools.py feat(stt): add free local whisper transcription via faster-whisper (#1185) 2026-03-13 11:11:05 -07:00
tts_tool.py fix(cli): respect HERMES_HOME in all remaining hardcoded ~/.hermes paths 2026-03-13 21:32:53 -07:00
vision_tools.py feat: call_llm/async_call_llm + config slots + migrate all consumers 2026-03-11 20:52:19 -07:00
web_tools.py feat: call_llm/async_call_llm + config slots + migrate all consumers 2026-03-11 20:52:19 -07:00