hermes-agent/hermes_cli
Teknium 7b6d14e62a
fix(gateway): replace bare text approval with /approve and /deny commands (#2002)
The gateway approval system previously intercepted bare 'yes'/'no' text
from the user's next message to approve/deny dangerous commands. This was
fragile and dangerous — if the agent asked a clarify question and the user
said 'yes' to answer it, the gateway would execute the pending dangerous
command instead. (Fixes #1888)

Changes:
- Remove bare text matching ('yes', 'y', 'approve', 'ok', etc.) from
  _handle_message approval check
- Add /approve and /deny as gateway-only slash commands in the command
  registry
- /approve supports scoping: /approve (one-time), /approve session,
  /approve always (permanent)
- Add 5-minute timeout for stale approvals
- Gateway appends structured instructions to the agent response when a
  dangerous command is pending, telling the user exactly how to respond
- 9 tests covering approve, deny, timeout, scoping, and verification
  that bare 'yes' no longer triggers execution

Credit to @solo386 and @FlyByNight69420 for identifying and reporting
this security issue in PR #1971 and issue #1888.

Co-authored-by: Test <test@test.com>
2026-03-18 16:58:20 -07:00
..
__init__.py feat: integrate GitHub Copilot providers across Hermes 2026-03-17 23:40:22 -07:00
auth.py feat: proper Copilot auth with OAuth device code flow and token validation 2026-03-18 03:25:58 -07:00
banner.py fix(banner): normalize toolset labels and use skin colors 2026-03-18 03:22:58 -07:00
callbacks.py refactor(cli): implement approval locking mechanism to serialize concurrent requests 2026-03-13 23:59:18 -07:00
checklist.py fix: skip hanging tests + add global test timeout 2026-03-12 01:23:28 -07:00
claw.py fix(claw): warn when API keys are skipped during OpenClaw migration (#1580) 2026-03-17 02:10:36 -07:00
clipboard.py fix: clean up empty file after failed wl-paste clipboard extraction 2026-03-11 02:56:19 -07:00
codex_models.py fix: add codex forward-compat model listing 2026-03-13 21:34:01 -07:00
colors.py Revert "feat(cli): skin-aware light/dark theme mode with terminal auto-detection" 2026-03-17 10:04:53 -07:00
commands.py fix(gateway): replace bare text approval with /approve and /deny commands (#2002) 2026-03-18 16:58:20 -07:00
config.py feat: OpenAI-compatible API server + WhatsApp configurable reply prefix (#1756) 2026-03-17 10:44:37 -07:00
copilot_auth.py feat: proper Copilot auth with OAuth device code flow and token validation 2026-03-18 03:25:58 -07:00
cron.py docs: clarify gateway service scopes (#1378) 2026-03-14 21:17:41 -07:00
curses_ui.py refactor: extract shared curses checklist, fix skill discovery perf 2026-03-11 03:06:15 -07:00
default_soul.py feat: seed a default global SOUL.md 2026-03-14 08:05:30 -07:00
doctor.py feat: add Kilo Code (kilocode) as first-class inference provider (#1666) 2026-03-17 02:40:34 -07:00
env_loader.py fix(config): reload .env over stale shell overrides 2026-03-15 06:46:28 -07:00
gateway.py fix(gateway): detect script-style gateway processes for --replace 2026-03-18 03:12:59 -07:00
main.py feat: proper Copilot auth with OAuth device code flow and token validation 2026-03-18 03:25:58 -07:00
models.py Merge origin/main, resolve conflicts (self._base_url_lower) 2026-03-18 04:09:00 -07:00
pairing.py Cleanup time! 2026-02-20 23:23:32 -08:00
plugins.py feat: first-class plugin architecture (#1555) 2026-03-16 07:17:36 -07:00
runtime_provider.py fix: respect config.yaml model.base_url for Anthropic provider (#1948) (#1998) 2026-03-18 16:51:24 -07:00
setup.py Merge origin/main, resolve conflicts (self._base_url_lower) 2026-03-18 04:09:00 -07:00
skills_config.py fix: wire email platform into toolset mappings + add documentation 2026-03-11 06:34:32 -07:00
skills_hub.py fix: add --yes flag to bypass confirmation in /skills install and uninstall (#1647) 2026-03-17 01:59:07 -07:00
skin_engine.py Revert "feat(cli): skin-aware light/dark theme mode with terminal auto-detection" 2026-03-17 10:04:53 -07:00
status.py feat(web): add Tavily as web search/extract/crawl backend (#1731) 2026-03-17 04:28:03 -07:00
tools_config.py feat(web): add Tavily as web search/extract/crawl backend (#1731) 2026-03-17 04:28:03 -07:00
uninstall.py feat(gateway): scope systemd service name to HERMES_HOME 2026-03-16 04:42:46 -07:00