mirrors/hermes-agent
1
0
Fork 0
mirror of https://github.com/NousResearch/hermes-agent.git synced 2026-06-05 07:41:39 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 11
hermes-agent/optional-skills/research/darwinian-evolver
History
JiahuiGu 0a2ee71ccc
fix(skill): guard pickle.loads in darwinian-evolver show_snapshot with explicit flag (#29276) 
show_snapshot.py unpickled a user-supplied path unconditionally. pickle.loads
is equivalent to arbitrary code execution, so a snapshot from an untrusted
source = RCE. Require an explicit --i-trust-this-file acknowledgement before
calling pickle.loads, and emit a stderr warning when proceeding.

Co-authored-by: Jiahui-Gu <jiahuigu@users.noreply.github.com>
2026-05-25 01:51:21 -07:00
..
scripts fix(skill): guard pickle.loads in darwinian-evolver show_snapshot with explicit flag (#29276) 2026-05-25 01:51:21 -07:00
templates feat(skill): darwinian-evolver optional skill 2026-05-15 21:56:07 -07:00
SKILL.md feat(skill): darwinian-evolver optional skill 2026-05-15 21:56:07 -07:00