mirrors/hermes-agent
1
0
Fork 0
mirror of https://github.com/NousResearch/hermes-agent.git synced 2026-04-25 00:51:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
hermes-agent/tools
History
teknium1 172a38c344 fix: Docker persistent bind mounts fail with Permission denied 
cap-drop ALL removes DAC_OVERRIDE, which root needs to write to
bind-mounted directories owned by the host user (uid 1000). This
broke persistent Docker sandboxes — the container couldn't write
to /workspace or /root.

Add back the minimum capabilities needed:
- DAC_OVERRIDE: root can write to bind-mounted dirs owned by host user
- CHOWN: package managers (pip, npm, apt) need to set file ownership
- FOWNER: needed for operations on files owned by other users

Still drops all other capabilities (NET_RAW, SYS_ADMIN, etc.) and
keeps no-new-privileges. Security boundary is the container itself.

Verified end-to-end: create files → destroy container → new container
with same task_id → files persist on host and are accessible in the
new container.
2026-03-09 17:52:33 -07:00
..
environments fix: Docker persistent bind mounts fail with Permission denied 2026-03-09 17:52:33 -07:00
__init__.py docs: complete Daytona backend documentation coverage 2026-03-06 03:37:05 -08:00
approval.py feat(terminal): integrate Daytona backend into tool pipeline 2026-03-05 10:02:21 -08:00
browser_tool.py feat: browser console/errors tool, annotated screenshots, auto-recording, and dogfood QA skill 2026-03-08 21:28:12 -07:00
clarify_tool.py More major refactor/tech debt removal! 2026-02-21 20:22:33 -08:00
code_execution_tool.py fix: macOS browser/code-exec socket path exceeds Unix limit (#374) 2026-03-08 19:31:23 -07:00
cronjob_tools.py fix: Signal adapter parity pass — integration gaps, clawdbot features, env var simplification 2026-03-08 21:00:21 -07:00
debug_helpers.py refactor: consolidate debug logging across tools with shared DebugSession class 2026-02-21 03:53:24 -08:00
delegate_tool.py feat(delegate_tool): add additional parameters for child agent configuration 2026-03-07 11:29:17 -08:00
file_operations.py fix(security): prevent shell injection in tilde-username path expansion 2026-03-09 17:33:19 -07:00
file_tools.py fix: apply secret redaction to file tool outputs 2026-03-09 00:49:46 -07:00
fuzzy_match.py Cleanup time! 2026-02-20 23:23:32 -08:00
homeassistant_tool.py feat: enhance Home Assistant integration with service discovery and setup 2026-03-03 05:16:53 -08:00
honcho_tools.py feat: add Honcho AI-native memory integration 2026-02-26 18:07:17 -05:00
image_generation_tool.py Fix image_generate 'Event loop is closed' in gateway 2026-03-07 16:56:49 -08:00
interrupt.py feat: enhance interrupt handling and container resource configuration 2026-02-23 02:11:33 -08:00
mcp_tool.py feat(mcp): add sampling support — server-initiated LLM requests (#753) 2026-03-09 03:37:38 -07:00
memory_tool.py Fix memory tool entry parsing when content contains section sign 2026-02-28 01:33:41 +03:00
mixture_of_agents_tool.py More major refactor/tech debt removal! 2026-02-21 20:22:33 -08:00
openrouter_client.py fix(headers): update X-OpenRouter-Categories to include 'productivity' 2026-02-28 10:38:49 -08:00
patch_parser.py fix: align _apply_delete comment with actual behavior 2026-02-28 22:58:01 +02:00
process_registry.py refactor: extract atomic_json_write helper, add 24 checkpoint tests 2026-03-06 05:50:12 -08:00
registry.py Merge PR #275: fix(batch_runner): preserve traceback when batch worker fails 2026-03-05 01:44:05 -08:00
rl_training_tool.py Update MiniMax model ID from m2.1 to m2.5 2026-03-06 16:47:48 +08:00
send_message_tool.py fix: Signal adapter parity pass — integration gaps, clawdbot features, env var simplification 2026-03-08 21:00:21 -07:00
session_search_tool.py refactor: clean up type hints and docstrings in session_search_tool 2026-03-04 21:25:54 -08:00
skill_manager_tool.py Harden agent attack surface: scan writes to memory, skills, cron, and context files 2026-02-25 23:43:15 -05:00
skills_guard.py Add OpenRouter app attribution headers to skills_guard and trajectory_compressor 2026-03-08 14:23:18 -07:00
skills_hub.py fix: review fixes — path traversal guard, trust_style consistency, edge cases 2026-03-06 01:40:01 -08:00
skills_sync.py fix: make skills manifest writes atomic 2026-03-08 23:53:57 -07:00
skills_tool.py Revert "feat: skill prerequisites — hide skills with unmet runtime dependencies" 2026-03-08 03:58:13 -07:00
terminal_tool.py feat(terminal): integrate Daytona backend into tool pipeline 2026-03-05 10:02:21 -08:00
todo_tool.py More major refactor/tech debt removal! 2026-02-21 20:22:33 -08:00
transcription_tools.py refactor: clean up transcription_tools after PR #262 merge 2026-03-04 21:35:04 -08:00
tts_tool.py refactor: streamline API key retrieval in transcription and TTS tools 2026-02-26 19:56:42 -08:00
vision_tools.py Merge PR #428: Improve type hints and error diagnostics in vision_tools 2026-03-09 15:27:54 -07:00
web_tools.py feat: enhance auxiliary model configuration and environment variable handling 2026-03-08 18:06:47 -07:00