mirror of
https://github.com/NousResearch/hermes-agent.git
synced 2026-06-07 08:02:23 +00:00
263e008d6b
Adds optional-skills/security/web-pentest/ — an authorized web app penetration testing skill adapted from Shannon's methodology (concepts only; AGPL-clean fresh implementation). Phased: recon (read-only) → vuln analysis (delegate_task per OWASP class) → proof-based exploitation → report. Guardrails baked in: - Authorization gate before first active scan (templates/authorization.md) - Scope allowlist (scope.txt) consulted by recon-scan.sh and documented as the rule for every active request - Aux-client leakage warning (compression + title gen replay history; payloads/creds must not enter chat verbatim) - Bypass-exhaustion discipline before false-positive classification - L3/L4 (proof-required) for reportable findings; L1/L2 listed as candidates only Closes #400. Supersedes #21845 (plugin-shaped proposal; skill-shaped is cheaper and matches the existing optional-skills/security/ pattern).
69 lines
2.4 KiB
Markdown
69 lines
2.4 KiB
Markdown
# Engagement Authorization
|
|
|
|
Fill out before any active testing. Save to `engagement/authorization.md`.
|
|
|
|
---
|
|
|
|
**Engagement ID:** <UUID or short slug>
|
|
**Operator:** <name of the person driving this Hermes session>
|
|
**Date opened:** <ISO 8601 timestamp>
|
|
**Engagement window:** <start ISO timestamp> through <end ISO timestamp>
|
|
|
|
## Target
|
|
|
|
- Primary URL(s):
|
|
- https://...
|
|
- Primary IP(s):
|
|
- X.X.X.X
|
|
- Hostnames covered:
|
|
- host.example.com
|
|
- api.host.example.com
|
|
- Networks covered (CIDR):
|
|
- 10.0.0.0/24 (internal lab)
|
|
|
|
## Authorization Basis
|
|
|
|
(Pick one — record evidence in writing for anything but ownership.)
|
|
|
|
- [ ] Operator owns the application and infrastructure being tested.
|
|
- [ ] Written authorization from <name, role, organization, date>.
|
|
Document stored at: <path or link to signed authorization>.
|
|
- [ ] Hermes Agent dashboard, running on this same workstation, used
|
|
as a self-test target. Operator confirms no other user is
|
|
connected to the dashboard instance during the engagement.
|
|
|
|
## Out of Scope (must not be tested)
|
|
|
|
- Production systems unless explicitly listed above
|
|
- Third-party APIs / SaaS the application calls into
|
|
- Other tenants if the target is multi-tenant
|
|
- Cloud metadata endpoints (169.254.169.254, etc.) unless explicitly
|
|
included above
|
|
- Destructive payloads (DROP, DELETE, file writes outside test
|
|
directories) without per-payload approval
|
|
- Active social engineering, phishing, physical security
|
|
|
|
## Constraints
|
|
|
|
- Rate limit: <N> req/s per host. Default 5/s (200ms gap).
|
|
- Hours: <none> | <only between HH:MM and HH:MM local>
|
|
- Notify-before for: <list of categories> e.g. "any payload that
|
|
writes data," "any traffic that touches the auth endpoint after
|
|
10pm local"
|
|
|
|
## Acknowledgement
|
|
|
|
By approving this engagement, the operator confirms:
|
|
|
|
1. The targets listed above are authorized for active testing by the
|
|
listed authorization basis.
|
|
2. Testing may produce HTTP 4xx/5xx responses, log noise, alert
|
|
notifications, and rate-limit triggers in monitoring systems.
|
|
3. The operator is responsible for any consequences of testing
|
|
targets that are NOT correctly authorized.
|
|
4. The operator will revoke authorization (by stopping the agent) if
|
|
the scope changes, the time window ends, or any unexpected
|
|
off-scope behavior is observed.
|
|
|
|
**Operator signature (typed name):** ________________
|
|
**Confirmed at:** <ISO 8601 timestamp>
|