mirrors/hermes-agent
1
0
Fork 0
mirror of https://github.com/NousResearch/hermes-agent.git synced 2026-06-03 07:21:54 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 11
hermes-agent/optional-skills/security/web-pentest/templates/exploitation-queue.json
Teknium 263e008d6b
feat(skills): add web-pentest optional skill (#32265) 
Adds optional-skills/security/web-pentest/ — an authorized web app
penetration testing skill adapted from Shannon's methodology (concepts
only; AGPL-clean fresh implementation).

Phased: recon (read-only) → vuln analysis (delegate_task per OWASP
class) → proof-based exploitation → report.

Guardrails baked in:
- Authorization gate before first active scan (templates/authorization.md)
- Scope allowlist (scope.txt) consulted by recon-scan.sh and
  documented as the rule for every active request
- Aux-client leakage warning (compression + title gen replay history;
  payloads/creds must not enter chat verbatim)
- Bypass-exhaustion discipline before false-positive classification
- L3/L4 (proof-required) for reportable findings; L1/L2 listed as
  candidates only

Closes #400. Supersedes #21845 (plugin-shaped proposal; skill-shaped is
cheaper and matches the existing optional-skills/security/ pattern).
2026-05-25 14:51:41 -07:00

34 lines
1.2 KiB
JSON
Raw Blame History

{
"schema": "hermes-web-pentest exploitation-queue v1",
"vuln_class": "injection|xss|auth|authz|ssrf|infra",
"generated_at": "ISO 8601 timestamp",
"engagement_id": "<engagement slug>",
"candidates": [
{
"id": "INJ-001",
"vuln_subclass": "sql_injection|command_injection|path_traversal|ssti|lfi|rfi|deserialization",
"endpoint": {
"method": "GET",
"url": "https://target.example/api/items",
"parameter": "id",
"location": "query|body|header|cookie|path"
},
"source_ref": "path/to/file.py:123",
"slot_type": "SQL-val|CMD-argument|PATH-segment|...",
"suspected_defense": "none|parameterized|escape|allowlist|...",
"verdict": "identified|partial|confirmed|critical|false_positive",
"confidence": 0.7,
"witness_payload": "' AND 1=1--",
"witness_response_signal": "row count change | timing | reflected marker | ...",
"bypass_attempts": [
{
"payload": "%2527%20OR%201=1--",
"blocked": true,
"notes": "WAF returned 403 on encoded variant"
}
],
"notes": "free text",
"next_action": "send_witness | escalate_to_L3 | classify_FP | abort_scope_concern"
}
]
}
Reference in a new issue View git blame Copy permalink