mirror of
https://github.com/NousResearch/hermes-agent.git
synced 2026-07-09 13:21:42 +00:00
Addresses egilewski (Codex) CR on PR #52351: the run_job() credential-exfil backstop caught every exception around _validate_cron_base_url() and set err = None, so an unexpected validator/import error let an unvetted stored provider/base_url pair reach resolve_runtime_provider() — the very sink this checkpoint exists to guard. A synthetic validator-exception probe with a legacy custom:legit + off-host base_url job slipped through (validator_exception ALLOW). Now fail closed: if the validator raises and the job carries a base_url override (the exfil precondition), refuse the run. A job with no base_url override can't exfiltrate via this path — the validator would return None — so it still runs, keeping the common no-override jobs from wedging on an unrelated error. Operator fallback providers come from config, not the job, so they are unaffected. Adds two regressions: validator-exception + base_url -> blocked; validator-exception without base_url -> still allowed. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| __init__.py | ||
| conftest.py | ||
| test_blueprint_catalog.py | ||
| test_claim_job_for_fire.py | ||
| test_codex_execution_paths.py | ||
| test_compute_next_run_last_run_at.py | ||
| test_cron_context_from.py | ||
| test_cron_inactivity_timeout.py | ||
| test_cron_no_agent.py | ||
| test_cron_profile_isolation.py | ||
| test_cron_prompt_injection_skill.py | ||
| test_cron_provider_pin.py | ||
| test_cron_script.py | ||
| test_cron_workdir.py | ||
| test_cronjob_schema.py | ||
| test_file_permissions.py | ||
| test_jobs.py | ||
| test_jobs_changed_notify.py | ||
| test_jobs_crossprocess_lock.py | ||
| test_parallel_pool.py | ||
| test_rewrite_skill_refs.py | ||
| test_run_one_job.py | ||
| test_scheduler.py | ||
| test_scheduler_mcp_init.py | ||
| test_scheduler_provider.py | ||
| test_suggestions.py | ||