tekelala fbb1923fad fix(security): patch path traversal, size bypass, and prompt injection in document processing ... - Sanitize filenames in cache_document_from_bytes to prevent path traversal (strip directory components, null bytes, resolve check) - Reject documents with None file_size instead of silently allowing download - Cap text file injection at 100 KB to prevent oversized prompt payloads - Sanitize display_name in run.py context notes to block prompt injection via filenames - Add 35 unit tests covering document cache utilities and Telegram document handling Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>		2026-02-27 11:53:46 -05:00
..
agent	Merge pull request #62 from 0xbyt4/test/expand-coverage-2	2026-02-27 01:47:30 -08:00
cron	Merge pull request #62 from 0xbyt4/test/expand-coverage-2	2026-02-27 01:47:30 -08:00
gateway	fix(security): patch path traversal, size bypass, and prompt injection in document processing	2026-02-27 11:53:46 -05:00
hermes_cli	test: enhance session source tests and add validation for chat types	2026-02-26 00:53:57 -08:00
integration	test: reorganize test structure and add missing unit tests	2026-02-26 03:20:08 +03:00
tools	Merge pull request #62 from 0xbyt4/test/expand-coverage-2	2026-02-27 01:47:30 -08:00
__init__.py	A bit of restructuring for simplicity and organization	2025-10-01 23:29:25 +00:00
conftest.py	test: reorganize test structure and add missing unit tests	2026-02-26 03:20:08 +03:00
test_hermes_state.py	test: add unit tests for 8 untested modules	2026-02-26 13:27:58 +03:00
test_model_tools.py	test: add unit tests for 8 modules (batch 2)	2026-02-26 13:54:20 +03:00
test_run_agent.py	test: add unit tests for run_agent.py (AIAgent)	2026-02-26 16:15:04 +03:00
test_toolset_distributions.py	test: add unit tests for 8 modules (batch 2)	2026-02-26 13:54:20 +03:00
test_toolsets.py	test: add unit tests for 8 untested modules	2026-02-26 13:27:58 +03:00