Timmy_Foundation/hermes-agent
15
0
Fork 0
Code Issues 248 Pull Requests 14 Actions 1 Packages Projects Releases Wiki Activity

fix: allow agent-created skills with caution-level findings

Browse Source 
Agent-created skills were using the same policy as community hub
installs, blocking any skill with medium/high severity findings
(e.g. docker pull, pip install, git clone). This meant the agent
couldn't create skills that reference Docker or other common tools.

Changed agent-created policy from (allow, block, block) to
(allow, allow, block) — matching the trusted policy. Caution-level
findings (medium/high severity) are now allowed through, while
dangerous findings (critical severity like exfiltration, prompt
injection, reverse shells) remain blocked.

Added 4 tests covering the agent-created policy: safe allowed,
caution allowed, dangerous blocked, force override.
This commit is contained in:
Test
2026-03-17 12:18:53 -07:00
parent 6e4415e865
commit 0fab46f65c
2 changed files with 29 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
tools/skills_guard.py
View File

@@ -43,7 +43,7 @@ INSTALL_POLICY = {
"builtin": ("allow", "allow", "allow"),
"trusted": ("allow", "allow", "block"),
"community": ("allow", "block", "block"),
"agent-created": ("allow", "block", "block"),
"agent-created": ("allow", "allow", "block"),
}
VERDICT_INDEX = {"safe": 0, "caution": 1, "dangerous": 2}