Timmy_Foundation/hermes-agent
15
0
Fork 0
Code Issues 69 Pull Requests Actions Packages Projects Releases Wiki Activity

fix(security): apply same multi-word bypass fix to disregard pattern

Browse Source 
The 'disregard ... instructions/rules/guidelines' regex had the
same single-word gap vulnerability as the 'ignore' pattern fixed
in PR #192. 'disregard all your instructions' bypassed the scanner.

Added (?:\w+\s+)* between both keyword groups to allow arbitrary
intermediate words.
This commit is contained in:
teknium1
2026-03-04 05:55:38 -08:00
parent 520a26c48f
commit ba214e43c8
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
tools/skills_guard.py
View File

@@ -172,7 +172,7 @@ THREAT_PATTERNS = [
(r'pretend\s+(you\s+are|to\s+be)\s+',
"role_pretend", "high", "injection",
"attempts to make the agent assume a different identity"),
(r'disregard\s+(your|all|any)\s+(instructions|rules|guidelines)',
(r'disregard\s+(?:\w+\s+)*(your|all|any)\s+(?:\w+\s+)*(instructions|rules|guidelines)',
"disregard_rules", "critical", "injection",
"instructs agent to disregard its rules"),
(r'output\s+the\s+(system|initial)\s+prompt',