Timmy_Foundation/hermes-agent
16
0
Fork 0
Code Issues 67 Pull Requests 3 Actions 8 Packages Projects Releases Wiki Activity
Files
security/fix-command-injection
hermes-agent/tools
History
Allegro 10271c6b44
Some checks failed
Supply Chain Audit / Scan PR for supply chain risks (pull_request) Failing after 25s
Details
Tests / test (pull_request) Failing after 24s
Details
Docker Build and Publish / build-and-push (pull_request) Failing after 35s
Details
security: fix command injection vulnerabilities (CVSS 9.8) 
Replace shell=True with list-based subprocess execution to prevent
command injection via malicious user input.

Changes:
- tools/transcription_tools.py: Use shlex.split() + shell=False
- tools/environments/docker.py: List-based commands with container ID validation

Fixes CVE-level vulnerability where malicious file paths or container IDs
could inject arbitrary commands.

CVSS: 9.8 (Critical)
Refs: V-001 in SECURITY_AUDIT_REPORT.md
2026-03-30 23:15:11 +00:00
..
browser_providers
feat(browser): multi-provider cloud browser support + Browser Use integration
2026-03-17 00:16:34 -07:00
environments
security: fix command injection vulnerabilities (CVSS 9.8)
2026-03-30 23:15:11 +00:00
neutts_samples
refactor(tts): replace NeuTTS optional skill with built-in provider + setup flow
2026-03-17 02:33:12 -07:00
__init__.py
chore: remove all remaining mini-swe-agent references
2026-03-24 08:19:23 -07:00
ansi_strip.py
fix: strip ANSI at the source — clean terminal output before it reaches the model
2026-03-23 07:43:12 -07:00
approval.py
feat(approvals): make dangerous command approval timeout configurable (#3886)
2026-03-30 00:02:02 -07:00
browser_tool.py
fix(browser): guard LLM response content against None in snapshot and vision (#3642)
2026-03-28 17:25:04 -07:00
checkpoint_manager.py
chore: fix 154 f-strings, simplify getattr/URL patterns, remove dead code (#3119)
2026-03-25 19:47:58 -07:00
clarify_tool.py
chore: remove ~100 unused imports across 55 files (#3016)
2026-03-25 15:02:03 -07:00
code_execution_tool.py
feat: env var passthrough for skills and user config (#2807)
2026-03-24 08:19:34 -07:00
credential_files.py
feat: mount skills directory into all remote backends with live sync (#3890)
2026-03-30 02:45:41 -07:00
cronjob_tools.py
feat(gateway): add WeCom (Enterprise WeChat) platform support (#3847)
2026-03-29 21:29:13 -07:00
debug_helpers.py
refactor: consolidate debug logging across tools with shared DebugSession class
2026-02-21 03:53:24 -08:00
delegate_tool.py
fix: report subagent status as completed when summary exists (#3829)
2026-03-29 18:21:36 -07:00
env_passthrough.py
feat: env var passthrough for skills and user config (#2807)
2026-03-24 08:19:34 -07:00
file_operations.py
fix(paths): respect HERMES_HOME for protected .env write-deny path (#3840)
2026-03-29 18:02:11 -07:00
file_tools.py
security: harden dangerous command detection and add file tool path guards (#3872)
2026-03-29 22:33:47 -07:00
fuzzy_match.py
chore: fix 154 f-strings, simplify getattr/URL patterns, remove dead code (#3119)
2026-03-25 19:47:58 -07:00
gitea_client.py
feat: add sovereign Gitea client tool
2026-03-30 22:19:26 +00:00
graph_store.py
feat: add sovereign Graph Store tool
2026-03-30 22:28:56 +00:00
homeassistant_tool.py
feat(tools): centralize tool emoji metadata in registry + skin integration
2026-03-15 20:21:21 -07:00
honcho_tools.py
fix(banner): show honcho tools as available when configured (#3810)
2026-03-29 15:55:05 -07:00
image_generation_tool.py
chore: remove ~100 unused imports across 55 files (#3016)
2026-03-25 15:02:03 -07:00
interrupt.py
feat: enhance interrupt handling and container resource configuration
2026-02-23 02:11:33 -08:00
mcp_oauth.py
chore: fix 154 f-strings, simplify getattr/URL patterns, remove dead code (#3119)
2026-03-25 19:47:58 -07:00
mcp_tool.py
feat(mcp): dynamic tool discovery via notifications/tools/list_changed (#3812)
2026-03-29 15:52:54 -07:00
memory_tool.py
fix: cap percentage displays at 100% in stats, gateway, and memory tool (#3599)
2026-03-28 14:55:18 -07:00
mixture_of_agents_tool.py
fix: guard aux LLM calls against None content + reasoning fallback + retry (salvage #3389) (#3449)
2026-03-27 15:28:19 -07:00
neutts_synth.py
fix(tts): document NeuTTS provider and align install guidance (#1903)
2026-03-18 02:55:30 -07:00
openrouter_client.py
refactor: route ad-hoc LLM consumers through centralized provider router
2026-03-11 20:02:36 -07:00
patch_parser.py
fix: handle addition-only hunks in V4A patch parser (#3325)
2026-03-26 19:38:04 -07:00
process_registry.py
chore: remove ~100 unused imports across 55 files (#3016)
2026-03-25 15:02:03 -07:00
registry.py
feat(mcp): dynamic tool discovery via notifications/tools/list_changed (#3812)
2026-03-29 15:52:54 -07:00
rl_training_tool.py
chore: fix 154 f-strings, simplify getattr/URL patterns, remove dead code (#3119)
2026-03-25 19:47:58 -07:00
send_message_tool.py
feat(gateway): add WeCom (Enterprise WeChat) platform support (#3847)
2026-03-29 21:29:13 -07:00
session_search_tool.py
fix: session_search fallback preview on summarization failure (salvage #3413) (#3478)
2026-03-27 21:27:51 -07:00
skill_manager_tool.py
fix(skills): block category path traversal in skill manager (#3844)
2026-03-29 20:08:22 -07:00
skills_guard.py
fix: guard aux LLM calls against None content + reasoning fallback + retry (salvage #3389) (#3449)
2026-03-27 15:28:19 -07:00
skills_hub.py
feat(skills): add garrytan/gstack as default Skills Hub tap (#3605)
2026-03-28 14:55:49 -07:00
skills_sync.py
refactor: consolidate get_hermes_home() and parse_reasoning_effort() (#3062)
2026-03-25 15:54:28 -07:00
skills_tool.py
feat(skills): support external skill directories via config (#3678)
2026-03-29 00:33:30 -07:00
terminal_tool.py
fix: make display_hermes_home imports lazy to prevent ImportError during hermes update (#3776)
2026-03-29 15:15:17 -07:00
tirith_security.py
chore: fix 154 f-strings, simplify getattr/URL patterns, remove dead code (#3119)
2026-03-25 19:47:58 -07:00
todo_tool.py
feat(tools): centralize tool emoji metadata in registry + skin integration
2026-03-15 20:21:21 -07:00
transcription_tools.py
security: fix command injection vulnerabilities (CVSS 9.8)
2026-03-30 23:15:11 +00:00
tts_tool.py
fix: make display_hermes_home imports lazy to prevent ImportError during hermes update (#3776)
2026-03-29 15:15:17 -07:00
url_safety.py
fix(security): add SSRF protection to vision_tools and web_tools (hardened)
2026-03-23 15:40:42 -07:00
vision_tools.py
fix: background task media delivery + vision download timeout (#3919)
2026-03-30 02:59:39 -07:00
voice_mode.py
chore: remove ~100 unused imports across 55 files (#3016)
2026-03-25 15:02:03 -07:00
web_tools.py
feat(web): add Exa as a web search and extract backend (#3648)
2026-03-28 17:35:53 -07:00
website_policy.py
refactor: consolidate get_hermes_home() and parse_reasoning_effort() (#3062)
2026-03-25 15:54:28 -07:00