hermes-agent/hermes_cli at 0f2ea2062bc0041b6c954e1ec8b4be0fbd45734e - hermes-agent - Hermes Gitea

Timmy_Foundation/hermes-agent

Files

History

Gutslabs 0f2ea2062b fix(profiles): validate tar archive member paths on import

Fixes a zip-slip path traversal vulnerability in hermes profile import.
shutil.unpack_archive() on untrusted tar members allows entries like
../../escape.txt to write files outside ~/.hermes/profiles/.

- Add _normalize_profile_archive_parts() to reject absolute paths
  (POSIX and Windows), traversal (..), empty paths, backslash tricks
- Add _safe_extract_profile_archive() for manual per-member extraction
  that only allows regular files and directories (rejects symlinks)
- Replace shutil.unpack_archive() with the safe extraction path
- Add regression tests for traversal and absolute-path attacks

Co-authored-by: Gutslabs <gutslabsxyz@gmail.com>

2026-03-31 12:14:27 -07:00

..

__init__.py

chore: release v0.6.0 (2026.3.30) (#3985 )

2026-03-30 08:29:38 -07:00

auth_commands.py

feat(auth): same-provider credential pools with rotation, custom endpoint support, and interactive CLI (#2647 )

2026-03-31 03:10:01 -07:00

auth.py

feat(auth): same-provider credential pools with rotation, custom endpoint support, and interactive CLI (#2647 )

2026-03-31 03:10:01 -07:00

banner.py

chore: prepare Hermes for Homebrew packaging (#4099 )

2026-03-30 17:34:43 -07:00

callbacks.py

feat(approvals): make dangerous command approval timeout configurable (#3886 )

2026-03-30 00:02:02 -07:00

checklist.py

fix: add TTY guard to interactive CLI commands to prevent CPU spin (#3933 )

2026-03-30 08:10:23 -07:00

claw.py

feat: add post-migration cleanup for OpenClaw directories (#4100 )

2026-03-30 17:39:08 -07:00

clipboard.py

fix: clean up empty file after failed wl-paste clipboard extraction

2026-03-11 02:56:19 -07:00

codex_models.py

fix: add gpt-5.4-mini to Codex fallback catalog (#3855 )

2026-03-29 20:10:00 -07:00

colors.py

feat: respect NO_COLOR env var and TERM=dumb (#4079 )

2026-03-30 17:07:21 -07:00

commands.py

fix(telegram): enforce 32-char limit on command names with collision avoidance (#4211 )

2026-03-31 02:41:50 -07:00

config.py

fix(cli): allow empty strings and falsy values in config set

2026-03-31 11:41:12 -07:00

copilot_auth.py

chore: remove ~100 unused imports across 55 files (#3016 )

2026-03-25 15:02:03 -07:00

cron.py

fix(cron): stop truncating job IDs in list view (#4132 )

2026-03-30 19:05:34 -07:00

curses_ui.py

fix: add TTY guard to interactive CLI commands to prevent CPU spin (#3933 )

2026-03-30 08:10:23 -07:00

default_soul.py

fix: reset default SOUL.md to baseline identity text (#3159 )

2026-03-26 01:34:27 -07:00

doctor.py

fix(cli): add missing subprocess.run() timeouts in doctor and status (#4009 )

2026-03-30 11:17:15 -07:00

env_loader.py

chore: remove ~100 unused imports across 55 files (#3016 )

2026-03-25 15:02:03 -07:00

gateway.py

feat(gateway): add WeCom (Enterprise WeChat) platform support (#3847 )

2026-03-29 21:29:13 -07:00

main.py

feat: add --max-turns CLI flag to hermes chat

2026-03-31 12:10:12 -07:00

mcp_config.py

fix: add TTY guard to interactive CLI commands to prevent CPU spin (#3933 )

2026-03-30 08:10:23 -07:00

model_switch.py

chore: remove ~100 unused imports across 55 files (#3016 )

2026-03-25 15:02:03 -07:00

models.py

feat: add MiniMax M2.7 to hermes model picker and opencode-go (#4208 )

2026-03-31 01:54:13 -07:00

pairing.py

chore: fix 154 f-strings, simplify getattr/URL patterns, remove dead code (#3119 )

2026-03-25 19:47:58 -07:00

plugins_cmd.py

chore: prepare Hermes for Homebrew packaging (#4099 )

2026-03-30 17:34:43 -07:00

plugins.py

feat(plugins): add inject_message interface for remote message injection (#3778 )

2026-03-30 02:48:06 -07:00

profiles.py

fix(profiles): validate tar archive member paths on import

2026-03-31 12:14:27 -07:00

runtime_provider.py

feat(auth): same-provider credential pools with rotation, custom endpoint support, and interactive CLI (#2647 )

2026-03-31 03:10:01 -07:00

setup.py

feat(auth): same-provider credential pools with rotation, custom endpoint support, and interactive CLI (#2647 )

2026-03-31 03:10:01 -07:00

skills_config.py

feat(gateway): add WeCom (Enterprise WeChat) platform support (#3847 )

2026-03-29 21:29:13 -07:00

skills_hub.py

fix(skills): validate hub bundle paths before install (#3986 )

2026-03-30 08:37:19 -07:00

skin_engine.py

refactor: consolidate get_hermes_home() and parse_reasoning_effort() (#3062 )

2026-03-25 15:54:28 -07:00

status.py

fix(cli): add missing subprocess.run() timeouts in doctor and status (#4009 )

2026-03-30 11:17:15 -07:00

tools_config.py

refactor: make config.yaml the single source of truth for endpoint URLs (#4165 )

2026-03-30 22:02:53 -07:00

uninstall.py

chore: fix 154 f-strings, simplify getattr/URL patterns, remove dead code (#3119 )

2026-03-25 19:47:58 -07:00

webhook.py

fix: replace user-facing hardcoded ~/.hermes paths with display_hermes_home()

2026-03-28 23:47:21 -07:00