Timmy_Foundation/hermes-agent
16
0
Fork 0
Code Issues 55 Pull Requests 1 Actions 46 Packages Projects Releases Wiki Activity
Files
30c417fe7092cf0f4b69fc2f1b029d056d9a5e7e
hermes-agent/tools
History
teknium1 30c417fe70 feat: add website blocklist enforcement for web/browser tools (#1064) 
Adds security.website_blocklist config for user-managed domain blocking
across URL-capable tools. Enforced at the tool level (not monkey-patching)
so it's safe and predictable.

- tools/website_policy.py: shared policy loader with domain normalization,
  wildcard support (*.tracking.example), shared file imports, and
  structured block metadata
- web_extract: pre-fetch URL check + post-redirect recheck
- web_crawl: pre-crawl URL check + per-page URL recheck
- browser_navigate: pre-navigation URL check
- Blocked responses include blocked_by_policy metadata so the agent
  can explain exactly what was denied

Config:
  security:
    website_blocklist:
      enabled: true
      domains: ["evil.com", "*.tracking.example"]
      shared_files: ["team-blocklist.txt"]

Salvaged from PR #1086 by @kshitijk4poor. Browser post-redirect checks
deferred (browser_tool was fully rewritten since the PR branched).

Co-authored-by: kshitijk4poor <kshitijk4poor@users.noreply.github.com>
2026-03-17 02:59:39 -07:00
..
browser_providers
feat(browser): multi-provider cloud browser support + Browser Use integration
2026-03-17 00:16:34 -07:00
environments
fix(docker): add explicit env allowlist for container credentials (#1436)
2026-03-17 02:34:35 -07:00
neutts_samples
refactor(tts): replace NeuTTS optional skill with built-in provider + setup flow
2026-03-17 02:33:12 -07:00
__init__.py
feat: compress cron management into one tool
2026-03-14 12:21:50 -07:00
approval.py
fix(security): harden terminal safety and sandbox file writes (#1653)
2026-03-17 02:22:12 -07:00
browser_tool.py
feat: add website blocklist enforcement for web/browser tools (#1064)
2026-03-17 02:59:39 -07:00
checkpoint_manager.py
feat: major /rollback improvements — enabled by default, diff preview, file-level restore, conversation undo, terminal checkpoints
2026-03-16 04:43:37 -07:00
clarify_tool.py
feat(tools): centralize tool emoji metadata in registry + skin integration
2026-03-15 20:21:21 -07:00
code_execution_tool.py
fix: improve execute_code error logging and harden cleanup (#1623)
2026-03-16 23:13:26 -07:00
cronjob_tools.py
revert: revert SMS (Telnyx) platform adapter for review
2026-03-17 02:53:30 -07:00
debug_helpers.py
refactor: consolidate debug logging across tools with shared DebugSession class
2026-02-21 03:53:24 -08:00
delegate_tool.py
fix: thread safety for concurrent subagent delegation (#1672)
2026-03-17 02:53:33 -07:00
file_operations.py
fix: make _is_write_denied robust to Path objects (#1678)
2026-03-17 02:57:02 -07:00
file_tools.py
fix: prevent infinite 400 loop on context overflow + block prompt injection via cache files (#1630, #1558)
2026-03-17 01:50:59 -07:00
fuzzy_match.py
feat: permissive block_anchor thresholds and unicode normalization (#1539)
2026-03-16 05:29:25 -07:00
homeassistant_tool.py
feat(tools): centralize tool emoji metadata in registry + skin integration
2026-03-15 20:21:21 -07:00
honcho_tools.py
fix(honcho): isolate session routing for multi-user gateway (#1500)
2026-03-16 00:23:47 -07:00
image_generation_tool.py
feat(tools): centralize tool emoji metadata in registry + skin integration
2026-03-15 20:21:21 -07:00
infsh_tool.py
feat: add inference.sh integration (infsh tool + skill) (#1682)
2026-03-17 02:59:21 -07:00
interrupt.py
feat: enhance interrupt handling and container resource configuration
2026-02-23 02:11:33 -08:00
mcp_tool.py
feat(mcp): make selective tool loading capability-aware
2026-03-14 06:22:02 -07:00
memory_tool.py
feat: improve memory prioritization + aggressive skill updates (inspired by OpenAI Codex)
2026-03-16 06:52:32 -07:00
mixture_of_agents_tool.py
feat(tools): centralize tool emoji metadata in registry + skin integration
2026-03-15 20:21:21 -07:00
neutts_synth.py
refactor(tts): replace NeuTTS optional skill with built-in provider + setup flow
2026-03-17 02:33:12 -07:00
openrouter_client.py
refactor: route ad-hoc LLM consumers through centralized provider router
2026-03-11 20:02:36 -07:00
patch_parser.py
fix(patch): use regex to detect line-number prefix to avoid corrupting pipe chars
2026-03-14 03:47:13 -07:00
process_registry.py
feat(tools): centralize tool emoji metadata in registry + skin integration
2026-03-15 20:21:21 -07:00
registry.py
feat(tools): centralize tool emoji metadata in registry + skin integration
2026-03-15 20:21:21 -07:00
rl_training_tool.py
feat(tools): centralize tool emoji metadata in registry + skin integration
2026-03-15 20:21:21 -07:00
send_message_tool.py
revert: revert SMS (Telnyx) platform adapter for review
2026-03-17 02:53:30 -07:00
session_search_tool.py
fix(logging): improve error logging in session search tool (#1533)
2026-03-16 05:22:00 -07:00
skill_manager_tool.py
Merge pull request #1537 from aydnOktay/improve/skill-manager-error-logging
2026-03-17 01:53:58 -07:00
skills_guard.py
fix(skills): honor policy table for dangerous verdicts
2026-03-14 11:27:02 -07:00
skills_hub.py
feat: add NeuTTS optional skill + local TTS provider backend
2026-03-17 02:13:34 -07:00
skills_sync.py
fix: make skills manifest writes atomic
2026-03-08 23:53:57 -07:00
skills_tool.py
fix: prevent infinite 400 loop on context overflow + block prompt injection via cache files (#1630, #1558)
2026-03-17 01:50:59 -07:00
terminal_tool.py
fix(docker): add explicit env allowlist for container credentials (#1436)
2026-03-17 02:34:35 -07:00
tirith_security.py
fix: send_animation metadata, MarkdownV2 inline code splitting, tirith cosign-free install (#1626)
2026-03-16 23:39:41 -07:00
todo_tool.py
feat(tools): centralize tool emoji metadata in registry + skin integration
2026-03-15 20:21:21 -07:00
transcription_tools.py
fix: restore local STT fallback for gateway voice notes
2026-03-15 21:51:40 -07:00
tts_tool.py
refactor(tts): replace NeuTTS optional skill with built-in provider + setup flow
2026-03-17 02:33:12 -07:00
vision_tools.py
feat(tools): centralize tool emoji metadata in registry + skin integration
2026-03-15 20:21:21 -07:00
voice_mode.py
fix: propagate STT disable through shared transcription config
2026-03-14 22:09:59 -07:00
web_tools.py
feat: add website blocklist enforcement for web/browser tools (#1064)
2026-03-17 02:59:39 -07:00
website_policy.py
feat: add website blocklist enforcement for web/browser tools (#1064)
2026-03-17 02:59:39 -07:00