Timmy_Foundation/hermes-agent
15
0
Fork 0
Code Issues 64 Pull Requests 5 Actions 1 Packages Projects Releases Wiki Activity
Files
80cc27eb9d3b180a1d5f54848906018365a062ea
hermes-agent/tools
History
Teknium 1b24a226ea fix(skills): agent-created skills were incorrectly treated as untrusted community content 
_resolve_trust_level() didn't handle 'agent-created' source, so it
fell through to 'community' trust level. Community policy blocks on
any caution or dangerous findings, which meant common patterns like
curl with env vars, systemctl, crontab, cloudflared references etc.
would block skill creation/patching.

The agent-created policy row already existed in INSTALL_POLICY with
permissive settings (allow caution, ask on dangerous) but was never
reached. Now it is.

Fixes reports of skill_manage being blocked by security scanner.
2026-03-24 19:15:03 -07:00
..
browser_providers
feat(browser): multi-provider cloud browser support + Browser Use integration
2026-03-17 00:16:34 -07:00
environments
feat: env var passthrough for skills and user config (#2807)
2026-03-24 08:19:34 -07:00
neutts_samples
refactor(tts): replace NeuTTS optional skill with built-in provider + setup flow
2026-03-17 02:33:12 -07:00
__init__.py
chore: remove all remaining mini-swe-agent references
2026-03-24 08:19:23 -07:00
ansi_strip.py
fix: strip ANSI at the source — clean terminal output before it reaches the model
2026-03-23 07:43:12 -07:00
approval.py
fix(approval): honor bare YAML approvals.mode: off (#2620)
2026-03-23 06:56:09 -07:00
browser_tool.py
fix: browser_vision ignores auxiliary.vision.timeout config (#2901)
2026-03-24 19:10:12 -07:00
checkpoint_manager.py
feat: major /rollback improvements — enabled by default, diff preview, file-level restore, conversation undo, terminal checkpoints
2026-03-16 04:43:37 -07:00
clarify_tool.py
feat(tools): centralize tool emoji metadata in registry + skin integration
2026-03-15 20:21:21 -07:00
code_execution_tool.py
feat: env var passthrough for skills and user config (#2807)
2026-03-24 08:19:34 -07:00
cronjob_tools.py
fix: normalize repeat<=0 to None to prevent cron jobs deleting after first run (#2612)
2026-03-23 06:35:43 -07:00
debug_helpers.py
refactor: consolidate debug logging across tools with shared DebugSession class
2026-02-21 03:53:24 -08:00
delegate_tool.py
fix: 6 bugs in model metadata, reasoning detection, and delegate tool
2026-03-20 08:52:37 -07:00
env_passthrough.py
feat: env var passthrough for skills and user config (#2807)
2026-03-24 08:19:34 -07:00
file_operations.py
fix(security): prevent shell injection in _expand_path via ~user path suffix (#2047)
2026-03-23 16:00:34 -07:00
file_tools.py
fix: strip ANSI at the source — clean terminal output before it reaches the model
2026-03-23 07:43:12 -07:00
fuzzy_match.py
fix(tools): browser handler safety + fuzzy_match docstring accuracy
2026-03-17 04:32:39 -07:00
homeassistant_tool.py
feat(tools): centralize tool emoji metadata in registry + skin integration
2026-03-15 20:21:21 -07:00
honcho_tools.py
fix(honcho): isolate session routing for multi-user gateway (#1500)
2026-03-16 00:23:47 -07:00
image_generation_tool.py
feat(tools): centralize tool emoji metadata in registry + skin integration
2026-03-15 20:21:21 -07:00
interrupt.py
feat: enhance interrupt handling and container resource configuration
2026-02-23 02:11:33 -08:00
mcp_oauth.py
fix(mcp-oauth): port mismatch, path traversal, and shared handler state (salvage #2521) (#2552)
2026-03-22 15:02:26 -07:00
mcp_tool.py
feat(cli): MCP server management CLI + OAuth 2.1 PKCE auth
2026-03-22 04:52:52 -07:00
memory_tool.py
fix(memory): file-lock read-modify-write to prevent concurrent data loss
2026-03-17 04:19:11 -07:00
mixture_of_agents_tool.py
feat(tools): centralize tool emoji metadata in registry + skin integration
2026-03-15 20:21:21 -07:00
neutts_synth.py
fix(tts): document NeuTTS provider and align install guidance (#1903)
2026-03-18 02:55:30 -07:00
openrouter_client.py
refactor: route ad-hoc LLM consumers through centralized provider router
2026-03-11 20:02:36 -07:00
patch_parser.py
fix(patch): use regex to detect line-number prefix to avoid corrupting pipe chars
2026-03-14 03:47:13 -07:00
process_registry.py
fix: strip ANSI at the source — clean terminal output before it reaches the model
2026-03-23 07:43:12 -07:00
registry.py
feat(tools): centralize tool emoji metadata in registry + skin integration
2026-03-15 20:21:21 -07:00
rl_training_tool.py
fix: replace production print() calls with logger in rl_training_tool (salvage #1981) (#2462)
2026-03-22 04:35:23 -07:00
send_message_tool.py
fix: add missing platforms to cron/send_message delivery maps and tool schema
2026-03-20 08:52:21 -07:00
session_search_tool.py
docs: clarify two-mode behavior in session_search schema description
2026-03-24 18:08:06 -07:00
skill_manager_tool.py
fix(skills_guard): agent-created dangerous skills ask instead of block
2026-03-22 03:56:02 -07:00
skills_guard.py
fix(skills): agent-created skills were incorrectly treated as untrusted community content
2026-03-24 19:15:03 -07:00
skills_hub.py
fix: skills hub inspect/resolve — 4 bugs
2026-03-22 04:03:28 -07:00
skills_sync.py
fix: make skills manifest writes atomic
2026-03-08 23:53:57 -07:00
skills_tool.py
feat: env var passthrough for skills and user config (#2807)
2026-03-24 08:19:34 -07:00
terminal_tool.py
chore: remove all remaining mini-swe-agent references
2026-03-24 08:19:23 -07:00
tirith_security.py
fix: send_animation metadata, MarkdownV2 inline code splitting, tirith cosign-free install (#1626)
2026-03-16 23:39:41 -07:00
todo_tool.py
feat(tools): centralize tool emoji metadata in registry + skin integration
2026-03-15 20:21:21 -07:00
transcription_tools.py
fix(stt): respect explicit provider config instead of env-var fallback (#1775)
2026-03-17 10:30:58 -07:00
tts_tool.py
feat(tools): add base_url support to OpenAI TTS provider
2026-03-19 23:55:13 +08:00
url_safety.py
fix(security): add SSRF protection to vision_tools and web_tools (hardened)
2026-03-23 15:40:42 -07:00
vision_tools.py
fix: browser_vision ignores auxiliary.vision.timeout config (#2901)
2026-03-24 19:10:12 -07:00
voice_mode.py
fix: improve error message when PortAudio system library is missing
2026-03-22 04:38:17 -07:00
web_tools.py
fix(security): add SSRF protection to vision_tools and web_tools (hardened)
2026-03-23 15:40:42 -07:00
website_policy.py
fix: harden website blocklist — default off, TTL cache, fail-open, guarded imports
2026-03-17 03:11:26 -07:00