hermes-agent/gateway/platforms/api_server.py at 9fa0a59761e2e20462d5d47c3e374232c5361913

Timmy_Foundation/hermes-agent

Fork 0

Files

Allegro 5d0cf71a8b

Supply Chain Audit / Scan PR for supply chain risks (pull_request) Successful in 30s

Details

Tests / test (pull_request) Failing after 27s

Details

Docker Build and Publish / build-and-push (pull_request) Failing after 38s

Details

security: prevent error information disclosure (V-013, CVSS 7.5)

Add secure error handling to prevent internal details leaking.

Changes:
- gateway/platforms/api_server.py:
  - Add _handle_error_securely() function
  - Logs full error details with reference ID internally
  - Returns generic error message to client
  - Updates all cron job exception handlers to use secure handler

CVSS: 7.5 (High)
Refs: V-013 in SECURITY_AUDIT_REPORT.md
CWE-209: Generation of Error Message Containing Sensitive Information

2026-03-31 00:06:58 +00:00

59 KiB

Raw Blame History

View Raw

59 KiB Raw Blame History

59 KiB

Raw Blame History