Timmy_Foundation/hermes-agent
15
0
Fork 0
Code Issues 41 Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
c288bbfb57f31ef448796c227af2a1e7acf4cd13
hermes-agent/tools
History
Teknium 5602458794 security: harden dangerous command detection and add file tool path guards (#3872) 
Closes gaps that allowed an agent to expose Docker's Remote API to the
internet by writing to /etc/docker/daemon.json.

Terminal tool (approval.py):
- chmod: now catches 666 and symbolic modes (o+w, a+w), not just 777
- cp/mv/install: detected when targeting /etc/
- sed -i/--in-place: detected when targeting /etc/

File tools (file_tools.py):
- write_file and patch now refuse to write to sensitive system paths
  (/etc/, /boot/, /usr/lib/systemd/, docker.sock)
- Directs users to the terminal tool (which has approval prompts) for
  system file modifications
2026-03-29 22:33:47 -07:00
..
browser_providers
feat(browser): multi-provider cloud browser support + Browser Use integration
2026-03-17 00:16:34 -07:00
environments
fix(terminal): preserve partial output when command times out (#3868)
2026-03-29 21:51:44 -07:00
neutts_samples
refactor(tts): replace NeuTTS optional skill with built-in provider + setup flow
2026-03-17 02:33:12 -07:00
__init__.py
chore: remove all remaining mini-swe-agent references
2026-03-24 08:19:23 -07:00
ansi_strip.py
fix: strip ANSI at the source — clean terminal output before it reaches the model
2026-03-23 07:43:12 -07:00
approval.py
security: harden dangerous command detection and add file tool path guards (#3872)
2026-03-29 22:33:47 -07:00
browser_tool.py
fix(browser): guard LLM response content against None in snapshot and vision (#3642)
2026-03-28 17:25:04 -07:00
checkpoint_manager.py
chore: fix 154 f-strings, simplify getattr/URL patterns, remove dead code (#3119)
2026-03-25 19:47:58 -07:00
clarify_tool.py
chore: remove ~100 unused imports across 55 files (#3016)
2026-03-25 15:02:03 -07:00
code_execution_tool.py
feat: env var passthrough for skills and user config (#2807)
2026-03-24 08:19:34 -07:00
credential_files.py
feat: mount skill credential files + fix env passthrough for remote backends (#3671)
2026-03-28 23:53:40 -07:00
cronjob_tools.py
feat(gateway): add WeCom (Enterprise WeChat) platform support (#3847)
2026-03-29 21:29:13 -07:00
debug_helpers.py
refactor: consolidate debug logging across tools with shared DebugSession class
2026-02-21 03:53:24 -08:00
delegate_tool.py
fix: report subagent status as completed when summary exists (#3829)
2026-03-29 18:21:36 -07:00
env_passthrough.py
feat: env var passthrough for skills and user config (#2807)
2026-03-24 08:19:34 -07:00
file_operations.py
fix(paths): respect HERMES_HOME for protected .env write-deny path (#3840)
2026-03-29 18:02:11 -07:00
file_tools.py
security: harden dangerous command detection and add file tool path guards (#3872)
2026-03-29 22:33:47 -07:00
fuzzy_match.py
chore: fix 154 f-strings, simplify getattr/URL patterns, remove dead code (#3119)
2026-03-25 19:47:58 -07:00
homeassistant_tool.py
feat(tools): centralize tool emoji metadata in registry + skin integration
2026-03-15 20:21:21 -07:00
honcho_tools.py
fix(banner): show honcho tools as available when configured (#3810)
2026-03-29 15:55:05 -07:00
image_generation_tool.py
chore: remove ~100 unused imports across 55 files (#3016)
2026-03-25 15:02:03 -07:00
interrupt.py
feat: enhance interrupt handling and container resource configuration
2026-02-23 02:11:33 -08:00
mcp_oauth.py
chore: fix 154 f-strings, simplify getattr/URL patterns, remove dead code (#3119)
2026-03-25 19:47:58 -07:00
mcp_tool.py
feat(mcp): dynamic tool discovery via notifications/tools/list_changed (#3812)
2026-03-29 15:52:54 -07:00
memory_tool.py
fix: cap percentage displays at 100% in stats, gateway, and memory tool (#3599)
2026-03-28 14:55:18 -07:00
mixture_of_agents_tool.py
fix: guard aux LLM calls against None content + reasoning fallback + retry (salvage #3389) (#3449)
2026-03-27 15:28:19 -07:00
neutts_synth.py
fix(tts): document NeuTTS provider and align install guidance (#1903)
2026-03-18 02:55:30 -07:00
openrouter_client.py
refactor: route ad-hoc LLM consumers through centralized provider router
2026-03-11 20:02:36 -07:00
patch_parser.py
fix: handle addition-only hunks in V4A patch parser (#3325)
2026-03-26 19:38:04 -07:00
process_registry.py
chore: remove ~100 unused imports across 55 files (#3016)
2026-03-25 15:02:03 -07:00
registry.py
feat(mcp): dynamic tool discovery via notifications/tools/list_changed (#3812)
2026-03-29 15:52:54 -07:00
rl_training_tool.py
chore: fix 154 f-strings, simplify getattr/URL patterns, remove dead code (#3119)
2026-03-25 19:47:58 -07:00
send_message_tool.py
feat(gateway): add WeCom (Enterprise WeChat) platform support (#3847)
2026-03-29 21:29:13 -07:00
session_search_tool.py
fix: session_search fallback preview on summarization failure (salvage #3413) (#3478)
2026-03-27 21:27:51 -07:00
skill_manager_tool.py
fix(skills): block category path traversal in skill manager (#3844)
2026-03-29 20:08:22 -07:00
skills_guard.py
fix: guard aux LLM calls against None content + reasoning fallback + retry (salvage #3389) (#3449)
2026-03-27 15:28:19 -07:00
skills_hub.py
feat(skills): add garrytan/gstack as default Skills Hub tap (#3605)
2026-03-28 14:55:49 -07:00
skills_sync.py
refactor: consolidate get_hermes_home() and parse_reasoning_effort() (#3062)
2026-03-25 15:54:28 -07:00
skills_tool.py
feat(skills): support external skill directories via config (#3678)
2026-03-29 00:33:30 -07:00
terminal_tool.py
fix: make display_hermes_home imports lazy to prevent ImportError during hermes update (#3776)
2026-03-29 15:15:17 -07:00
tirith_security.py
chore: fix 154 f-strings, simplify getattr/URL patterns, remove dead code (#3119)
2026-03-25 19:47:58 -07:00
todo_tool.py
feat(tools): centralize tool emoji metadata in registry + skin integration
2026-03-15 20:21:21 -07:00
transcription_tools.py
add .aac audio file format support to transcription tool (#3865)
2026-03-29 21:27:03 -07:00
tts_tool.py
fix: make display_hermes_home imports lazy to prevent ImportError during hermes update (#3776)
2026-03-29 15:15:17 -07:00
url_safety.py
fix(security): add SSRF protection to vision_tools and web_tools (hardened)
2026-03-23 15:40:42 -07:00
vision_tools.py
fix(vision): reject non-image files and enforce website policy (salvage #1940) (#3845)
2026-03-29 20:55:04 -07:00
voice_mode.py
chore: remove ~100 unused imports across 55 files (#3016)
2026-03-25 15:02:03 -07:00
web_tools.py
feat(web): add Exa as a web search and extract backend (#3648)
2026-03-28 17:35:53 -07:00
website_policy.py
refactor: consolidate get_hermes_home() and parse_reasoning_effort() (#3062)
2026-03-25 15:54:28 -07:00