mirror of
https://github.com/NousResearch/hermes-agent.git
synced 2026-04-28 15:01:34 +08:00
1909877e6e
vision_tools.py: _download_image() loads the full HTTP response body into memory via response.content (line 190) with no Content-Length check and no max file size limit. An attacker-hosted multi-gigabyte file causes OOM. Add a 50 MB hard cap: check Content-Length header before download, and verify actual body size before writing to disk. hermes_parser.py: tc_data["name"] at line 57 raises KeyError when the LLM outputs a tool call JSON without a "name" field. The outer except catches it silently, causing the entire tool call to be lost with zero diagnostics. Add "name" field validation before constructing the ChatCompletionMessage. mistral_parser.py: tc["name"] at line 101 has the same KeyError issue in the pre-v11 format path. The fallback decoder (line 112) already checks "name" correctly, but the primary path does not. Add validation to match. Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>