ling/hermes-agent
1
0
Fork 0
mirror of https://github.com/NousResearch/hermes-agent.git synced 2026-04-29 15:31:38 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
a1425d7fb5198d738c322a8dac91c434d36d854c
hermes-agent/tools
History
buray 26b2fc360f fix(skills): detect prompt injection patterns and block cache file reads 
Adds two security layers to prevent prompt injection via skills hub
cache files (#1558):

1. read_file: blocks direct reads of ~/.hermes/skills/.hub/ directory
   (index-cache, catalog files). The 3.5MB clawhub_catalog_v1.json
   was the original injection vector — untrusted skill descriptions
   in the catalog contained adversarial text that the model executed.

2. skill_view: warns when skills are loaded from outside the trusted
   ~/.hermes/skills/ directory, and detects common injection patterns
   in skill content ("ignore previous instructions", "<system>", etc.).

Cherry-picked from PR #1562 by ygd58.
2026-03-17 01:49:49 -07:00
..
browser_providers
feat(browser): multi-provider cloud browser support + Browser Use integration
2026-03-17 00:16:34 -07:00
environments
fix(docker): gate cwd workspace mount behind config
2026-03-16 05:20:56 -07:00
__init__.py
feat: compress cron management into one tool
2026-03-14 12:21:50 -07:00
approval.py
feat: smart approvals + /stop command (inspired by OpenAI Codex)
2026-03-16 06:20:11 -07:00
browser_tool.py
feat(browser): multi-provider cloud browser support + Browser Use integration
2026-03-17 00:16:34 -07:00
checkpoint_manager.py
feat: major /rollback improvements — enabled by default, diff preview, file-level restore, conversation undo, terminal checkpoints
2026-03-16 04:43:37 -07:00
clarify_tool.py
feat(tools): centralize tool emoji metadata in registry + skin integration
2026-03-15 20:21:21 -07:00
code_execution_tool.py
fix: improve execute_code error logging and harden cleanup (#1623)
2026-03-16 23:13:26 -07:00
cronjob_tools.py
fix(tools): remove unnecessary crontab requirement from cronjob tool (#1638)
2026-03-17 01:40:02 -07:00
debug_helpers.py
refactor: consolidate debug logging across tools with shared DebugSession class
2026-02-21 03:53:24 -08:00
delegate_tool.py
feat(tools): centralize tool emoji metadata in registry + skin integration
2026-03-15 20:21:21 -07:00
file_operations.py
Merge PR #533: fix: use regex for search output parsing to handle Windows drive-letter paths
2026-03-09 23:18:42 -07:00
file_tools.py
fix(skills): detect prompt injection patterns and block cache file reads
2026-03-17 01:49:49 -07:00
fuzzy_match.py
feat: permissive block_anchor thresholds and unicode normalization (#1539)
2026-03-16 05:29:25 -07:00
homeassistant_tool.py
feat(tools): centralize tool emoji metadata in registry + skin integration
2026-03-15 20:21:21 -07:00
honcho_tools.py
fix(honcho): isolate session routing for multi-user gateway (#1500)
2026-03-16 00:23:47 -07:00
image_generation_tool.py
feat(tools): centralize tool emoji metadata in registry + skin integration
2026-03-15 20:21:21 -07:00
interrupt.py
feat: enhance interrupt handling and container resource configuration
2026-02-23 02:11:33 -08:00
mcp_tool.py
feat(mcp): make selective tool loading capability-aware
2026-03-14 06:22:02 -07:00
memory_tool.py
feat: improve memory prioritization + aggressive skill updates (inspired by OpenAI Codex)
2026-03-16 06:52:32 -07:00
mixture_of_agents_tool.py
feat(tools): centralize tool emoji metadata in registry + skin integration
2026-03-15 20:21:21 -07:00
openrouter_client.py
refactor: route ad-hoc LLM consumers through centralized provider router
2026-03-11 20:02:36 -07:00
patch_parser.py
fix(patch): use regex to detect line-number prefix to avoid corrupting pipe chars
2026-03-14 03:47:13 -07:00
process_registry.py
feat(tools): centralize tool emoji metadata in registry + skin integration
2026-03-15 20:21:21 -07:00
registry.py
feat(tools): centralize tool emoji metadata in registry + skin integration
2026-03-15 20:21:21 -07:00
rl_training_tool.py
feat(tools): centralize tool emoji metadata in registry + skin integration
2026-03-15 20:21:21 -07:00
send_message_tool.py
fix: apply MarkdownV2 formatting in _send_telegram for proper rendering
2026-03-17 01:44:11 -07:00
session_search_tool.py
fix(logging): improve error logging in session search tool (#1533)
2026-03-16 05:22:00 -07:00
skill_manager_tool.py
feat: improve memory prioritization + aggressive skill updates (inspired by OpenAI Codex)
2026-03-16 06:52:32 -07:00
skills_guard.py
fix(skills): honor policy table for dangerous verdicts
2026-03-14 11:27:02 -07:00
skills_hub.py
fix: improve clawhub skill search matching
2026-03-14 23:15:04 -07:00
skills_sync.py
fix: make skills manifest writes atomic
2026-03-08 23:53:57 -07:00
skills_tool.py
fix(skills): detect prompt injection patterns and block cache file reads
2026-03-17 01:49:49 -07:00
terminal_tool.py
fix(docker): gate cwd workspace mount behind config
2026-03-16 05:20:56 -07:00
tirith_security.py
fix: send_animation metadata, MarkdownV2 inline code splitting, tirith cosign-free install (#1626)
2026-03-16 23:39:41 -07:00
todo_tool.py
feat(tools): centralize tool emoji metadata in registry + skin integration
2026-03-15 20:21:21 -07:00
transcription_tools.py
fix: restore local STT fallback for gateway voice notes
2026-03-15 21:51:40 -07:00
tts_tool.py
feat(tools): centralize tool emoji metadata in registry + skin integration
2026-03-15 20:21:21 -07:00
vision_tools.py
feat(tools): centralize tool emoji metadata in registry + skin integration
2026-03-15 20:21:21 -07:00
voice_mode.py
fix: propagate STT disable through shared transcription config
2026-03-14 22:09:59 -07:00
web_tools.py
feat(tools): centralize tool emoji metadata in registry + skin integration
2026-03-15 20:21:21 -07:00