openclaw/hermes-agent
1
0
Fork 0
Code Issues Pull Requests Actions 9 Packages Projects Releases Wiki Activity

fix: apply hidden_div regex newline bypass fix to skills_guard.py

Browse Source 
The same .* pattern vulnerable to newline bypass that was fixed in
prompt_builder.py (PR #6925) also existed in skills_guard.py. Changed
to [\s\S]*? to match across newlines.
This commit is contained in:
Teknium
2026-04-10 03:01:47 -07:00
committed by Teknium
parent 9afe1784bd
commit 30ae68dd33
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
tools/skills_guard.py
View File

@ -190,7 +190,7 @@ THREAT_PATTERNS = [
(r'<!--[^>]*(?:ignore|override|system|secret|hidden)[^>]*-->',
"html_comment_injection", "high", "injection",
"hidden instructions in HTML comments"),
(r'<\s*div\s+style\s*=\s*["\'].*display\s*:\s*none',
(r'<\s*div\s+style\s*=\s*["\'][\s\S]*?display\s*:\s*none',
"hidden_div", "high", "injection",
"hidden HTML div (invisible instructions)"),