openclaw/hermes-agent
1
0
Fork 0
Code Issues Pull Requests Actions 9 Packages Projects Releases Wiki Activity
Files
54bf798765d3d529978dd04e3bfc95d93d6504eb
hermes-agent/tools
History
Брагарник Дмитро 54bf798765 approval: add docker restart/stop/kill to DANGEROUS_PATTERNS (#33438) 
When docker.sock is mounted (common Docker Compose pattern), the agent
can restart/stop/kill containers without user approval. hermes gateway
restart is already protected, but docker restart, docker stop,
docker kill, and their docker compose equivalents were not.

This caused repeated self-termination: the agent ran docker restart
hermes, killed its own container, Docker restarted it (restart policy),
and the agent resumed the same session — creating a restart loop.

Added patterns mirror the existing gateway lifecycle protection:
- docker compose restart/stop/kill/down
- docker restart/stop/kill

Co-authored-by: Sarbai <sarbai@users.noreply.github.com>
2026-05-29 13:26:54 +10:00
..
computer_use
fix(computer-use): skip capture_after when action failed (ok=False)
2026-05-22 01:19:01 -07:00
environments
fix(docker): persist-mode cleanup is no-op; add force_remove kwarg (#20561)
2026-05-29 11:49:54 +10:00
neutts_samples
refactor(tts): replace NeuTTS optional skill with built-in provider + setup flow
2026-03-17 02:33:12 -07:00
__init__.py
Merge branch 'main' into rewbs/tool-use-charge-to-subscription
2026-03-31 08:48:54 +09:00
ansi_strip.py
fix: strip ANSI at the source — clean terminal output before it reaches the model
2026-03-23 07:43:12 -07:00
approval.py
approval: add docker restart/stop/kill to DANGEROUS_PATTERNS (#33438)
2026-05-29 13:26:54 +10:00
binary_extensions.py
fix(tools): address PR review — remove _extract_raw_output, BudgetConfig everywhere, read_file hardening
2026-04-08 02:24:32 -07:00
browser_camofox_state.py
feat(browser): add persistent Camofox sessions and VNC URL discovery (salvage #4400) (#4419)
2026-04-01 04:18:50 -07:00
browser_camofox.py
feat: auto-launch Chromium-family browser for CDP
2026-05-19 22:34:05 -07:00
browser_cdp_tool.py
feat: auto-launch Chromium-family browser for CDP
2026-05-19 22:34:05 -07:00
browser_dialog_tool.py
feat: auto-launch Chromium-family browser for CDP
2026-05-19 22:34:05 -07:00
browser_supervisor.py
fix(async): close unscheduled coroutines in all threadsafe bridges (#26584)
2026-05-15 14:00:01 -07:00
browser_tool.py
fix(vision): route auxiliary.vision.provider=openai to api.openai.com, skip text-only main (#31452)
2026-05-24 15:01:28 -07:00
budget_config.py
chore: remove Atropos RL environments and tinker-atropos integration (#26106)
2026-05-15 10:36:38 +05:30
checkpoint_manager.py
chore: ruff auto-fix PLR6201 — tuple → set in membership tests (#23937)
2026-05-11 11:13:25 -07:00
clarify_gateway.py
feat(gateway): wire clarify tool with inline keyboard buttons on Telegram (#24199)
2026-05-12 16:33:33 -07:00
clarify_tool.py
refactor: add tool_error/tool_result helpers + read_raw_config, migrate 129 callsites
2026-04-07 13:36:38 -07:00
code_execution_tool.py
remove Vercel AI Gateway and Vercel Sandbox (#33067)
2026-05-27 00:43:32 -07:00
computer_use_tool.py
feat(computer-use): cua-driver backend, universal any-model schema
2026-05-08 11:07:38 -07:00
credential_files.py
remove Vercel AI Gateway and Vercel Sandbox (#33067)
2026-05-27 00:43:32 -07:00
cronjob_tools.py
fix(cron): clarify schedule is required for create in tool schema
2026-05-26 14:09:37 -07:00
debug_helpers.py
refactor: codebase-wide lint cleanup — unused imports, dead code, and inefficient patterns (#5821)
2026-04-07 10:25:31 -07:00
delegate_tool.py
fix(delegation): preserve configured_provider name when runtime returns 'custom'
2026-05-17 11:40:05 -07:00
discord_tool.py
feat: add Discord message deletion action
2026-05-07 05:11:09 -07:00
env_passthrough.py
harden(env_passthrough): apply GHSA-rhgp-j443-p4rf filter to config.yaml path (#27794)
2026-05-25 03:35:23 -07:00
fal_common.py
refactor(image_gen): port FAL backend to plugins/image_gen/fal
2026-05-22 04:10:45 -07:00
feishu_doc_tool.py
perf(cli): cut ~19s from 'hermes' cold start (skills cache + lazy Feishu + no Nous HTTP) (#22138)
2026-05-08 16:39:32 -07:00
feishu_drive_tool.py
perf(cli): cut ~19s from 'hermes' cold start (skills cache + lazy Feishu + no Nous HTTP) (#22138)
2026-05-08 16:39:32 -07:00
file_operations.py
remove Vercel AI Gateway and Vercel Sandbox (#33067)
2026-05-27 00:43:32 -07:00
file_state.py
feat(delegate): cross-agent file state coordination for concurrent subagents (#13718)
2026-04-21 16:41:26 -07:00
file_tools.py
remove Vercel AI Gateway and Vercel Sandbox (#33067)
2026-05-27 00:43:32 -07:00
fuzzy_match.py
fix(patch): widen new_string \t/\r unescape to all match strategies (#33733)
2026-05-28 03:27:20 -07:00
homeassistant_tool.py
fix: clean up description escaping, add string-data tests
2026-04-13 04:45:07 -07:00
image_generation_tool.py
feat(auth) normalise the way in which we check whether a user has free/paid access to nous portal so we can expose behaviour and error messages accordingly.
2026-05-28 00:19:31 -07:00
interrupt.py
fix(interrupt): propagate to concurrent-tool workers + opt-in debug trace (#11907)
2026-04-17 20:39:25 -07:00
kanban_tools.py
feat(kanban): stamp originating ACP session_id on tasks
2026-05-18 21:15:21 -07:00
lazy_deps.py
remove Vercel AI Gateway and Vercel Sandbox (#33067)
2026-05-27 00:43:32 -07:00
managed_tool_gateway.py
fix(tools): add debug logging for token refresh and tighten domain check
2026-04-02 12:40:03 +11:00
mcp_oauth_manager.py
fix(mcp-oauth): persist OAuth server metadata across process restarts (#21226)
2026-05-07 05:35:33 -07:00
mcp_oauth.py
feat(mcp-oauth): accept 'skip' at paste prompt to bypass auth without disabling server (#32069)
2026-05-25 05:37:30 -07:00
mcp_tool.py
fix(mcp): resolve bare npx/npm/node against /usr/local/bin
2026-05-29 10:05:42 +10:00
memory_tool.py
feat(security): promptware defense — shared threat patterns + memory load-time scan + tool-result delimiters (#32269)
2026-05-25 14:52:24 -07:00
microsoft_graph_auth.py
feat(msgraph): add auth and client foundation
2026-05-08 09:27:26 -07:00
microsoft_graph_client.py
fix(msgraph): stream download_to_file body instead of buffering
2026-05-08 09:27:26 -07:00
mixture_of_agents_tool.py
chore: ruff auto-fix C401, C416, C408, PLR1722 (#23940)
2026-05-11 11:20:58 -07:00
neutts_synth.py
fix(tts): document NeuTTS provider and align install guidance (#1903)
2026-03-18 02:55:30 -07:00
openrouter_client.py
refactor: route ad-hoc LLM consumers through centralized provider router
2026-03-11 20:02:36 -07:00
osv_check.py
chore: ruff auto-fix PLR6201 — tuple → set in membership tests (#23937)
2026-05-11 11:13:25 -07:00
patch_parser.py
fix(lint): skip per-file shell linter when LSP will handle the file (#29054)
2026-05-20 01:46:40 -05:00
path_security.py
refactor: extract shared helpers to deduplicate repeated code patterns (#7917)
2026-04-11 13:59:52 -07:00
process_registry.py
feat(cli): show live background terminal-process count in status bar (#32061)
2026-05-25 05:35:02 -07:00
registry.py
security: sanitize tool error strings before injecting into model context (#26823)
2026-05-16 00:57:39 -07:00
schema_sanitizer.py
fix(xai-responses): strip enum values containing '/' from tool schemas
2026-05-18 10:37:35 -07:00
send_message_tool.py
fix(gateway): default media-delivery validation to denylist-only, restore .md delivery (#34022)
2026-05-28 11:32:36 -07:00
session_search_tool.py
feat(session_search): single-shape tool with discovery, scroll, browse — no LLM (#27590)
2026-05-17 23:28:45 -07:00
skill_manager_tool.py
fix(profiles): cross-profile soft guard on file-write tools + system-prompt hint (#31290)
2026-05-24 00:38:17 -07:00
skill_provenance.py
fix(curator): only mark agent-created for background-review sediment (#19621)
2026-05-04 02:42:16 -07:00
skill_usage.py
fix(skills): prune dependency/venv dirs from all skill scanners (#30042)
2026-05-21 14:18:02 -07:00
skills_ast_audit.py
refactor(skills): slim AST diagnostic to single entry point
2026-05-23 17:47:26 -07:00
skills_guard.py
Harden Skills Guard multi-word prompt patterns (#26852)
2026-05-25 01:51:27 -07:00
skills_hub.py
fix(skills): pull full skills.sh catalog via sitemap (858 → 19,932) (#34025)
2026-05-28 11:28:12 -07:00
skills_sync.py
fix(skills): atomic lock write + drop dead _validate_category_name
2026-05-27 13:39:58 -07:00
skills_tool.py
remove Vercel AI Gateway and Vercel Sandbox (#33067)
2026-05-27 00:43:32 -07:00
slash_confirm.py
fix(async): close unscheduled coroutines in all threadsafe bridges (#26584)
2026-05-15 14:00:01 -07:00
terminal_tool.py
fix(docker): cleanup_vm() default honors persist mode (don't kill container on session close)
2026-05-29 11:49:54 +10:00
threat_patterns.py
feat(security): promptware defense — shared threat patterns + memory load-time scan + tool-result delimiters (#32269)
2026-05-25 14:52:24 -07:00
tirith_security.py
fix(tirith): reject non-regular tar members during auto-install process
2026-05-28 02:49:26 -07:00
todo_tool.py
chore: ruff auto-fix PLR6201 — tuple → set in membership tests (#23937)
2026-05-11 11:13:25 -07:00
tool_backend_helpers.py
fix(auth): refresh Nous entitlement in tool menus
2026-05-28 00:19:31 -07:00
tool_output_limits.py
feat(skills): add design-md skill for Google's DESIGN.md spec (#14876)
2026-04-23 21:51:19 -07:00
tool_result_storage.py
fix(tool-result-storage): persist via stdin to bypass 128 KB exec-arg cap (#22913)
2026-05-09 18:44:58 -07:00
transcription_tools.py
feat(auth) normalise the way in which we check whether a user has free/paid access to nous portal so we can expose behaviour and error messages accordingly.
2026-05-28 00:19:31 -07:00
tts_tool.py
feat(auth) normalise the way in which we check whether a user has free/paid access to nous portal so we can expose behaviour and error messages accordingly.
2026-05-28 00:19:31 -07:00
url_safety.py
fix(url_safety): block IPv4-mapped IPv6 addresses to prevent SSRF bypass
2026-05-18 10:51:15 -07:00
video_generation_tool.py
chore: ruff auto-fix PLR6201 resweep — tuple → set in membership tests (#27355)
2026-05-17 02:29:41 -07:00
vision_tools.py
fix(vision): route auxiliary.vision.provider=openai to api.openai.com, skip text-only main (#31452)
2026-05-24 15:01:28 -07:00
voice_mode.py
docs(voice): use uv pip install faster-whisper in STT install hints (#29800)
2026-05-28 16:23:14 +10:00
web_tools.py
chore(web): remove web_crawl tool + provider crawl plumbing (#33824)
2026-05-28 04:52:42 -07:00
website_policy.py
chore(web): remove web_crawl tool + provider crawl plumbing (#33824)
2026-05-28 04:52:42 -07:00
x_search_tool.py
fix(x_search): surface degraded results + validate dates
2026-05-21 02:38:45 +05:30
xai_http.py
feat(web): add xAI Web Search provider plugin
2026-05-19 19:27:34 -07:00
yuanbao_tools.py
Fix unsafe gateway media path delivery
2026-05-23 01:40:35 -07:00