hermes-agent

Files

Teknium 92ad7cc62c fix(browser): recover from CDP DOM-node serialization crash in browser_console (#35385 )

browser_console(expression="document.body") returned the cryptic CDP error
"Object reference chain is too long" instead of a usable result.

With returnByValue=true, Chrome deep-serializes the eval result; for a live
DOM Node/NodeList/Window that serialization overruns CDP's recursion guard
and fails the whole call with a protocol-level error (not a JS exception),
which _browser_eval surfaced raw.

- browser_supervisor.evaluate_runtime: on that specific error, retry once
  with returnByValue=false so Chrome returns the node's description string —
  the same graceful path already used for document.querySelector() results.
- browser_tool._browser_eval (CLI subprocess fallback): the subprocess can't
  retry, so convert the reference-chain error into actionable guidance
  (extract a primitive / use JSON.stringify) instead of leaking it raw.

No expression rewriting — normal evals (1+41 -> 42) are untouched.

2026-05-30 07:31:25 -07:00

computer_use

style: restore PEP8 blank-line separation after dead-code removal

2026-05-29 04:22:27 -07:00

environments

fix: drain thread no longer crashes on fd-less stdout streams (#34789 )

2026-05-29 12:16:57 -07:00

neutts_samples

refactor(tts): replace NeuTTS optional skill with built-in provider + setup flow

2026-03-17 02:33:12 -07:00

__init__.py

Merge branch 'main' into rewbs/tool-use-charge-to-subscription

2026-03-31 08:48:54 +09:00

ansi_strip.py

fix: strip ANSI at the source — clean terminal output before it reaches the model

2026-03-23 07:43:12 -07:00

approval.py

fix(code-exec): restore approval context in execute_code RPC threads + guard entry

2026-05-29 03:44:49 -07:00

binary_extensions.py

fix(tools): address PR review — remove _extract_raw_output, BudgetConfig everywhere, read_file hardening

2026-04-08 02:24:32 -07:00

browser_camofox_state.py

feat(browser): add persistent Camofox sessions and VNC URL discovery (salvage #4400 ) (#4419 )

2026-04-01 04:18:50 -07:00

browser_camofox.py

fix(browser): rewrite Camofox Docker loopback URLs (#25541 )

2026-05-29 15:43:55 +10:00

browser_cdp_tool.py

chore: prune unused imports and duplicate import redefinitions

2026-05-28 22:26:25 -07:00

browser_dialog_tool.py

feat: auto-launch Chromium-family browser for CDP

2026-05-19 22:34:05 -07:00

browser_supervisor.py

fix(browser): recover from CDP DOM-node serialization crash in browser_console (#35385 )

2026-05-30 07:31:25 -07:00

browser_tool.py

fix(browser): recover from CDP DOM-node serialization crash in browser_console (#35385 )

2026-05-30 07:31:25 -07:00

budget_config.py

chore: remove Atropos RL environments and tinker-atropos integration (#26106 )

2026-05-15 10:36:38 +05:30

checkpoint_manager.py

chore: ruff auto-fix PLR6201 — tuple → set in membership tests (#23937 )

2026-05-11 11:13:25 -07:00

clarify_gateway.py

feat(gateway): wire clarify tool with inline keyboard buttons on Telegram (#24199 )

2026-05-12 16:33:33 -07:00

clarify_tool.py

refactor: add tool_error/tool_result helpers + read_raw_config, migrate 129 callsites

2026-04-07 13:36:38 -07:00

code_execution_tool.py

fix(code-exec): make dropped HERMES_* env vars diagnosable in sandbox scrub

2026-05-29 03:44:49 -07:00

computer_use_tool.py

feat(computer-use): cua-driver backend, universal any-model schema

2026-05-08 11:07:38 -07:00

credential_files.py

remove Vercel AI Gateway and Vercel Sandbox (#33067 )

2026-05-27 00:43:32 -07:00

cronjob_tools.py

chore: prune unused imports and duplicate import redefinitions

2026-05-28 22:26:25 -07:00

debug_helpers.py

refactor: codebase-wide lint cleanup — unused imports, dead code, and inefficient patterns (#5821 )

2026-04-07 10:25:31 -07:00

delegate_tool.py

fix(delegation): preserve configured_provider name when runtime returns 'custom'

2026-05-17 11:40:05 -07:00

discord_tool.py

feat: add Discord message deletion action

2026-05-07 05:11:09 -07:00

env_passthrough.py

harden(env_passthrough): apply GHSA-rhgp-j443-p4rf filter to config.yaml path (#27794 )

2026-05-25 03:35:23 -07:00

env_probe.py

feat(prompt): universal task-completion guidance + local Python toolchain probe (#34340 )

2026-05-28 22:26:09 -07:00

fal_common.py

refactor(image_gen): port FAL backend to plugins/image_gen/fal

2026-05-22 04:10:45 -07:00

feishu_doc_tool.py

perf(cli): cut ~19s from 'hermes' cold start (skills cache + lazy Feishu + no Nous HTTP) (#22138 )

2026-05-08 16:39:32 -07:00

feishu_drive_tool.py

perf(cli): cut ~19s from 'hermes' cold start (skills cache + lazy Feishu + no Nous HTTP) (#22138 )

2026-05-08 16:39:32 -07:00

file_operations.py

perf(read_file): compact line-number gutter — ~14% fewer tokens per read (#35368 )

2026-05-30 07:01:22 -07:00

file_state.py

feat(delegate): cross-agent file state coordination for concurrent subagents (#13718 )

2026-04-21 16:41:26 -07:00

file_tools.py

remove Vercel AI Gateway and Vercel Sandbox (#33067 )

2026-05-27 00:43:32 -07:00

fuzzy_match.py

fix(patch): widen new_string \t/\r unescape to all match strategies (#33733 )

2026-05-28 03:27:20 -07:00

homeassistant_tool.py

fix: clean up description escaping, add string-data tests

2026-04-13 04:45:07 -07:00

image_generation_tool.py

feat(auth) normalise the way in which we check whether a user has free/paid access to nous portal so we can expose behaviour and error messages accordingly.

2026-05-28 00:19:31 -07:00

interrupt.py

fix(interrupt): propagate to concurrent-tool workers + opt-in debug trace (#11907 )

2026-04-17 20:39:25 -07:00

kanban_tools.py

fix(kanban): bridge worker runtime activity to board heartbeat (#31752 )

2026-05-29 00:05:58 -07:00

lazy_deps.py

security: pin patched Starlette (>=1.0.1) for CVE-2026-48710 BadHost (#35118 )

2026-05-29 23:23:54 -07:00

managed_tool_gateway.py

fix(tools): add debug logging for token refresh and tighten domain check

2026-04-02 12:40:03 +11:00

mcp_oauth_manager.py

fix(mcp-oauth): persist OAuth server metadata across process restarts (#21226 )

2026-05-07 05:35:33 -07:00

mcp_oauth.py

feat(mcp-oauth): accept 'skip' at paste prompt to bypass auth without disabling server (#32069 )

2026-05-25 05:37:30 -07:00

mcp_tool.py

fix(mcp): reap stdio MCP grandchildren via process-group signal

2026-05-30 02:08:29 -07:00

memory_tool.py

chore: prune unused imports and duplicate import redefinitions

2026-05-28 22:26:25 -07:00

microsoft_graph_auth.py

feat(msgraph): add auth and client foundation

2026-05-08 09:27:26 -07:00

microsoft_graph_client.py

fix(msgraph): stream download_to_file body instead of buffering

2026-05-08 09:27:26 -07:00

mixture_of_agents_tool.py

chore: ruff auto-fix C401, C416, C408, PLR1722 (#23940 )

2026-05-11 11:20:58 -07:00

neutts_synth.py

fix(tts): document NeuTTS provider and align install guidance (#1903 )

2026-03-18 02:55:30 -07:00

openrouter_client.py

refactor: route ad-hoc LLM consumers through centralized provider router

2026-03-11 20:02:36 -07:00

osv_check.py

chore: ruff auto-fix PLR6201 — tuple → set in membership tests (#23937 )

2026-05-11 11:13:25 -07:00

patch_parser.py

fix(lint): skip per-file shell linter when LSP will handle the file (#29054 )

2026-05-20 01:46:40 -05:00

path_security.py

refactor: extract shared helpers to deduplicate repeated code patterns (#7917 )

2026-04-11 13:59:52 -07:00

process_registry.py

feat(cli): show live background terminal-process count in status bar (#32061 )

2026-05-25 05:35:02 -07:00

registry.py

security: sanitize tool error strings before injecting into model context (#26823 )

2026-05-16 00:57:39 -07:00

schema_sanitizer.py

fix(xai-responses): strip enum values containing '/' from tool schemas

2026-05-18 10:37:35 -07:00

send_message_tool.py

fix(tools): point email home-channel error at EMAIL_HOME_ADDRESS

2026-05-30 02:39:08 -07:00

session_search_tool.py

feat(session_search): single-shape tool with discovery, scroll, browse — no LLM (#27590 )

2026-05-17 23:28:45 -07:00

skill_manager_tool.py

fix(profiles): cross-profile soft guard on file-write tools + system-prompt hint (#31290 )

2026-05-24 00:38:17 -07:00

skill_provenance.py

fix(curator): only mark agent-created for background-review sediment (#19621 )

2026-05-04 02:42:16 -07:00

skill_usage.py

chore: prune unused imports and duplicate import redefinitions

2026-05-28 22:26:25 -07:00

skills_ast_audit.py

refactor(skills): slim AST diagnostic to single entry point

2026-05-23 17:47:26 -07:00

skills_guard.py

feat(skills): integrate NVIDIA/skills as a trusted skills hub tap

2026-05-29 12:24:39 -07:00

skills_hub.py

feat(skills): categorize tap skills from skills.sh.json grouping sidecar

2026-05-29 12:24:39 -07:00

skills_sync.py

fix(skills): make _rmtree_writable handle read-only directories, not just files

2026-05-30 02:05:10 -07:00

skills_tool.py

style: restore PEP8 blank-line separation after dead-code removal

2026-05-29 04:22:27 -07:00

slash_confirm.py

fix(async): close unscheduled coroutines in all threadsafe bridges (#26584 )

2026-05-15 14:00:01 -07:00

terminal_tool.py

fix(docker): cleanup_vm() default honors persist mode (don't kill container on session close)

2026-05-29 11:49:54 +10:00

thread_context.py

fix(code-exec): propagate agent-turn context into tool worker threads

2026-05-29 03:44:49 -07:00

threat_patterns.py

feat(security): promptware defense — shared threat patterns + memory load-time scan + tool-result delimiters (#32269 )

2026-05-25 14:52:24 -07:00

tirith_security.py

fix(tirith): reject non-regular tar members during auto-install process

2026-05-28 02:49:26 -07:00

todo_tool.py

chore: ruff auto-fix PLR6201 — tuple → set in membership tests (#23937 )

2026-05-11 11:13:25 -07:00

tool_backend_helpers.py

fix(tools): guard Path.home() against PermissionError in has_direct_modal_credentials (#33528 )

2026-05-29 13:35:39 +10:00

tool_output_limits.py

feat(skills): add design-md skill for Google's DESIGN.md spec (#14876 )

2026-04-23 21:51:19 -07:00

tool_result_storage.py

fix(tool-result-storage): persist via stdin to bypass 128 KB exec-arg cap (#22913 )

2026-05-09 18:44:58 -07:00

tool_search.py

fix(tool-search): scope bridge catalog + dispatch to the session's toolsets

2026-05-29 02:04:12 -07:00

transcription_tools.py

fix(stt,tts): restore mistralai — 2.4.8 is clean, ban lifted (#34841 )

2026-05-29 13:24:12 -07:00

tts_tool.py

fix(stt,tts): restore mistralai — 2.4.8 is clean, ban lifted (#34841 )

2026-05-29 13:24:12 -07:00

url_safety.py

fix(url_safety): block IPv4-mapped IPv6 addresses to prevent SSRF bypass

2026-05-18 10:51:15 -07:00

video_generation_tool.py

chore: ruff auto-fix PLR6201 resweep — tuple → set in membership tests (#27355 )

2026-05-17 02:29:41 -07:00

vision_tools.py

fix(vision): fail fast on non-retryable image download errors (#35221 )

2026-05-30 01:40:39 -07:00

voice_mode.py

fix(voice): honor PIPEWIRE_REMOTE in PortAudio fallback checks (#33473 )

2026-05-29 13:30:17 +10:00

web_tools.py

fix(web): ensure plugin discovery before web_*_tool registry lookups

2026-05-29 04:00:00 -07:00

website_policy.py

chore(web): remove web_crawl tool + provider crawl plumbing (#33824 )

2026-05-28 04:52:42 -07:00

x_search_tool.py

chore: prune unused imports and duplicate import redefinitions

2026-05-28 22:26:25 -07:00

xai_http.py

feat(web): add xAI Web Search provider plugin

2026-05-19 19:27:34 -07:00

yuanbao_tools.py

Fix unsafe gateway media path delivery

2026-05-23 01:40:35 -07:00