hermes-bsd/tools
Eugeniusz Gilewski def3f6388f fix(file): anchor device symlink guard to task cwd
The read_file device guard now walks symlink hops before the file operation
layer, but that hop walk still interpreted relative paths against the Python
process cwd. In sessions where TERMINAL_CWD points at the task workspace, a
relative workspace symlink to a blocked alias such as /dev/../dev/stdin could
therefore miss the intermediate device target before later task-cwd resolution.

Anchor relative device checks to the task base before symlink-hop inspection so
the pre-I/O guard sees the same workspace path that read_file would otherwise
read. Absolute device paths and the existing final realpath fallback remain
unchanged.

Refs #10141
Refs #29158
2026-06-21 12:16:10 -07:00
..
computer_use fix(#37878): scrub operator environment before launching cua-driver MCP 2026-06-18 08:53:31 -07:00
environments
neutts_samples
__init__.py
ansi_strip.py
approval.py feat(tools): MCP elicitation handler with gateway-aware approval routing 2026-06-19 11:46:25 -07:00
async_delegation.py feat(delegation): background fan-out — parallel subagents, one consolidated return (#49734) 2026-06-20 11:27:12 -07:00
binary_extensions.py
blueprints.py
browser_camofox.py
browser_camofox_state.py
browser_cdp_tool.py
browser_dialog_tool.py
browser_supervisor.py
browser_tool.py fix(browser): enable SSRF guard when terminal runs in container 2026-06-21 07:26:18 -07:00
budget_config.py fix(agent): scale tool-output budget to the model context window (#23767) 2026-06-21 17:46:38 +05:30
checkpoint_manager.py fix(cron): compact cron failure messages + repair bare repo dirs after git gc 2026-06-19 07:35:29 -07:00
clarify_gateway.py
clarify_tool.py fix(clarify): docstring — put options in choices[] only, never enumerate in question text 2026-06-19 07:34:02 -07:00
code_execution_tool.py
computer_use_tool.py
credential_files.py
cronjob_tools.py fix(cron): execute job immediately on action='run' 2026-06-21 13:28:04 +05:30
debug_helpers.py
delegate_tool.py fix(api-server): stop silently promising async delivery on stateless HTTP path (#50319) 2026-06-21 12:15:14 -07:00
discord_tool.py
env_passthrough.py
env_probe.py
fal_common.py
feishu_doc_tool.py
feishu_drive_tool.py
file_operations.py fix: warn on line-oriented newline search patterns 2026-06-20 23:23:47 -07:00
file_state.py
file_tools.py fix(file): anchor device symlink guard to task cwd 2026-06-21 12:16:10 -07:00
fuzzy_match.py docs: clean up three stale comments from the #32848 audit (#45638) 2026-06-19 16:09:30 -07:00
homeassistant_tool.py
image_generation_tool.py fix(tools): never let a model whitelist strip the prompt / source images 2026-06-19 16:59:54 -07:00
interrupt.py
kanban_tools.py fix(security): redact secrets in kanban tool payloads before persistence 2026-06-21 12:02:30 -07:00
lazy_deps.py fix(dashboard): clean up upload temp file on client disconnect + pin python-multipart (NS-501) 2026-06-18 11:32:18 +05:30
managed_tool_gateway.py
mcp_oauth.py
mcp_oauth_manager.py
mcp_tool.py fix(mcp): detect 'unknown method' phrasing in ping keepalive fallback 2026-06-21 16:02:56 +05:30
memory_tool.py fix(memory): recover from missing old_text on single-op replace/remove (#49997) 2026-06-20 23:46:52 -07:00
microsoft_graph_auth.py
microsoft_graph_client.py
mixture_of_agents_tool.py
neutts_synth.py
openrouter_client.py
osv_check.py
patch_parser.py
path_security.py
process_registry.py fix(process): keep CLI drain dedup after poll goes read-only (#10156) 2026-06-21 11:11:23 -07:00
read_extract.py
read_terminal_tool.py
registry.py
schema_sanitizer.py
send_message_tool.py refactor(gateway): migrate slack/dingtalk/whatsapp/matrix/feishu/telegram/wecom/email/sms adapters to bundled plugins 2026-06-20 10:26:45 -07:00
session_search_tool.py docs(session-search): document source-first retrieval limits 2026-06-20 23:23:47 -07:00
skill_manager_tool.py
skill_provenance.py
skill_usage.py
skills_ast_audit.py
skills_guard.py
skills_hub.py
skills_sync.py fix(skills): refuse SKILLS_DIR root in rmtree guard, not just outside-tree 2026-06-18 08:53:35 -07:00
skills_tool.py
slash_confirm.py
terminal_tool.py fix(api-server): stop silently promising async delivery on stateless HTTP path (#50319) 2026-06-21 12:15:14 -07:00
thread_context.py
threat_patterns.py
tirith_security.py
todo_tool.py
tool_backend_helpers.py
tool_output_limits.py
tool_result_storage.py
tool_search.py
transcription_tools.py
tts_tool.py feat(tts): add xAI TTS speed and optimize_streaming_latency config knobs 2026-06-19 07:26:56 -07:00
url_safety.py
video_generation_tool.py
vision_tools.py
voice_mode.py
web_tools.py
website_policy.py
write_approval.py
x_search_tool.py
xai_http.py
yuanbao_tools.py