Bug
redact_sensitive_text() applies ENV assignment and JSON field regex patterns to all content equally. When reading source code files, legitimate patterns get redacted:
MAX_TOKENS=100 → triggers ENV pattern (false positive)"key": "value" in code → triggers JSON field pattern (false positive)"apiKey": "test" in test fixtures → triggers JSON field pattern
This makes read_file and terminal output of source code unreliable for the agent, breaking code analysis and editing workflows.
Reproduction
- Have hermes agent read a Python/Java source file containing
SOME_TOKENS = 42
- Observe the value gets redacted as if it were a leaked secret
Expected Behavior
- When
code_file=True is passed, skip ENV assignment and JSON field regex patterns
- Known prefix patterns (sk-, ghp-, etc.), auth headers, private keys, DB connection strings should ALWAYS be redacted regardless of code_file flag
Suggested Fix
Add code_file=False parameter to redact_sensitive_text(). In _apply_regex_passes(), skip _ENV_ASSIGN_RE and _JSON_FIELD_RE when code_file=True.
Environment
- hermes-agent latest main
- Affects all code file reading through agent tools
Bug
redact_sensitive_text()applies ENV assignment and JSON field regex patterns to all content equally. When reading source code files, legitimate patterns get redacted:MAX_TOKENS=100→ triggers ENV pattern (false positive)"key": "value"in code → triggers JSON field pattern (false positive)"apiKey": "test"in test fixtures → triggers JSON field patternThis makes
read_fileandterminaloutput of source code unreliable for the agent, breaking code analysis and editing workflows.Reproduction
SOME_TOKENS = 42Expected Behavior
code_file=Trueis passed, skip ENV assignment and JSON field regex patternsSuggested Fix
Add
code_file=Falseparameter toredact_sensitive_text(). In_apply_regex_passes(), skip_ENV_ASSIGN_REand_JSON_FIELD_REwhencode_file=True.Environment