Skip to content

fix(profile): reject symlinks in profile distributions#25292

Merged
teknium1 merged 1 commit into
NousResearch:mainfrom
binhnt92:codex/profile-distribution-symlink-guard
May 25, 2026
Merged

fix(profile): reject symlinks in profile distributions#25292
teknium1 merged 1 commit into
NousResearch:mainfrom
binhnt92:codex/profile-distribution-symlink-guard

Conversation

@binhnt92

@binhnt92 binhnt92 commented May 13, 2026

Copy link
Copy Markdown
Contributor

Summary

  • reject symlinks in staged profile distributions before reading manifests or copying files
  • cover the install path with a regression test for symlinked files under skills

Why

Profile distributions can be installed from git or local directories. Python copy helpers follow file symlinks by default, so a malicious distribution could cause install/update to copy local host file contents into the installed profile. Distribution artifacts should be portable regular files/directories, so the installer now fails fast on symlinks.

Tests

  • python3 -m pytest tests/hermes_cli/test_profile_distribution.py::TestSecurity::test_install_rejects_symlinked_distribution_files -q
  • python3 -m pytest tests/hermes_cli/test_profile_distribution.py -q
  • python3 -m ruff check hermes_cli/profile_distribution.py tests/hermes_cli/test_profile_distribution.py
  • python3 -m compileall -q hermes_cli/profile_distribution.py tests/hermes_cli/test_profile_distribution.py
  • git diff --check

@alt-glitch alt-glitch added type/security Security vulnerability or hardening comp/cli CLI entry point, hermes_cli/, setup wizard P2 Medium — degraded but workaround exists labels May 14, 2026
@binhnt92 binhnt92 changed the title [codex] reject symlinks in profile distributions fix(profile): reject symlinks in profile distributions May 14, 2026
@teknium1 teknium1 merged commit 46d8b5d into NousResearch:main May 25, 2026
13 of 14 checks passed
@teknium1 teknium1 mentioned this pull request May 25, 2026
Closed
@bot-ted bot-ted mentioned this pull request May 25, 2026
Merged
@MorAlekss MorAlekss mentioned this pull request May 25, 2026
Closed
daletkc pushed a commit to daletkc/hermes-agent that referenced this pull request May 25, 2026
@binhnt92
fix(profile): reject symlinks in distributions (NousResearch#25292)
fc6cfaf
mathias3 pushed a commit to mathias3/hermes-agent that referenced this pull request May 28, 2026
@binhnt92 @mathias3
fix(profile): reject symlinks in distributions (NousResearch#25292)
b65ceda
Bryce-huang pushed a commit to wbkunlun/hermes-agent that referenced this pull request May 29, 2026
@binhnt92
fix(profile): reject symlinks in distributions (NousResearch#25292)
7ac09ef 
#AI commit#
mosaiq-systems pushed a commit to mosaiq-systems/hermes-agent that referenced this pull request May 29, 2026
@binhnt92
fix(profile): reject symlinks in distributions (NousResearch#25292)
1f35826
gweeteve pushed a commit to gweeteve/hermes-agent that referenced this pull request Jun 2, 2026
@binhnt92
fix(profile): reject symlinks in distributions (NousResearch#25292)
eeed6d7
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

comp/cli CLI entry point, hermes_cli/, setup wizard P2 Medium — degraded but workaround exists type/security Security vulnerability or hardening

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@binhnt92 @alt-glitch @teknium1