Skip to content

fix(cli): use session-scoped yolo bypass in /yolo command#34032

Open
sharziki wants to merge 1 commit into
NousResearch:mainfrom
sharziki:fix/33925-cli-yolo-session-bypass
Open

fix(cli): use session-scoped yolo bypass in /yolo command#34032
sharziki wants to merge 1 commit into
NousResearch:mainfrom
sharziki:fix/33925-cli-yolo-session-bypass

Conversation

@sharziki

@sharziki sharziki commented May 28, 2026

Copy link
Copy Markdown
Contributor

Summary

  • CLI /yolo toggled HERMES_YOLO_MODE in os.environ, but approval.py freezes that flag at module-import time (_YOLO_MODE_FROZEN) to prevent prompt-injection escalation — the env var flip had no effect
  • Switch to enable_session_yolo() / disable_session_yolo() keyed on get_current_session_key(), matching how the gateway and TUI handlers already work
  • /yolo now actually bypasses approvals for the active CLI session without weakening the import-time freeze

Test plan

  • New test test_cli_toggle_yolo_uses_session_yolo in tests/tools/test_yolo_mode.py
  • All 20 yolo mode tests pass

Closes #33925

🤖 Generated with Claude Code

@sharziki @claude
fix(cli): use session-scoped yolo bypass in /yolo command
5c9dbc2 
The CLI /yolo handler toggled HERMES_YOLO_MODE in os.environ, but
approval.py freezes that flag at module-import time to prevent
prompt-injection escalation.  The env var flip had no effect on the
already-frozen _YOLO_MODE_FROZEN bool, so /yolo appeared to enable
YOLO (status bar showed ⚠ YOLO) while every dangerous command still
hit an approval prompt.

Switch to the same enable_session_yolo / disable_session_yolo path
that the gateway and TUI handlers already use, keyed on the current
approval session key.  This makes /yolo actually bypass approvals
for the active CLI session without weakening the import-time freeze
that guards against programmatic escalation.

Closes NousResearch#33925

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
@alt-glitch alt-glitch added type/bug Something isn't working P2 Medium — degraded but workaround exists comp/cli CLI entry point, hermes_cli/, setup wizard labels May 28, 2026
@alt-glitch

alt-glitch commented May 28, 2026

Copy link
Copy Markdown
Collaborator

Competing with #33931 — both fix #33925 (CLI /yolo doesn't bypass approvals due to env var freeze + missing enable_session_yolo() call). Both use the session-yolo API. Maintainer should pick one.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

comp/cli CLI entry point, hermes_cli/, setup wizard P2 Medium — degraded but workaround exists type/bug Something isn't working

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

CLI /yolo (in-chat) does not bypass dangerous command approvals — env var freeze + missing enable_session_yolo call

2 participants

@sharziki @alt-glitch