Skip to content

security: block cloud provider credentials and git credential prompts in subprocesses#7990

Open
SHL0MS wants to merge 1 commit into
NousResearch:mainfrom
SHL0MS:fix/security-env-blocklist
Open

security: block cloud provider credentials and git credential prompts in subprocesses#7990
SHL0MS wants to merge 1 commit into
NousResearch:mainfrom
SHL0MS:fix/security-env-blocklist

Conversation

@SHL0MS

@SHL0MS SHL0MS commented Apr 11, 2026

Copy link
Copy Markdown
Collaborator

Block cloud provider credentials (AWS, Azure, GCP, Kubernetes, Docker, npm, PyPI, SSH agent, GPG) from leaking to agent subprocesses. Set GIT_TERMINAL_PROMPT=0 to prevent git credential prompts on clone. 24 lines in tools/environments/local.py. Ref #4170. Split from #4168 for easier review.

@SHL0MS
security: block cloud provider credentials and disable git credential…
e696dea 
… prompts in subprocesses

Add AWS, Azure, GCP, Kubernetes, Docker, npm, PyPI, SSH agent,
and GPG credentials to the subprocess env blocklist. Set
GIT_TERMINAL_PROMPT=0 to prevent git from prompting for
credentials on clone.

Ref NousResearch#4170
@SHL0MS SHL0MS added the type/bug Something isn't working label Apr 11, 2026
@SHL0MS SHL0MS mentioned this pull request Apr 11, 2026
Closed
@wesleysimplicio wesleysimplicio mentioned this pull request May 9, 2026
Closed
@mobilinkd mobilinkd mentioned this pull request May 25, 2026
Closed
1 task
@briandevans briandevans mentioned this pull request May 26, 2026
Closed
19 tasks
@leavedrop leavedrop mentioned this pull request May 26, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

type/bug Something isn't working

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@SHL0MS