| शीर्षक | NousResearch hermes-agent 2026.4.23 Exposure of Sensitive Information (CWE-200) |
|---|
| विवरण | # Technical Details
An Information Leak exists in the `_make_run_env()` method in `tools/environments/local.py` of hermes-agent.
The application fails to comprehensively filter sensitive messaging gateway credentials from the subprocess environment because `_EXTRA_ENV_KEYS` (which contains gateway credentials like `FEISHU_APP_SECRET`, `WECOM_SECRET`) is not included in the sanitization blocklist (`_build_provider_env_blocklist`).
# Vulnerable Code
File: tools/environments/local.py
Method: _make_run_env()
Why: The subprocess environment blocklist builder misses `_EXTRA_ENV_KEYS` defined in `hermes_cli/config.py`. When `LocalEnvironment._run_bash()` executes a command, these gateway credentials are inherited by the subprocess and can be printed or exfiltrated using `printenv`.
# Reproduction
1. Deploy `hermes-agent` configured with an actively supported messaging platform (e.g. Feishu, WeCom) with sensitive credentials set.
2. Inject a prompt requesting terminal/execute_code tool usage to run `env` or `printenv`.
3. The subprocess outputs the un-scrubbed environment variables.
4. Observe the leaked sensitive credentials in the output.
# Impact
- Exposure of sensitive internal configuration and messaging secrets.
- Full compromise of the messaging service gateway through stolen credentials, allowing an attacker to spoof communications and exfiltrate private organization data. |
|---|
| स्रोत | ⚠️ https://gist.github.com/YLChen-007/760b3940f708990e535214529c0c7a27 |
|---|
| उपयोगकर्ता | Eric-i (UID 97584) |
|---|
| सबमिशन | 24/04/2026 02:42 PM (1 महीना पहले) |
|---|
| संयम | 23/05/2026 11:19 AM (29 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 365315 [NousResearch hermes-agent तक 2026.4.23 Messaging Gateway local.py _make_run_env सूचना का प्रकटीकरण] |
|---|
| अंक | 20 |
|---|