forked from Zakaria/hermes-agent
31 lines
1.2 KiB
Plaintext
31 lines
1.2 KiB
Plaintext
Hermes Agent security-guidance plugin
|
|
=====================================
|
|
|
|
This plugin (plugins/security-guidance/) includes work originally
|
|
published in the claude-plugins-official repository by Anthropic, PBC.,
|
|
licensed under the Apache License, Version 2.0.
|
|
|
|
Source: https://github.com/anthropics/claude-plugins-official
|
|
Subpath: plugins/security-guidance/hooks/patterns.py
|
|
Commit: 0bde168 (2026-05-26)
|
|
License: Apache License 2.0 (see LICENSE in this directory)
|
|
|
|
Forked content
|
|
--------------
|
|
|
|
The file patterns.py in this directory is a verbatim copy of the upstream
|
|
patterns.py at the commit above, with a modified module docstring noting
|
|
this attribution. The pattern data — 25 regex/substring rules covering
|
|
unsafe deserialization, command injection, XSS sinks, crypto footguns,
|
|
XXE, GitHub Actions injection, and TLS-verification disablement — is
|
|
unmodified.
|
|
|
|
Original work
|
|
-------------
|
|
|
|
The Hermes-side plugin glue code (__init__.py, plugin.yaml, README.md,
|
|
tests) is original work by NousResearch and is licensed under the MIT
|
|
License that applies to the rest of the hermes-agent project, except
|
|
where it imports from patterns.py — that import does not change the
|
|
license of either file.
|