Hermes · run_agent.py
0
行代码
这不是架构,这是意大利面
Explorer
📁 hermes-agent/
📁 hermes_agent/
⚡ run_agent.py 11,741 lines
tools.py
config.py
📄 README.md
📄 requirements.txt
run_agent.py
234 # ── safety filters ──────────────────────────────────────────
235
236 import re
237
238 # Patterns that indicate a terminal command may modify/delete files.
239 # 39 regex rules — last line of defense before execution
240 _DESTRUCTIVE_PATTERNS = re.compile(
241     r"""(?:^|\s|&&|\|\||;|`)(?:
242         rm\s|rmdir\s|
243         mv\s|
244         sed\s+-i|
245         truncate\s|dd\s|shred\s|
246         git\s+(?:reset|clean|checkout)\s
247     )""",
248     re.VERBOSE,
249 )
250 _REDIRECT_OVERWRITE = re.compile(r'[^>]>[^>]|^>[^>]')
251
252 def _is_destructive_command(cmd: str) -> bool:
253     """Heuristic: does this terminal command look dangerous?"""
254     if _DESTRUCTIVE_PATTERNS.search(cmd):
255         return True
256     return False
⚠️ 安全靠正则
39 条字符串匹配规则
绕过方式:unicode 变体、
shell 别名、环境变量注入…
Explorer
📁 hermes-agent/
📁 hermes_agent/
⚡ run_agent.py 11,741 lines
tools.py
config.py
📄 README.md
run_agent.py
263
264 # ── parallel execution guard ────────────────────────────────
265
266 def _should_parallelize_tool_batch(tool_calls) -> bool:
267     """Return True when a tool-call batch is safe to run concurrently."""
268     if len(tool_calls) <= 1:
269         return False
270     tool_names = [tc.function.name for tc in tool_calls]
271     if any(name in _NEVER_PARALLEL_TOOLS for name in tool_names):
272         return False
273     reserved_paths: list[Path] = []
274     for tool_call in tool_calls:
275         if any(_paths_overlap(p, existing) for existing in reserved_paths):
276             return False
277     return True
278
279 # ... 11,464 more lines below ...
✅ 路径重叠检测
检查并行工具调用是否
操作同一文件路径
→ 比 GIL 锁更精细的控制