+ Kib"aR4t50tRt^RIt^RIt^RIt^RIt^RIt^RIt^RIt^RI t ^RI t ^RI t ^RI t ^RI t ^RIt^RIHt]P$!]4tRtR] R2tRtRRltR R ltR R ltRs]^kR tRs]^k] P<!4tRs ]^kRt!RRlt"RRlt#RRlt$RRlt%R5RRllt&Rt'RRlt(RRlt)R6RR llt*R!R"lt+R#R$lt,R%R&/R'R(llt-R)R*lt.R+R,lt/R%R&/R-R.llt0R%R&/R/R0llt1^2t2R1t3R2R3lt4R#)7uTirith pre-exec security scanning wrapper. Runs the tirith binary as a subprocess to scan commands for content-level threats (homograph URLs, pipe-to-interpreter, terminal injection, etc.). Exit code is the verdict source of truth: 0 = allow, 1 = block, 2 = warn JSON stdout enriches findings/summary but never overrides the verdict. Operational failures (spawn error, timeout, unknown exit code) respect the fail_open config setting. Programming errors propagate. Auto-install: if tirith is not found on PATH or at the configured path, it is automatically downloaded from GitHub releases to $HERMES_HOME/bin/tirith. The download always verifies SHA-256 checksums. When cosign is available on PATH, provenance verification (GitHub Actions workflow signature) is also performed. If cosign is not installed, the download proceeds with SHA-256 verification only — still secure via HTTPS + checksum, just without supply chain provenance proof. Installation runs in a background thread so startup never blocks. N)get_hermes_homezsheeki03/tirithz^https://github.com/z,/\.github/workflows/release\.yml@refs/tags/vz+https://token.actions.githubusercontent.comc<V^8dQhR\R\R\/#keydefaultreturnstrbool)formats"2/home/ubuntu/hermes-agent/tools/tirith_security.py __annotate__r3s!//3//$/c`\P!V4pVfV#VP4R9#)N)1trueyes)osgetenvlowerrrvals&& r _env_boolr3s+ ))C.C { 99;. ..rc<V^8dQhR\R\R\/#rr int)r s"r rr:s!#rcx\P!V4pVfV#\V4# \dTu#i;i)N)rrr ValueErrorrs&& r _env_intr:s; ))C.C {3x s ) 99c$V^8dQhR\/#rr)dict)r s"r rrDstrcRRRRR^RR/p^RIHpV!4PR/4;'g/pR\ R VPRVR,44R\ P !R VPRVR,44R\R VPRVR,44R\ R VPRVR,44/# \d/pLi;i) z@Load security settings from config.yaml, with env var overrides.tirith_enabledT tirith_pathtirithtirith_timeouttirith_fail_open) load_configsecurityTIRITH_ENABLED TIRITH_BINTIRITH_TIMEOUTTIRITH_FAIL_OPEN)hermes_cli.configr)get Exceptionrrrr)defaultsr)cfgs r _load_security_configr4Ds $x!D H 1m B/552 )$4cgg>NPXYiPj6klryysww}h}F]/^_(#3SWW=MxXhOi5jkI&8#''BTV^_qVr:st   s#C C CCFiQc$V^8dQhR\/#r!r )r s"r rrls""#"rc(\\44#)zAReturn the Hermes home directory, respecting HERMES_HOME env var.)r rrr _get_hermes_homer:ls  !!rc$V^8dQhR\/#r!r7)r s"r rrqsFFcFrcR\PP\4R4#)z3Return the path to the install-failure marker file.z.tirith-install-failed)rpathjoinr:r9rr _failure_marker_pathr?qs 77<<(*,D EErc2V^8dQhR\R,/#rrNr7)r s"r rrvscDjrcj\4p\PPV4p\P!4V, \ 8dR#\ VR4;_uu_4pVP4P4uuRRR4# +'giR#;i \dR#i;i)zRead the failure reason from the disk marker. Returns the reason string, or None if the marker doesn't exist or is older than _MARKER_TTL. Nr) r?rr=getmtimetime _MARKER_TTLopenreadstripOSError)pmtimefs r _read_failure_reasonrNvss  "  # IIK% K / !S\\Q668>>#\\\ s6AB#B#&B B# B B# B## B21B2c$V^8dQhR\/#r!r )r s"r rrsDrc\4pVfR#VR8Xd)\P!R4'd \4R#R#)zCheck if a recent install failure was persisted to disk. Returns False (allowing retry) when: - No marker exists - Marker is older than _MARKER_TTL (24h) - Marker reason is 'cosign_missing' and cosign is now on PATH Fcosign_missingcosignT)rNshutilwhich_clear_install_failed)reasons r _is_install_failed_on_diskrXs7" #F ~ !!fll8&<&< rc$V^8dQhR\/#)rrWr7)r s"r rrs   rc.\4p\P!\PP V4RR7\ VR4;_uu_4pVP V4RRR4R# +'giR#;i \dR#i;i)aPersist install failure to disk to avoid retry on next process. Args: reason: Short tag identifying the failure cause. Use "cosign_missing" when cosign is not on PATH so the marker can be auto-cleared once cosign becomes available. Texist_okwN)r?rmakedirsr=dirnamerGwriterJ)rWrKrMs& r _mark_install_failedras_ " BGGOOA&6 !S\\Q GGFO\\\    s0ABA1'B1 B <BB BBch\P!\44R# \dR#i;i)z3Remove the failure marker after successful install.N)runlinkr?rJr9rr rVrVs)  &()    s " 11c$V^8dQhR\/#r!r7)r s"r rrs   rc\PP\4R4p\P!VRR7V#)z/Return $HERMES_HOME/bin, creating it if needed.binTr[)rr=r>r:r^)ds r _hermes_bin_dirrhs-  %'/AKKD! Hrc2V^8dQhR\R,/#rAr7)r s"r rrsd rc\P!4p\P!4P4pVR8XdRpM VR8XdRpMR#VR 9dRpM VR 9dRpMR#V RV 2#) z@Return the Rust target triple for the current platform, or None.Darwinz apple-darwinLinuxzunknown-linux-gnuNx86_64aarch64-)rmamd64)rnarm64)platformsystemmachiner)rsrtplatarchs r _detect_targetrwsr __ F &&(G  7 "%% ( (V1TF rc<V^8dQhR\R\R\/#)rurldesttimeoutr)r s"r rrs!$$$3$$rc \PPV4p\P!R4pV'dVP RRV 24\PP W2R7;_uu_4p\VR4;_uu_4p\P!WV4RRR4RRR4R# +'giL;i +'giR#;i)zDownload a URL to a local file. GITHUB_TOKEN Authorizationztoken )r{wbN) urllibrequestRequestrr add_headerurlopenrGrT copyfileobj)ryrzr{reqtokenresprMs&&& r _download_filers ..  %C IIn %E  &(89     5 5tD$?O?OST4#@P 5 5?O?O 5 5 5s$;C B9 'C 9 C C  C c VV^8dQhR\R\R\R\R,/#)rchecksums_pathsig_path cert_pathrNr )r s"r rrs-%%3%#%#%$QU+%rc  \P!R4pV'g\PR4R#\P !VRRVRVR\ R\V. R R ^R 7pVP^8Xd\PR 4R #\PR VPVPP44R # \\P3d"p\PRT4Rp?R#Rp?ii;i)uOVerify cosign provenance signature on checksums.txt. Returns: True — cosign verified successfully False — cosign found but verification failed None — cosign not available (not on PATH, or execution failed) The caller treats both False and None as "abort auto-install" — only True allows the install to proceed. rSzcosign not found on PATHNz verify-blobz --certificatez --signaturez--certificate-identity-regexpz--certificate-oidc-issuerTcapture_outputtextr{z%cosign provenance verification passedz(cosign verification failed (exit %d): %sFzcosign execution failed: %s)rTrUloggerinfo subprocessrun_COSIGN_IDENTITY_REGEXP_COSIGN_ISSUER returncodewarningstderrrIrJTimeoutExpired)rrrrSresultexcs&&& r _verify_cosignrs\\( #F  ./ ] i H ,.E (.           ! KK? @ NNE ++V]]-@-@-B D Z.. /4c:sAC 9CD"C>>DcHV^8dQhR\R\R\R\/#)r archive_pathr archive_namerr )r s"r rrs)33SWrca Rp\V4;_uu_4o S FNpVP4PR^4p\V4^8XgK5V^,V8XgKEV^,pM RRR4V'g\P RV4R#\ P!4p\VR4;_uu_4o \V 3RlR4FpVPV4K RRR4VP4pW8wd\P RW84R#R # +'giL;i +'giLS;i) z4Verify SHA-256 of the archive against checksums.txt.Nz zNo checksum entry for %sFrbc&<SPR4#)i )rH)rMsr "_verify_checksum..s !&&,rrz&Checksum mismatch: expected %s, got %sT) rGrIsplitlenrrhashlibsha256iterupdate hexdigest) rrrexpectedlinepartsshachunkactualrMs &&& @r _verify_checksumrsH n  DJJL&&tQ/E5zQ58|#; 8   1<@ .. C lD ! !Q.4E JJu 5 "]]_F ?R '   " !s#3D D D=)D1 D. 1 E log_failuresTc`V^8dQhR\R\\R,\3,/#)rrrN)r tupler )r s"r rrs+Z2Z2TZ2U3:s?5KZ2rcB V'd\PM\Pp\4pV'g@\P R\ P !4\ P!44R##RV R2pR\ R2p\P!RR7p\PPWS4p\PPVR 4p\PPVR 4p\PPVR 4p \P R V4\V R V 2V4\V R2V4Rp \ P$!R4'ds\T R2T4\T R2T 4\'YxT 4p T RJdRp MST RJd#T!R4R%\ P"!TRR7#\P R4M\P R4\)YgT4'gR&\ P"!TRR7#\*P,!TR4;_uu_4p T P/4FbpTP0R8Xg$TP0P3R4'gK7RTP09dKJRTnT P5Y4M. T!R4R'uuRRR4\ P"!TRR7#RRR4\PPTR4p\PP\74R4p\ P8!TT4\P:!T\P<!T4P>\<P@,\<PB,\<PD,4T 'dRMR p\P R!TT4TR"3\ P"!TRR7# \d.p T!RT 4R$uRp ? \ P"!TRR7#Rp ? ii;i \d"p \P RT 4Rp ? ELkRp ? ii;i +'giEL;i \ P"!TRR7i;i)(aJDownload and install tirith to $HERMES_HOME/bin/tirith. Verifies provenance via cosign and SHA-256 checksum. Returns (installed_path, failure_reason). On success failure_reason is "". failure_reason is a short tag used by the disk marker to decide if the failure is retryable (e.g. "cosign_missing" clears when cosign appears). z/tirith auto-install: unsupported platform %s/%sNztirith-z.tar.gzzhttps://github.com/z/releases/latest/downloadztirith-install-)prefixz checksums.txtzchecksums.txt.sigzchecksums.txt.pemu9tirith not found — downloading latest release for %s.../z/checksums.txtztirith download failed: %sT) ignore_errorsFrSz/checksums.txt.sigz/checksums.txt.pemz=tirith install aborted: cosign provenance verification failedz5cosign execution failed, proceeding with SHA-256 onlyz?cosign artifacts unavailable (%s), proceeding with SHA-256 onlyu{cosign not on PATH — installing tirith with SHA-256 verification only (install cosign for full supply chain verification)zr:gzr&z/tirithz..z"tirith binary not found in archivezcosign + SHA-256z SHA-256 onlyztirith installed to %s (%s)r5)Nunsupported_platform)Ndownload_failed)Ncosign_verification_failed)Nchecksum_failed)Nbinary_not_in_archive)#rrdebugrwrrrrsrt_REPOtempfilemkdtemprr=r>rr1rTrmtreerUrrtarfilerG getmembersnameendswithextractrhmovechmodstatst_modeS_IXUSRS_IXGRPS_IXOTH)rlogtargetrbase_urltmpdirrrrrrcosign_verified cosign_resulttarmembersrcrz verifications$ r _install_tirithrs)&..fllC  F  E__&(8(8(: <++VHG,L$UG+DEH   %6 7FF2ww||F9 fo>77<<(;<GGLL)<=  OQWX + hZq7 F hZ~6 G  << ! ! Y(+=>I(+=> J!/~ S  D(&*O"e+WX=F  fD1?KK WX KKN O lKK*2  fD1/\\, / /3..*;;(*fkk.B.B9.M.Mv{{* "*FKKK/ +8940 /.  fD10ggll68,ww||O-x8 C rwwt},,t||;dllJT\\YZ-<).  14FRx  fD1w + ,c 2* *r  fD1w + d ]_bcc d,0 / /.  fD1s"BR8 PR7Q$R>R)RAQ08Q0 R,DR P> P9P>R9P>>R Q- Q("R(Q--R0 R ; RRc0V^8dQhR\R\/#rconfigured_pathrr )r s"r rrvs''s't'rc VR8g#)zHReturn True if the user explicitly configured a non-default tirith path.r&r9)rs&r _is_explicit_pathrvs h &&rc0V^8dQhR\R\/#rr7)r s"r rr{s``#`#`rc\e\\Jd\#\PP V4p\ V4p\\JpV'd\PP V4'd0\P!V\P4'dVsV#\P!V4pV'dVsV#\PRV4\sRs V#\P!R4pV'dVsRs \4V#\PP\!4R4p\PP V4'd<\P!V\P4'dVsRs \4V#V'd;\R8Xd.\P!R4'dRsRs \4RpMV#\"e\"P%4'dV#\'4pVe\)4'd \sVs V#\+4wrxV'dVsRs \4V#\sVs \-V4V#) uResolve the tirith binary path, auto-installing if necessary. If the user explicitly set a path (anything other than the bare "tirith" default), that path is authoritative — we never fall through to auto-download a different binary. For the default "tirith": 1. PATH lookup via shutil.which 2. $HERMES_HOME/bin/tirith (previously auto-installed) 3. Auto-install from GitHub releases → $HERMES_HOME/bin/tirith Failed installs are cached for the process lifetime (and persisted to disk for 24h) to avoid repeated network attempts. Nz6Configured tirith path %r not found; scanning disabledexplicit_path_missingr&r5rRrSF)_resolved_path_INSTALL_FAILEDrr= expanduserrisfileaccessX_OKrTrUrr_install_failure_reasonrVr>rh_install_threadis_aliverNrXrra) rexpandedexplicitinstall_failedfound hermes_bin disk_reason installedrWs & r _resolve_tirith_pathr{s$!nO&Kww!!/2H 1H#6N 77>>( # # (BGG(D(D%NO X& "NLOQ`a("9 LL "E "$ o/:J ww~~j!!bii BGG&D&D#"$  "&6 66<<;Q;Q!N&( # ! #"NO "'?'?'A'A '(K#=#?#?("-')I""$%N$ Orc$V^8dQhR\/#rrrP)r s"r rrs)))rcZ\;_uu_4\e RRR4R#\P!R4pV'dVsRsRRR4R#\ P P\4R4p\ P PV4'd;\ P!V\ P4'dVsRsRRR4R#\VR7wr4V'dVsRs\4M\sVs\V4RRR4R# +'giR#;i)z6Background thread target: download and install tirith.Nr&r5)r) _install_lockrrTrUrrr=r>rhrrrrrVrra)rrrrrWs$ r _background_installrs   %    X& "N&( #  WW\\/"3X> 77>>* % %"))J*H*H'N&( # ! $,F &N&( # ! #,N&, #  (5 s) DDDA7DD8D D* c$V^8dQhR\/#rrP)r s"r rrsOOdOrc\4pVR,'gR#\ei\\Jd[\p\PP V4'd.\P !V\P4'dV#R#VR,p\V4p\PPV4pV'd\PP V4'd0\P !V\P4'dVsV#\P!V4pV'dVsV#\sRs R#\P!R4pV'dVsRs \4V#\PP\4R4p\PP V4'd<\P !V\P4'dVsRs \4V#\\Jd9\R8Xd,\P!R4'dRsRs \4MR#\!4pVe\#4'd \sVs R#\$e\$P'4'g4\(P*!\,R V/R R 7s\$P/4R#) aEnsure tirith is available, downloading in background if needed. Quick PATH/local checks are synchronous; network download runs in a daemon thread so startup never blocks. Safe to call multiple times. Returns the resolved path immediately if available, or None. r$Nr%rr&r5rRrSrT)rkwargsdaemon)r4rrrr=rrrrrrTrUrrVr>rhrNrXrr threadingThreadrstart) rr3r=rrrrrrs $ r ensure_installedrs !C  !nO&K 77>>$  BIIdBGG$<$<K-(O 1Hww!!/2H 77>>( # # (BGG(D(D%NO X& "NL("9 LL "E "$ o/:J ww~~j!!bii BGG&D&D#"$( "&6 66<<;Q;Q!N&( # ! # '(K#=#?#?("-o&>&>&@&@#**&"L1   ric0V^8dQhR\R\/#)rcommandr)r r")r s"r rrXs"FHFHCFHDFHrc v\4pVR,'g RRR.RR/#\VR,4pVR,pVR ,p\P!VR R R R RRV.RRVR7pTPpT^8XdRpMJT^8XdRpM@T^8XdRpM6\ P RT4T'd RRR.RRT R2/#RRR.RRT R2/#.p Rp TPP4'd!\P!TP4M/p T PR.4p T R\p T PRR4;'gRR\p RTRT RT /# \dDp\ P RT4T'dRRR.RRT 2/uRp?#RRR.RRT 2/uRp?#Rp?i\Pd8\ P RT4T'dRRR.RRT R2/u#RRR.RR/u#i;i \P \"3d-\ P%R 4TR8XdR!p LTR8XdR"p Li;i)#a(Run tirith security scan on a command. Exit code determines action (0=allow, 1=block, 2=warn). JSON enriches findings/summary. Spawn failures and timeouts respect fail_open config. Programming errors propagate. Returns: {"action": "allow"|"warn"|"block", "findings": [...], "summary": str} r$actionallowfindingssummaryr5r%r'r(checkz--jsonz--non-interactivez--shellposixz--Trztirith spawn failed: %sztirith unavailable: Nblockz#tirith spawn failed (fail-closed): ztirith timed out after %dsztirith timed out (zs)ztirith timed out (fail-closed)warnz'tirith returned unexpected exit code %dztirith exit code z (fail-open)z (fail-closed)z.tirith JSON parse failed, using exit code onlyz-security issue detected (details unavailable)z/security warning detected (details unavailable))r4rrrrJrrrrstdoutrIjsonloadsr0 _MAX_FINDINGS_MAX_SUMMARY_LENJSONDecodeErrorAttributeErrorr) rr3r%r{ fail_openrr exit_coderrr data raw_findingss & r check_command_securityrXs !C  ':r9bAA&s='9:K"#G&'I` '8-@ w 0  (!!IA~ a a @)L gz2yDUV_U``lBmn n':r9@QR[Q\\j>kllHG H,2MM,?,?,A,Atzz&--(rxx B/ /88Ir*00b2C3CD fj(Iw GGW k0#6 gz2yDXY\X]B^_ _':r9@cdgch>ijj  $ $`3W= gz2yDVW^V__aBbc c':r9>^__ `:  . 1H EF W EG v GG Hsg"EG1.AG1 G1 G.!(F G. FG.G.6G. G.#G.-G.19H8, H87H8cV^8dQh/^\9d\R,\,;R&^\9d \;R&^\9d\PR,;R&#)rNrrr)__conditional_annotations__r r rr)r s"r rrs\~)(d T!(B"!!CJ0/!!D(/Kr)r5) )6r__doc__rrloggingrrrrTrrrrrrEurllib.requestrhermes_constantsr getLogger__name__rrrrrrr4rrrLockrrrFr:r?rNrXrarVrhrwrrrrrrrrrrrr)rs@r r$s+,    ,   8 $17ef> /8%)(!! +// " F "" "  ,$%P2Z2DZ2z' `F))@OTOl FHr