common/hermes
2
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

fix(skills_guard): explain why --force is rejected on dangerous verdicts

Browse Source 
Follow-up to @sprmn24's verdict-logic fix. The previous block-message
ended in 'Use --force to override' regardless of verdict — but as of
the --force fix above, dangerous community/trusted skills can't be
overridden by --force at all. The misleading hint sends users in a
loop. Replace it with a specific message that tells them what the
documented behavior actually is.

Adds two regression tests covering the dangerous-verdict message
shape and one that pins the existing --force hint for non-dangerous
blocks.
This commit is contained in:
Teknium
2026-05-23 02:36:59 -07:00
parent 789043b691
commit 6942b1836e
2 changed files with 32 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
tests/tools/test_skills_guard.py
View File

@@ -152,6 +152,31 @@ class TestShouldAllowInstall:
) )
assert allowed is False assert allowed is False
assert "Blocked" in reason assert "Blocked" in reason
# Error message MUST explain why --force didn't work, not invite a retry.
assert "does not override" in reason
assert "Use --force to override" not in reason
def test_force_does_not_override_dangerous_for_trusted_message(self):
f = [Finding("x", "critical", "c", "f", 1, "m", "d")]
allowed, reason = should_allow_install(
self._result("trusted", "dangerous", f), force=True
)
assert allowed is False
assert "does not override" in reason
assert "Use --force to override" not in reason
def test_non_dangerous_block_keeps_force_hint(self):
# When --force CAN override the block, the error message must still
# point to it. Use builtin trust + dangerous to land in the block
# branch without triggering the dangerous-specific message.
f = [Finding("x", "high", "network", "f", 1, "m", "d")]
# Construct a path where decision == block but verdict != dangerous.
# community + caution = block per current INSTALL_POLICY.
allowed, reason = should_allow_install(
self._result("community", "caution", f), force=False
)
assert allowed is False
assert "Use --force to override" in reason
def test_force_does_not_override_dangerous_for_trusted(self): def test_force_does_not_override_dangerous_for_trusted(self):
f = [Finding("x", "critical", "c", "f", 1, "m", "d")] f = [Finding("x", "critical", "c", "f", 1, "m", "d")]

7
tools/skills_guard.py
View File

@@ -674,6 +674,13 @@ def should_allow_install(result: ScanResult, force: bool = False) -> Tuple[bool,
f"{len(result.findings)} findings)" f"{len(result.findings)} findings)"
) )
# Dangerous verdicts cannot be overridden by --force (community/trusted);
# other blocks can.
if result.verdict == "dangerous" and result.trust_level in ("community", "trusted"):
return False, (
f"Blocked ({result.trust_level} source + dangerous verdict, "
f"{len(result.findings)} findings). --force does not override a dangerous verdict."
)
return False, ( return False, (
f"Blocked ({result.trust_level} source + {result.verdict} verdict, " f"Blocked ({result.trust_level} source + {result.verdict} verdict, "
f"{len(result.findings)} findings). Use --force to override." f"{len(result.findings)} findings). Use --force to override."