fix(security): reduce unnecessary shell=True in subprocess calls

- memory_setup.py: use shlex.split() for plugin dep checks instead of shell=True - transcription_tools.py: avoid shell=True for auto-detected whisper commands (user-provided templates via env var still use shell=True for compatibility) - cli.py: add comment clarifying intentional shell=True for user quick_commands - Add test verifying auto-detected template is shlex-safe Addresses CONTRIBUTING.md Priority #3 (Security hardening — shell injection).
2026-04-08 20:44:34 +08:00
parent a9b8254e5f
commit d6c9711ba8
4 changed files with 53 additions and 2 deletions
--- a/cli.py
+++ b/cli.py
@@ -7600,6 +7600,8 @@ class HermesCLI:
                    exec_cmd = qcmd.get("command", "")
                    if exec_cmd:
                        try:
+                            # shell=True is intentional: quick_commands are user-defined
+                            # shell snippets from config.yaml — not agent/LLM controlled.
                            result = subprocess.run(
                                exec_cmd, shell=True, capture_output=True,
                                text=True, timeout=30