hermes-katana 3.0.0__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (534) hide show
  1. hermes_katana-3.0.0/.gitignore +130 -0
  2. hermes_katana-3.0.0/.gitleaks.toml +13 -0
  3. hermes_katana-3.0.0/CHANGELOG.md +64 -0
  4. hermes_katana-3.0.0/CONTRIBUTING.md +57 -0
  5. hermes_katana-3.0.0/LICENSE +21 -0
  6. hermes_katana-3.0.0/PKG-INFO +507 -0
  7. hermes_katana-3.0.0/README.md +389 -0
  8. hermes_katana-3.0.0/SECURITY.md +38 -0
  9. hermes_katana-3.0.0/docker/proving-ground/.dockerignore +20 -0
  10. hermes_katana-3.0.0/docker/proving-ground/Dockerfile +35 -0
  11. hermes_katana-3.0.0/docker/proving-ground/README.md +52 -0
  12. hermes_katana-3.0.0/docker/proving-ground/config.yaml.optional +0 -0
  13. hermes_katana-3.0.0/docker/proving-ground/entrypoint.sh +29 -0
  14. hermes_katana-3.0.0/docker/proving-ground/healthcheck.sh +9 -0
  15. hermes_katana-3.0.0/docs/API.md +867 -0
  16. hermes_katana-3.0.0/docs/artifacts.md +161 -0
  17. hermes_katana-3.0.0/docs/assets/hermes-border-frame.webp +0 -0
  18. hermes_katana-3.0.0/docs/assets/hermes-dark-background.webp +0 -0
  19. hermes_katana-3.0.0/docs/assets/infographics/01-system-map.webp +0 -0
  20. hermes_katana-3.0.0/docs/assets/infographics/02-taint-tracking.webp +0 -0
  21. hermes_katana-3.0.0/docs/assets/infographics/03-decoder-input-scanner.webp +0 -0
  22. hermes_katana-3.0.0/docs/assets/infographics/04-command-scanner.webp +0 -0
  23. hermes_katana-3.0.0/docs/assets/infographics/05-secret-vault.webp +0 -0
  24. hermes_katana-3.0.0/docs/assets/infographics/06-policy-engine.webp +0 -0
  25. hermes_katana-3.0.0/docs/assets/infographics/07-middleware-dispatch.webp +0 -0
  26. hermes_katana-3.0.0/docs/assets/infographics/08-audit-trail.webp +0 -0
  27. hermes_katana-3.0.0/docs/assets/infographics/09-https-proxy.webp +0 -0
  28. hermes_katana-3.0.0/docs/assets/infographics/10-artifacts-fast-cpu.webp +0 -0
  29. hermes_katana-3.0.0/docs/assets/infographics/11-proving-ground.webp +0 -0
  30. hermes_katana-3.0.0/docs/assets/infographics/12-operator-guide.webp +0 -0
  31. hermes_katana-3.0.0/docs/assets/manual.css +674 -0
  32. hermes_katana-3.0.0/docs/assets/pipeline-infographic.svg +193 -0
  33. hermes_katana-3.0.0/docs/compatibility.md +56 -0
  34. hermes_katana-3.0.0/docs/index.html +531 -0
  35. hermes_katana-3.0.0/docs/internals.html +694 -0
  36. hermes_katana-3.0.0/docs/proving_ground/README.md +128 -0
  37. hermes_katana-3.0.0/docs/proving_ground/methodology.md +60 -0
  38. hermes_katana-3.0.0/docs/proving_ground/mini-agent-guide.md +63 -0
  39. hermes_katana-3.0.0/docs/quickstart.md +291 -0
  40. hermes_katana-3.0.0/docs/runbook.md +569 -0
  41. hermes_katana-3.0.0/docs/scabbard_routing_promotion_gate.md +112 -0
  42. hermes_katana-3.0.0/docs/tiny_scabbard_research.md +43 -0
  43. hermes_katana-3.0.0/docs/v3_release_thread.md +39 -0
  44. hermes_katana-3.0.0/evals/EVAL_GAPS.md +72 -0
  45. hermes_katana-3.0.0/evals/README.md +137 -0
  46. hermes_katana-3.0.0/evals/adversarial_dispatch.yaml +3107 -0
  47. hermes_katana-3.0.0/evals/adversarial_origin_cases.yaml +297 -0
  48. hermes_katana-3.0.0/evals/benchmarks/confirmed_only_v1/LEADERBOARD.md +123 -0
  49. hermes_katana-3.0.0/evals/benchmarks/confirmed_only_v1/build.py +69 -0
  50. hermes_katana-3.0.0/evals/benchmarks/confirmed_only_v1/test.jsonl +982 -0
  51. hermes_katana-3.0.0/evals/benchmarks/origin_routing_v1/run_eval.py +321 -0
  52. hermes_katana-3.0.0/evals/benchmarks/robustness_v1/run_eval.py +305 -0
  53. hermes_katana-3.0.0/evals/origin_taxonomy.yaml +129 -0
  54. hermes_katana-3.0.0/evals/run_adversarial.sh +335 -0
  55. hermes_katana-3.0.0/evals/wild-attacks-2026-04.yaml +127 -0
  56. hermes_katana-3.0.0/examples/README.md +54 -0
  57. hermes_katana-3.0.0/examples/basic_scanning.py +43 -0
  58. hermes_katana-3.0.0/examples/custom_policy.yaml +55 -0
  59. hermes_katana-3.0.0/examples/middleware_chain.py +105 -0
  60. hermes_katana-3.0.0/examples/policy_engine.py +54 -0
  61. hermes_katana-3.0.0/examples/proving_ground/README.md +3 -0
  62. hermes_katana-3.0.0/examples/proving_ground/sample_attacks.jsonl +3 -0
  63. hermes_katana-3.0.0/examples/taint_tracking.py +82 -0
  64. hermes_katana-3.0.0/examples/vault_usage.py +61 -0
  65. hermes_katana-3.0.0/policies/balanced.yaml +437 -0
  66. hermes_katana-3.0.0/policies/examples/banking.yaml +217 -0
  67. hermes_katana-3.0.0/policies/examples/code-review.yaml +240 -0
  68. hermes_katana-3.0.0/policies/max.yaml +207 -0
  69. hermes_katana-3.0.0/policies/permissive.yaml +180 -0
  70. hermes_katana-3.0.0/pyproject.toml +164 -0
  71. hermes_katana-3.0.0/scripts/benchmark_hermes_katana_cli_e2e.py +218 -0
  72. hermes_katana-3.0.0/scripts/benchmark_hermes_katana_tool_sandbox.py +562 -0
  73. hermes_katana-3.0.0/scripts/generate_policy_assets.py +135 -0
  74. hermes_katana-3.0.0/scripts/rebuild_zvec_centroids.py +825 -0
  75. hermes_katana-3.0.0/scripts/refresh_compat_snapshots.py +18 -0
  76. hermes_katana-3.0.0/scripts/release_gate.sh +125 -0
  77. hermes_katana-3.0.0/scripts/run_serial_pytest.sh +70 -0
  78. hermes_katana-3.0.0/scripts/verify_scanner_change.sh +117 -0
  79. hermes_katana-3.0.0/src/hermes_katana/__init__.py +115 -0
  80. hermes_katana-3.0.0/src/hermes_katana/_files.py +88 -0
  81. hermes_katana-3.0.0/src/hermes_katana/_paths.py +167 -0
  82. hermes_katana-3.0.0/src/hermes_katana/_version.py +6 -0
  83. hermes_katana-3.0.0/src/hermes_katana/artifacts.py +526 -0
  84. hermes_katana-3.0.0/src/hermes_katana/audit/__init__.py +38 -0
  85. hermes_katana-3.0.0/src/hermes_katana/audit/trail.py +718 -0
  86. hermes_katana-3.0.0/src/hermes_katana/bootstrap.py +514 -0
  87. hermes_katana-3.0.0/src/hermes_katana/cli/__init__.py +1 -0
  88. hermes_katana-3.0.0/src/hermes_katana/cli/_render.py +158 -0
  89. hermes_katana-3.0.0/src/hermes_katana/cli/_support.py +467 -0
  90. hermes_katana-3.0.0/src/hermes_katana/cli/main.py +2191 -0
  91. hermes_katana-3.0.0/src/hermes_katana/config.py +462 -0
  92. hermes_katana-3.0.0/src/hermes_katana/exceptions.py +134 -0
  93. hermes_katana-3.0.0/src/hermes_katana/hermes_plugin.py +745 -0
  94. hermes_katana-3.0.0/src/hermes_katana/installer/__init__.py +37 -0
  95. hermes_katana-3.0.0/src/hermes_katana/installer/compat_snapshots.py +494 -0
  96. hermes_katana-3.0.0/src/hermes_katana/installer/installer.py +931 -0
  97. hermes_katana-3.0.0/src/hermes_katana/installer/patches.py +1185 -0
  98. hermes_katana-3.0.0/src/hermes_katana/metrics.py +245 -0
  99. hermes_katana-3.0.0/src/hermes_katana/middleware/__init__.py +39 -0
  100. hermes_katana-3.0.0/src/hermes_katana/middleware/chain.py +524 -0
  101. hermes_katana-3.0.0/src/hermes_katana/middleware/integration.py +1749 -0
  102. hermes_katana-3.0.0/src/hermes_katana/middleware/metrics.py +137 -0
  103. hermes_katana-3.0.0/src/hermes_katana/middleware/protectai_middleware.py +142 -0
  104. hermes_katana-3.0.0/src/hermes_katana/middleware/taint_middleware.py +127 -0
  105. hermes_katana-3.0.0/src/hermes_katana/ml_artifacts.py +109 -0
  106. hermes_katana-3.0.0/src/hermes_katana/policy/__init__.py +82 -0
  107. hermes_katana-3.0.0/src/hermes_katana/policy/defaults.py +106 -0
  108. hermes_katana-3.0.0/src/hermes_katana/policy/engine.py +1007 -0
  109. hermes_katana-3.0.0/src/hermes_katana/policy/models.py +236 -0
  110. hermes_katana-3.0.0/src/hermes_katana/policy/yaml_loader.py +448 -0
  111. hermes_katana-3.0.0/src/hermes_katana/proving_ground/__init__.py +4 -0
  112. hermes_katana-3.0.0/src/hermes_katana/proving_ground/__main__.py +8 -0
  113. hermes_katana-3.0.0/src/hermes_katana/proving_ground/cli.py +78 -0
  114. hermes_katana-3.0.0/src/hermes_katana/proving_ground/corpus_sampler.py +175 -0
  115. hermes_katana-3.0.0/src/hermes_katana/proving_ground/export_attacks.py +192 -0
  116. hermes_katana-3.0.0/src/hermes_katana/proving_ground/generate_variants.py +157 -0
  117. hermes_katana-3.0.0/src/hermes_katana/proving_ground/local_models.py +839 -0
  118. hermes_katana-3.0.0/src/hermes_katana/proving_ground/models.py +117 -0
  119. hermes_katana-3.0.0/src/hermes_katana/proving_ground/paths.py +53 -0
  120. hermes_katana-3.0.0/src/hermes_katana/proving_ground/research/__init__.py +20 -0
  121. hermes_katana-3.0.0/src/hermes_katana/proving_ground/research/budget.py +133 -0
  122. hermes_katana-3.0.0/src/hermes_katana/proving_ground/research/dag.py +161 -0
  123. hermes_katana-3.0.0/src/hermes_katana/proving_ground/research/doom.py +74 -0
  124. hermes_katana-3.0.0/src/hermes_katana/proving_ground/research/events.py +258 -0
  125. hermes_katana-3.0.0/src/hermes_katana/proving_ground/research/harness_profile.py +160 -0
  126. hermes_katana-3.0.0/src/hermes_katana/proving_ground/research/harness_profiles.yaml +438 -0
  127. hermes_katana-3.0.0/src/hermes_katana/proving_ground/research/hypotheses/H-20260422-behavioral-telemetry-predicts-attack.yaml +34 -0
  128. hermes_katana-3.0.0/src/hermes_katana/proving_ground/research/hypotheses/H-20260422-harness-dominates-model.yaml +54 -0
  129. hermes_katana-3.0.0/src/hermes_katana/proving_ground/research/hypotheses/H-20260422-multilingual-nonuniform.yaml +31 -0
  130. hermes_katana-3.0.0/src/hermes_katana/proving_ground/research/hypotheses/H-20260423-scanner-in-harness-protects.yaml +52 -0
  131. hermes_katana-3.0.0/src/hermes_katana/proving_ground/research/hypotheses/H-20260502-v5-corpus-characterization.yaml +84 -0
  132. hermes_katana-3.0.0/src/hermes_katana/proving_ground/research/kernel.py +243 -0
  133. hermes_katana-3.0.0/src/hermes_katana/proving_ground/research/registry.py +328 -0
  134. hermes_katana-3.0.0/src/hermes_katana/proving_ground/research/rigor.py +210 -0
  135. hermes_katana-3.0.0/src/hermes_katana/proving_ground/research/statistics.py +522 -0
  136. hermes_katana-3.0.0/src/hermes_katana/proving_ground/research/tools.py +705 -0
  137. hermes_katana-3.0.0/src/hermes_katana/proving_ground/research/verifier.py +131 -0
  138. hermes_katana-3.0.0/src/hermes_katana/proving_ground/run_agent_shard.py +1142 -0
  139. hermes_katana-3.0.0/src/hermes_katana/proving_ground/run_shard.py +496 -0
  140. hermes_katana-3.0.0/src/hermes_katana/proving_ground/sandbox/__init__.py +3 -0
  141. hermes_katana-3.0.0/src/hermes_katana/proving_ground/sandbox/agent_cli_runner.py +2463 -0
  142. hermes_katana-3.0.0/src/hermes_katana/proving_ground/sandbox/analyzers/__init__.py +1 -0
  143. hermes_katana-3.0.0/src/hermes_katana/proving_ground/sandbox/analyzers/behavioral_drift.py +417 -0
  144. hermes_katana-3.0.0/src/hermes_katana/proving_ground/sandbox/analyzers/semantic_fingerprint.py +645 -0
  145. hermes_katana-3.0.0/src/hermes_katana/proving_ground/sandbox/behavioral_tracker.py +396 -0
  146. hermes_katana-3.0.0/src/hermes_katana/proving_ground/sandbox/canaries.py +95 -0
  147. hermes_katana-3.0.0/src/hermes_katana/proving_ground/sandbox/honeypot.py +228 -0
  148. hermes_katana-3.0.0/src/hermes_katana/proving_ground/sandbox/observation.py +235 -0
  149. hermes_katana-3.0.0/src/hermes_katana/proving_ground/sandbox/parsers.py +572 -0
  150. hermes_katana-3.0.0/src/hermes_katana/proving_ground/sandbox/scanner_middleware.py +222 -0
  151. hermes_katana-3.0.0/src/hermes_katana/proving_ground/sandbox/session.py +866 -0
  152. hermes_katana-3.0.0/src/hermes_katana/proving_ground/sandbox/severity.py +158 -0
  153. hermes_katana-3.0.0/src/hermes_katana/proving_ground/sandbox/workspace.py +462 -0
  154. hermes_katana-3.0.0/src/hermes_katana/proving_ground/sandbox/workspace_sweeper.py +168 -0
  155. hermes_katana-3.0.0/src/hermes_katana/proving_ground/sandbox_cli.py +301 -0
  156. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/__init__.py +1 -0
  157. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/_minimax_english_v12.py +95 -0
  158. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/_openai_resubmit_v12.py +103 -0
  159. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/analyze_asr_methodology.py +371 -0
  160. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/analyze_asr_scientific.py +220 -0
  161. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/analyze_synth_fleet.py +233 -0
  162. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/asr_dashboard.py +493 -0
  163. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/audit_contamination.py +391 -0
  164. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/audit_parsers.py +363 -0
  165. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/audit_quota_mix_queue_20260506.py +217 -0
  166. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/audit_v8_for_hermes_katana_20260515.py +556 -0
  167. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/auto_confirm_loop.sh +88 -0
  168. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/backtrace_multilingual.py +469 -0
  169. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/batch_fingerprint.py +447 -0
  170. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/batch_run.py +889 -0
  171. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/batch_watcher.py +157 -0
  172. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/battery_monitor.sh +178 -0
  173. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/build_corpus.py +468 -0
  174. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/build_crossval_new_effective_20260513.py +327 -0
  175. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/build_data_v6_with_origin_balance.py +528 -0
  176. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/build_data_v7_with_origin_balance.py +488 -0
  177. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/build_defended_quota_mix_20260506.py +216 -0
  178. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/build_focused_v4.py +289 -0
  179. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/build_focused_v5_1_20260506.py +605 -0
  180. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/build_free_discovery_confirm_queue_20260506.py +609 -0
  181. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/build_manifest.py +138 -0
  182. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/build_next_fleets_20260506.py +635 -0
  183. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/build_quota_mix_confirm_queue_20260506.py +469 -0
  184. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/build_recovery_shards.py +376 -0
  185. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/build_trial_plan.py +260 -0
  186. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/build_v8_untested_synth_queue.py +327 -0
  187. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/check_openai_burn.py +79 -0
  188. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/cpu_watchdog.sh +141 -0
  189. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/cross_model_confirm_smoke.py +135 -0
  190. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/cross_reference_confirm.py +272 -0
  191. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/deep_preflight.py +799 -0
  192. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/detection_bench.py +526 -0
  193. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/ensemble_detector.py +292 -0
  194. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/export_channel_weights.py +190 -0
  195. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/factorial_decompose.py +295 -0
  196. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/features/__init__.py +1 -0
  197. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/features/build_semantic_centroids.py +168 -0
  198. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/features/cluster_cross_model_effects.py +231 -0
  199. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/features/extract_trigger_ngrams.py +271 -0
  200. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/features/train_behavioral_scanner.py +170 -0
  201. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/fleet.py +643 -0
  202. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/fleet_monitor.sh +194 -0
  203. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/fleet_postaudit_smoke.json +42 -0
  204. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/fleet_preflight.py +417 -0
  205. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/fleet_runtime_guard.py +260 -0
  206. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/fleet_smoke.json +40 -0
  207. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/fleet_smoke_local.json +18 -0
  208. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/fleet_status.py +184 -0
  209. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/fleet_synth_smoke.json +13 -0
  210. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/generate_v7_paraphrases.py +253 -0
  211. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/haiku_multilingual_sweep.sh +62 -0
  212. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/harness_ablation.py +330 -0
  213. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/harness_matrix.py +263 -0
  214. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/intern.py +367 -0
  215. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/merge_shard_runs.py +147 -0
  216. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/merge_synthdata_to_v4.py +170 -0
  217. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/multilingual_transfer.py +346 -0
  218. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/orchestrate_battery.sh +51 -0
  219. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/pipeline.py +290 -0
  220. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/postrun_followup_20260505.py +613 -0
  221. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/power_plan.py +102 -0
  222. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/promote_free_discovery_confirmed_20260506.py +412 -0
  223. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/promote_quota_mix_confirmed_20260506.py +273 -0
  224. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/prune_invalid_run_rows.py +108 -0
  225. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/quarantine_invalid_rows.py +244 -0
  226. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/query.py +325 -0
  227. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/quota_mix_status_20260506.py +108 -0
  228. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/report.py +251 -0
  229. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/report_dataset_strategy_20260506.py +694 -0
  230. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/report_quota_mix_20260506.py +289 -0
  231. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/rescore_semantic.py +273 -0
  232. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/rotate_to_claude.sh +77 -0
  233. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/rotate_to_minimax.sh +94 -0
  234. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/run_reset_recovery.py +376 -0
  235. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/sanitize_v5_1_for_publish.py +188 -0
  236. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/simulate_katana_defense.py +419 -0
  237. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/strip_api_errors.py +161 -0
  238. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/synth_to_shards.py +236 -0
  239. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/thermal_watchdog.sh +55 -0
  240. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/v8_freeze_analysis_20260514.py +1203 -0
  241. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/vast_boot.sh +86 -0
  242. hermes_katana-3.0.0/src/hermes_katana/proving_ground/scripts/verify_qwen35_integration.py +304 -0
  243. hermes_katana-3.0.0/src/hermes_katana/proving_ground/synthdata/README.md +111 -0
  244. hermes_katana-3.0.0/src/hermes_katana/proving_ground/synthdata/__init__.py +29 -0
  245. hermes_katana-3.0.0/src/hermes_katana/proving_ground/synthdata/complexify.py +127 -0
  246. hermes_katana-3.0.0/src/hermes_katana/proving_ground/synthdata/configs/v1_claude.json +31 -0
  247. hermes_katana-3.0.0/src/hermes_katana/proving_ground/synthdata/configs/v2_opus_elite.json +31 -0
  248. hermes_katana-3.0.0/src/hermes_katana/proving_ground/synthdata/configs/v3_gap6_opus.json +33 -0
  249. hermes_katana-3.0.0/src/hermes_katana/proving_ground/synthdata/configs/v4_encoding_codex.json +34 -0
  250. hermes_katana-3.0.0/src/hermes_katana/proving_ground/synthdata/configs/v4_persona_opus.json +34 -0
  251. hermes_katana-3.0.0/src/hermes_katana/proving_ground/synthdata/critics.py +221 -0
  252. hermes_katana-3.0.0/src/hermes_katana/proving_ground/synthdata/expand_gap_labels.py +128 -0
  253. hermes_katana-3.0.0/src/hermes_katana/proving_ground/synthdata/llm.py +357 -0
  254. hermes_katana-3.0.0/src/hermes_katana/proving_ground/synthdata/meta_prompt.py +250 -0
  255. hermes_katana-3.0.0/src/hermes_katana/proving_ground/synthdata/rerun_critics.py +146 -0
  256. hermes_katana-3.0.0/src/hermes_katana/proving_ground/synthdata/run.py +278 -0
  257. hermes_katana-3.0.0/src/hermes_katana/proving_ground/synthdata/schema.py +158 -0
  258. hermes_katana-3.0.0/src/hermes_katana/proving_ground/synthdata/taxonomy.py +297 -0
  259. hermes_katana-3.0.0/src/hermes_katana/proxy/__init__.py +26 -0
  260. hermes_katana-3.0.0/src/hermes_katana/proxy/addon.py +1041 -0
  261. hermes_katana-3.0.0/src/hermes_katana/proxy/addon_script.py +76 -0
  262. hermes_katana-3.0.0/src/hermes_katana/proxy/config.py +200 -0
  263. hermes_katana-3.0.0/src/hermes_katana/proxy/injector.py +263 -0
  264. hermes_katana-3.0.0/src/hermes_katana/proxy/runner.py +587 -0
  265. hermes_katana-3.0.0/src/hermes_katana/py.typed +0 -0
  266. hermes_katana-3.0.0/src/hermes_katana/runtime_artifacts.py +127 -0
  267. hermes_katana-3.0.0/src/hermes_katana/scabbard/__init__.py +59 -0
  268. hermes_katana-3.0.0/src/hermes_katana/scabbard/cascade.py +508 -0
  269. hermes_katana-3.0.0/src/hermes_katana/scabbard/config.py +787 -0
  270. hermes_katana-3.0.0/src/hermes_katana/scabbard/data/attack_seed_phrases.json +234 -0
  271. hermes_katana-3.0.0/src/hermes_katana/scabbard/data/homoglyph_map.json +1199 -0
  272. hermes_katana-3.0.0/src/hermes_katana/scabbard/data/injection_ngrams.txt +573 -0
  273. hermes_katana-3.0.0/src/hermes_katana/scabbard/embedder.py +905 -0
  274. hermes_katana-3.0.0/src/hermes_katana/scabbard/feature_extractor.py +403 -0
  275. hermes_katana-3.0.0/src/hermes_katana/scabbard/fusion.py +1021 -0
  276. hermes_katana-3.0.0/src/hermes_katana/scabbard/normalizer.py +353 -0
  277. hermes_katana-3.0.0/src/hermes_katana/scabbard/pipeline.py +6 -0
  278. hermes_katana-3.0.0/src/hermes_katana/scabbard/retrieval.py +400 -0
  279. hermes_katana-3.0.0/src/hermes_katana/scabbard/routing.py +476 -0
  280. hermes_katana-3.0.0/src/hermes_katana/scabbard/scabbard.py +389 -0
  281. hermes_katana-3.0.0/src/hermes_katana/scanner/__init__.py +1654 -0
  282. hermes_katana-3.0.0/src/hermes_katana/scanner/_optional.py +151 -0
  283. hermes_katana-3.0.0/src/hermes_katana/scanner/aho_scanner.py +249 -0
  284. hermes_katana-3.0.0/src/hermes_katana/scanner/allowlist.py +506 -0
  285. hermes_katana-3.0.0/src/hermes_katana/scanner/ascii_art.py +416 -0
  286. hermes_katana-3.0.0/src/hermes_katana/scanner/behavioral.py +521 -0
  287. hermes_katana-3.0.0/src/hermes_katana/scanner/bloom_filter.py +436 -0
  288. hermes_katana-3.0.0/src/hermes_katana/scanner/bonsai_judge.py +244 -0
  289. hermes_katana-3.0.0/src/hermes_katana/scanner/commands.py +1696 -0
  290. hermes_katana-3.0.0/src/hermes_katana/scanner/compositional.py +528 -0
  291. hermes_katana-3.0.0/src/hermes_katana/scanner/consensus_judge.py +526 -0
  292. hermes_katana-3.0.0/src/hermes_katana/scanner/content.py +771 -0
  293. hermes_katana-3.0.0/src/hermes_katana/scanner/content_harm.py +1338 -0
  294. hermes_katana-3.0.0/src/hermes_katana/scanner/context_analyzer.py +440 -0
  295. hermes_katana-3.0.0/src/hermes_katana/scanner/css_deobfuscator.py +417 -0
  296. hermes_katana-3.0.0/src/hermes_katana/scanner/data/fast_patterns.json +858 -0
  297. hermes_katana-3.0.0/src/hermes_katana/scanner/deberta_classifier.py +500 -0
  298. hermes_katana-3.0.0/src/hermes_katana/scanner/decoder.py +436 -0
  299. hermes_katana-3.0.0/src/hermes_katana/scanner/ensemble.py +623 -0
  300. hermes_katana-3.0.0/src/hermes_katana/scanner/fast_patterns.py +234 -0
  301. hermes_katana-3.0.0/src/hermes_katana/scanner/html_diff.py +501 -0
  302. hermes_katana-3.0.0/src/hermes_katana/scanner/image_injection.py +593 -0
  303. hermes_katana-3.0.0/src/hermes_katana/scanner/injection.py +2430 -0
  304. hermes_katana-3.0.0/src/hermes_katana/scanner/judge_runtime.py +90 -0
  305. hermes_katana-3.0.0/src/hermes_katana/scanner/markdown_audit.py +442 -0
  306. hermes_katana-3.0.0/src/hermes_katana/scanner/mcp_scanner.py +578 -0
  307. hermes_katana-3.0.0/src/hermes_katana/scanner/multilingual.py +1233 -0
  308. hermes_katana-3.0.0/src/hermes_katana/scanner/multimodal.py +1352 -0
  309. hermes_katana-3.0.0/src/hermes_katana/scanner/multiturn.py +540 -0
  310. hermes_katana-3.0.0/src/hermes_katana/scanner/ooxml_scanner.py +320 -0
  311. hermes_katana-3.0.0/src/hermes_katana/scanner/pdf_js_scanner.py +437 -0
  312. hermes_katana-3.0.0/src/hermes_katana/scanner/pdf_layers.py +314 -0
  313. hermes_katana-3.0.0/src/hermes_katana/scanner/persona_detector.py +660 -0
  314. hermes_katana-3.0.0/src/hermes_katana/scanner/prompt_leak.py +803 -0
  315. hermes_katana-3.0.0/src/hermes_katana/scanner/protectai_gate.py +212 -0
  316. hermes_katana-3.0.0/src/hermes_katana/scanner/rag_injection.py +623 -0
  317. hermes_katana-3.0.0/src/hermes_katana/scanner/secrets.py +796 -0
  318. hermes_katana-3.0.0/src/hermes_katana/scanner/semantic_recall.py +477 -0
  319. hermes_katana-3.0.0/src/hermes_katana/scanner/semantic_zvec_scanner.py +265 -0
  320. hermes_katana-3.0.0/src/hermes_katana/scanner/stego_scanner.py +869 -0
  321. hermes_katana-3.0.0/src/hermes_katana/scanner/structural.py +362 -0
  322. hermes_katana-3.0.0/src/hermes_katana/scanner/svg_sanitizer.py +286 -0
  323. hermes_katana-3.0.0/src/hermes_katana/scanner/unicode.py +744 -0
  324. hermes_katana-3.0.0/src/hermes_katana/scanner/unicode_spoof.py +592 -0
  325. hermes_katana-3.0.0/src/hermes_katana/security_logging.py +99 -0
  326. hermes_katana-3.0.0/src/hermes_katana/taint/__init__.py +106 -0
  327. hermes_katana-3.0.0/src/hermes_katana/taint/codecs.py +330 -0
  328. hermes_katana-3.0.0/src/hermes_katana/taint/flow.py +498 -0
  329. hermes_katana-3.0.0/src/hermes_katana/taint/labels.py +348 -0
  330. hermes_katana-3.0.0/src/hermes_katana/taint/registrar.py +232 -0
  331. hermes_katana-3.0.0/src/hermes_katana/taint/tracker.py +482 -0
  332. hermes_katana-3.0.0/src/hermes_katana/taint/value.py +1590 -0
  333. hermes_katana-3.0.0/src/hermes_katana/vault/__init__.py +29 -0
  334. hermes_katana-3.0.0/src/hermes_katana/vault/access_log.py +285 -0
  335. hermes_katana-3.0.0/src/hermes_katana/vault/expiry.py +240 -0
  336. hermes_katana-3.0.0/src/hermes_katana/vault/honey_tokens.py +690 -0
  337. hermes_katana-3.0.0/src/hermes_katana/vault/migrate.py +479 -0
  338. hermes_katana-3.0.0/src/hermes_katana/vault/store.py +949 -0
  339. hermes_katana-3.0.0/tests/__init__.py +0 -0
  340. hermes_katana-3.0.0/tests/bench/__init__.py +1 -0
  341. hermes_katana-3.0.0/tests/bench/benchmark_scanners.py +1598 -0
  342. hermes_katana-3.0.0/tests/conftest.py +144 -0
  343. hermes_katana-3.0.0/tests/differential/__init__.py +1 -0
  344. hermes_katana-3.0.0/tests/differential/test_vs_open_scanners.py +239 -0
  345. hermes_katana-3.0.0/tests/e2e/__init__.py +1 -0
  346. hermes_katana-3.0.0/tests/e2e/test_multiturn_attacks.py +194 -0
  347. hermes_katana-3.0.0/tests/e2e/test_sandbox_agent_loop.py +223 -0
  348. hermes_katana-3.0.0/tests/eval/__init__.py +1 -0
  349. hermes_katana-3.0.0/tests/eval/_control.py +126 -0
  350. hermes_katana-3.0.0/tests/eval/binary_test_cases.py +548 -0
  351. hermes_katana-3.0.0/tests/eval/conftest.py +128 -0
  352. hermes_katana-3.0.0/tests/eval/external_benchmarks/__init__.py +1 -0
  353. hermes_katana-3.0.0/tests/eval/external_benchmarks/conftest.py +79 -0
  354. hermes_katana-3.0.0/tests/eval/external_benchmarks/loader.py +201 -0
  355. hermes_katana-3.0.0/tests/eval/external_benchmarks/runner.py +200 -0
  356. hermes_katana-3.0.0/tests/eval/external_benchmarks/test_jailbreakbench.py +128 -0
  357. hermes_katana-3.0.0/tests/eval/run_binary_eval.py +363 -0
  358. hermes_katana-3.0.0/tests/eval/run_eval.py +360 -0
  359. hermes_katana-3.0.0/tests/eval/scanner_runner.py +376 -0
  360. hermes_katana-3.0.0/tests/eval/test_coverage.py +176 -0
  361. hermes_katana-3.0.0/tests/eval/test_coverage_by_category.py +44 -0
  362. hermes_katana-3.0.0/tests/eval/test_multimodal_coverage.py +672 -0
  363. hermes_katana-3.0.0/tests/eval/test_precision_recall.py +88 -0
  364. hermes_katana-3.0.0/tests/eval/test_scabbard_coverage.py +229 -0
  365. hermes_katana-3.0.0/tests/fixtures/hermes_compat/fixtures.json +40 -0
  366. hermes_katana-3.0.0/tests/fixtures/hermes_compat/hermes-current-snapshot/MANIFEST.json +34 -0
  367. hermes_katana-3.0.0/tests/fixtures/hermes_compat/hermes-current-snapshot/gateway/platforms/base.py +1578 -0
  368. hermes_katana-3.0.0/tests/fixtures/hermes_compat/hermes-current-snapshot/gateway/run.py +7082 -0
  369. hermes_katana-3.0.0/tests/fixtures/hermes_compat/hermes-current-snapshot/hermes_cli/__init__.py +15 -0
  370. hermes_katana-3.0.0/tests/fixtures/hermes_compat/hermes-current-snapshot/hermes_cli/banner.py +463 -0
  371. hermes_katana-3.0.0/tests/fixtures/hermes_compat/hermes-current-snapshot/pyproject.toml +115 -0
  372. hermes_katana-3.0.0/tests/fixtures/hermes_compat/hermes-current-snapshot/tools/environments/docker.py +596 -0
  373. hermes_katana-3.0.0/tests/fixtures/hermes_compat/hermes-current-snapshot/tools/registry.py +275 -0
  374. hermes_katana-3.0.0/tests/fixtures/hermes_compat/hermes-current-snapshot/tools/terminal_tool.py +1559 -0
  375. hermes_katana-3.0.0/tests/fixtures/hermes_compat/hermes-v0.1.0-core-snapshot/hermes/__init__.py +1 -0
  376. hermes_katana-3.0.0/tests/fixtures/hermes_compat/hermes-v0.1.0-core-snapshot/hermes/tools/dispatch.py +12 -0
  377. hermes_katana-3.0.0/tests/fixtures/hermes_compat/hermes-v0.1.0-core-snapshot/hermes/tools/terminal.py +8 -0
  378. hermes_katana-3.0.0/tests/fixtures/hermes_compat/hermes-v0.1.0-core-snapshot/pyproject.toml +3 -0
  379. hermes_katana-3.0.0/tests/fixtures/hermes_compat/hermes-v0.1.0-extended-snapshot/hermes/__init__.py +1 -0
  380. hermes_katana-3.0.0/tests/fixtures/hermes_compat/hermes-v0.1.0-extended-snapshot/hermes/gateway/handler.py +6 -0
  381. hermes_katana-3.0.0/tests/fixtures/hermes_compat/hermes-v0.1.0-extended-snapshot/hermes/tools/dispatch.py +12 -0
  382. hermes_katana-3.0.0/tests/fixtures/hermes_compat/hermes-v0.1.0-extended-snapshot/hermes/tools/docker_tool.py +5 -0
  383. hermes_katana-3.0.0/tests/fixtures/hermes_compat/hermes-v0.1.0-extended-snapshot/hermes/tools/terminal.py +8 -0
  384. hermes_katana-3.0.0/tests/fixtures/hermes_compat/hermes-v0.1.0-extended-snapshot/hermes/ui/banner.py +12 -0
  385. hermes_katana-3.0.0/tests/fixtures/hermes_compat/hermes-v0.1.0-extended-snapshot/pyproject.toml +3 -0
  386. hermes_katana-3.0.0/tests/fuzz/__init__.py +1 -0
  387. hermes_katana-3.0.0/tests/fuzz/test_scanner_fuzz.py +466 -0
  388. hermes_katana-3.0.0/tests/hermes_compat.py +41 -0
  389. hermes_katana-3.0.0/tests/integration/__init__.py +0 -0
  390. hermes_katana-3.0.0/tests/integration/test_adversarial_eval_pack.py +138 -0
  391. hermes_katana-3.0.0/tests/integration/test_cli_flow.py +268 -0
  392. hermes_katana-3.0.0/tests/integration/test_flow.py +215 -0
  393. hermes_katana-3.0.0/tests/integration/test_middleware_chain.py +369 -0
  394. hermes_katana-3.0.0/tests/integration/test_new_scanners_e2e.py +391 -0
  395. hermes_katana-3.0.0/tests/integration/test_scabbard_middleware.py +371 -0
  396. hermes_katana-3.0.0/tests/integration/test_scabbard_secondary_middleware.py +125 -0
  397. hermes_katana-3.0.0/tests/property/__init__.py +1 -0
  398. hermes_katana-3.0.0/tests/property/test_taint_properties.py +347 -0
  399. hermes_katana-3.0.0/tests/proving_ground/parsers/__init__.py +0 -0
  400. hermes_katana-3.0.0/tests/proving_ground/parsers/fixtures/README.md +19 -0
  401. hermes_katana-3.0.0/tests/proving_ground/parsers/fixtures/codex_cli/text_only_response.txt +1 -0
  402. hermes_katana-3.0.0/tests/proving_ground/parsers/fixtures/codex_cli/tool_with_reasoning_preamble.txt +7 -0
  403. hermes_katana-3.0.0/tests/proving_ground/parsers/fixtures/gemini_cli/empty_response.txt +1 -0
  404. hermes_katana-3.0.0/tests/proving_ground/parsers/fixtures/gemini_cli/model_garbage_2_5_flash.txt +2 -0
  405. hermes_katana-3.0.0/tests/proving_ground/parsers/fixtures/hermes_cli/ok_with_tool_calls.txt +3 -0
  406. hermes_katana-3.0.0/tests/proving_ground/parsers/fixtures/hermes_cli/or_arcee_spark_empty.txt +1 -0
  407. hermes_katana-3.0.0/tests/proving_ground/parsers/fixtures/hermes_cli/or_deepseek_v3_free_empty.txt +1 -0
  408. hermes_katana-3.0.0/tests/proving_ground/parsers/test_agent_parsers.py +182 -0
  409. hermes_katana-3.0.0/tests/proving_ground/test_agent_cli_runner.py +604 -0
  410. hermes_katana-3.0.0/tests/proving_ground/test_audit_fixes.py +355 -0
  411. hermes_katana-3.0.0/tests/proving_ground/test_fleet_audit_regressions.py +74 -0
  412. hermes_katana-3.0.0/tests/proving_ground/test_hermes_session_parser.py +71 -0
  413. hermes_katana-3.0.0/tests/proving_ground/test_load_shard.py +84 -0
  414. hermes_katana-3.0.0/tests/proving_ground/test_n_repeats.py +95 -0
  415. hermes_katana-3.0.0/tests/proving_ground/test_scientific_design_tools.py +166 -0
  416. hermes_katana-3.0.0/tests/proving_ground/test_scientific_followup_features.py +195 -0
  417. hermes_katana-3.0.0/tests/scabbard/__init__.py +1 -0
  418. hermes_katana-3.0.0/tests/scabbard/test_centroids.py +46 -0
  419. hermes_katana-3.0.0/tests/scabbard/test_embedder.py +77 -0
  420. hermes_katana-3.0.0/tests/scabbard/test_fusion.py +40 -0
  421. hermes_katana-3.0.0/tests/scabbard/test_pipeline.py +72 -0
  422. hermes_katana-3.0.0/tests/scabbard/test_plugin_integration.py +149 -0
  423. hermes_katana-3.0.0/tests/smoke/evasion_gate.py +93 -0
  424. hermes_katana-3.0.0/tests/smoke/false_positive_gate.py +55 -0
  425. hermes_katana-3.0.0/tests/test_addon_script.py +154 -0
  426. hermes_katana-3.0.0/tests/test_codec_evasion.py +256 -0
  427. hermes_katana-3.0.0/tests/test_hardening.py +358 -0
  428. hermes_katana-3.0.0/tests/test_policy_fixes.py +223 -0
  429. hermes_katana-3.0.0/tests/test_proxy_addon.py +513 -0
  430. hermes_katana-3.0.0/tests/test_proxy_injector.py +233 -0
  431. hermes_katana-3.0.0/tests/test_proxy_scanning.py +409 -0
  432. hermes_katana-3.0.0/tests/test_taint_laundering.py +512 -0
  433. hermes_katana-3.0.0/tests/test_vault_migrate.py +334 -0
  434. hermes_katana-3.0.0/tests/test_vault_safety.py +199 -0
  435. hermes_katana-3.0.0/tests/test_yaml_loader.py +392 -0
  436. hermes_katana-3.0.0/tests/test_yaml_loader_coverage.py +474 -0
  437. hermes_katana-3.0.0/tests/unit/__init__.py +0 -0
  438. hermes_katana-3.0.0/tests/unit/test_access_log.py +127 -0
  439. hermes_katana-3.0.0/tests/unit/test_aho_scanner.py +276 -0
  440. hermes_katana-3.0.0/tests/unit/test_allowlist.py +438 -0
  441. hermes_katana-3.0.0/tests/unit/test_artifacts.py +124 -0
  442. hermes_katana-3.0.0/tests/unit/test_ascii_art.py +339 -0
  443. hermes_katana-3.0.0/tests/unit/test_audit.py +241 -0
  444. hermes_katana-3.0.0/tests/unit/test_audit_chain_integrity.py +44 -0
  445. hermes_katana-3.0.0/tests/unit/test_audit_findings_followup.py +252 -0
  446. hermes_katana-3.0.0/tests/unit/test_batch3_production_profiles.py +219 -0
  447. hermes_katana-3.0.0/tests/unit/test_behavioral.py +275 -0
  448. hermes_katana-3.0.0/tests/unit/test_benchmark.py +625 -0
  449. hermes_katana-3.0.0/tests/unit/test_bloom_comprehensive.py +201 -0
  450. hermes_katana-3.0.0/tests/unit/test_bloom_filter.py +146 -0
  451. hermes_katana-3.0.0/tests/unit/test_bonsai_judge.py +260 -0
  452. hermes_katana-3.0.0/tests/unit/test_bootstrap.py +193 -0
  453. hermes_katana-3.0.0/tests/unit/test_cascade.py +439 -0
  454. hermes_katana-3.0.0/tests/unit/test_classifier_timeout.py +88 -0
  455. hermes_katana-3.0.0/tests/unit/test_cli.py +786 -0
  456. hermes_katana-3.0.0/tests/unit/test_commands_tier1.py +324 -0
  457. hermes_katana-3.0.0/tests/unit/test_compat_snapshots.py +270 -0
  458. hermes_katana-3.0.0/tests/unit/test_compositional.py +520 -0
  459. hermes_katana-3.0.0/tests/unit/test_concurrency.py +376 -0
  460. hermes_katana-3.0.0/tests/unit/test_consensus_judge.py +636 -0
  461. hermes_katana-3.0.0/tests/unit/test_content_harm.py +719 -0
  462. hermes_katana-3.0.0/tests/unit/test_context_analyzer.py +352 -0
  463. hermes_katana-3.0.0/tests/unit/test_css_deobfuscator.py +136 -0
  464. hermes_katana-3.0.0/tests/unit/test_deberta_classifier.py +367 -0
  465. hermes_katana-3.0.0/tests/unit/test_decoder.py +453 -0
  466. hermes_katana-3.0.0/tests/unit/test_ensemble.py +265 -0
  467. hermes_katana-3.0.0/tests/unit/test_eval_controls.py +122 -0
  468. hermes_katana-3.0.0/tests/unit/test_exceptions.py +126 -0
  469. hermes_katana-3.0.0/tests/unit/test_expiry.py +105 -0
  470. hermes_katana-3.0.0/tests/unit/test_fast_patterns.py +475 -0
  471. hermes_katana-3.0.0/tests/unit/test_hermes_plugin.py +526 -0
  472. hermes_katana-3.0.0/tests/unit/test_honey_tokens.py +360 -0
  473. hermes_katana-3.0.0/tests/unit/test_html_diff.py +344 -0
  474. hermes_katana-3.0.0/tests/unit/test_image_injection.py +595 -0
  475. hermes_katana-3.0.0/tests/unit/test_installer.py +339 -0
  476. hermes_katana-3.0.0/tests/unit/test_installer_patch_fail_closed.py +187 -0
  477. hermes_katana-3.0.0/tests/unit/test_jbb_loader.py +223 -0
  478. hermes_katana-3.0.0/tests/unit/test_katana_model_profiles.py +48 -0
  479. hermes_katana-3.0.0/tests/unit/test_katana_v11_classifier.py +189 -0
  480. hermes_katana-3.0.0/tests/unit/test_markdown_audit.py +100 -0
  481. hermes_katana-3.0.0/tests/unit/test_mcp_scanner.py +84 -0
  482. hermes_katana-3.0.0/tests/unit/test_metrics.py +143 -0
  483. hermes_katana-3.0.0/tests/unit/test_metrics_middleware.py +113 -0
  484. hermes_katana-3.0.0/tests/unit/test_middleware.py +389 -0
  485. hermes_katana-3.0.0/tests/unit/test_ml_artifact_safety.py +133 -0
  486. hermes_katana-3.0.0/tests/unit/test_multilingual.py +1452 -0
  487. hermes_katana-3.0.0/tests/unit/test_multimodal.py +535 -0
  488. hermes_katana-3.0.0/tests/unit/test_multimodal_release_hardening.py +190 -0
  489. hermes_katana-3.0.0/tests/unit/test_multiturn.py +465 -0
  490. hermes_katana-3.0.0/tests/unit/test_origin_handling.py +131 -0
  491. hermes_katana-3.0.0/tests/unit/test_patches.py +117 -0
  492. hermes_katana-3.0.0/tests/unit/test_paths.py +324 -0
  493. hermes_katana-3.0.0/tests/unit/test_pdf_js_scanner.py +325 -0
  494. hermes_katana-3.0.0/tests/unit/test_pdf_layers.py +126 -0
  495. hermes_katana-3.0.0/tests/unit/test_persona_detector.py +392 -0
  496. hermes_katana-3.0.0/tests/unit/test_policy.py +222 -0
  497. hermes_katana-3.0.0/tests/unit/test_policy_cache_isolation.py +292 -0
  498. hermes_katana-3.0.0/tests/unit/test_policy_cache_locking.py +79 -0
  499. hermes_katana-3.0.0/tests/unit/test_policy_source_of_truth.py +118 -0
  500. hermes_katana-3.0.0/tests/unit/test_prompt_leak.py +295 -0
  501. hermes_katana-3.0.0/tests/unit/test_property_based.py +125 -0
  502. hermes_katana-3.0.0/tests/unit/test_protectai_gate.py +341 -0
  503. hermes_katana-3.0.0/tests/unit/test_proxy_addon.py +422 -0
  504. hermes_katana-3.0.0/tests/unit/test_proxy_addon_script.py +118 -0
  505. hermes_katana-3.0.0/tests/unit/test_proxy_header_scanning.py +266 -0
  506. hermes_katana-3.0.0/tests/unit/test_proxy_injector.py +207 -0
  507. hermes_katana-3.0.0/tests/unit/test_proxy_runner.py +157 -0
  508. hermes_katana-3.0.0/tests/unit/test_proxy_size_gates.py +138 -0
  509. hermes_katana-3.0.0/tests/unit/test_rag_injection.py +473 -0
  510. hermes_katana-3.0.0/tests/unit/test_registrar.py +173 -0
  511. hermes_katana-3.0.0/tests/unit/test_retrieval.py +416 -0
  512. hermes_katana-3.0.0/tests/unit/test_runtime_artifacts.py +74 -0
  513. hermes_katana-3.0.0/tests/unit/test_runtime_config_safety.py +54 -0
  514. hermes_katana-3.0.0/tests/unit/test_scabbard_feature_extractor.py +373 -0
  515. hermes_katana-3.0.0/tests/unit/test_scabbard_fusion.py +611 -0
  516. hermes_katana-3.0.0/tests/unit/test_scabbard_normalizer.py +462 -0
  517. hermes_katana-3.0.0/tests/unit/test_scabbard_pipeline.py +646 -0
  518. hermes_katana-3.0.0/tests/unit/test_scabbard_routing.py +202 -0
  519. hermes_katana-3.0.0/tests/unit/test_scan_input_decoder_integration.py +43 -0
  520. hermes_katana-3.0.0/tests/unit/test_scanner.py +540 -0
  521. hermes_katana-3.0.0/tests/unit/test_scanner_fail_closed.py +145 -0
  522. hermes_katana-3.0.0/tests/unit/test_semantic_recall.py +205 -0
  523. hermes_katana-3.0.0/tests/unit/test_shadow_classifier.py +168 -0
  524. hermes_katana-3.0.0/tests/unit/test_stego_scanner.py +579 -0
  525. hermes_katana-3.0.0/tests/unit/test_structural.py +239 -0
  526. hermes_katana-3.0.0/tests/unit/test_structural_comprehensive.py +301 -0
  527. hermes_katana-3.0.0/tests/unit/test_svg_sanitizer.py +276 -0
  528. hermes_katana-3.0.0/tests/unit/test_taint.py +531 -0
  529. hermes_katana-3.0.0/tests/unit/test_unicode_spoof.py +384 -0
  530. hermes_katana-3.0.0/tests/unit/test_vault.py +198 -0
  531. hermes_katana-3.0.0/tests/unit/test_vault_memory_safety.py +114 -0
  532. hermes_katana-3.0.0/tests/unit/test_vault_migrate.py +396 -0
  533. hermes_katana-3.0.0/tests/unit/test_verify_scanner_change_script.py +106 -0
  534. hermes_katana-3.0.0/tests/unit/test_version_source.py +36 -0
hermes_katana-3.0.0/.gitignore ADDED
@@ -0,0 +1,130 @@
1
+ # Python bytecode
2
+ __pycache__/
3
+ *.py[cod]
4
+ *$py.class
5
+
6
+ # Distribution / packaging
7
+ *.egg-info/
8
+ *.egg
9
+ dist/
10
+ build/
11
+ .eggs/
12
+
13
+ # Virtual environments
14
+ .venv/
15
+ venv/
16
+
17
+ # Testing
18
+ .pytest_cache/
19
+ .pytest_tmp/
20
+ .hypothesis/
21
+ .coverage
22
+ coverage.xml
23
+ htmlcov/
24
+
25
+ # Tools
26
+ .ruff_cache/
27
+ .mypy_cache/
28
+
29
+ # IDE
30
+ .vscode/
31
+ .idea/
32
+
33
+ # Runtime config
34
+ .hermes-katana/
35
+
36
+ # OS
37
+ .DS_Store
38
+ Thumbs.db
39
+
40
+ # Task/plan files
41
+ .task-*.md
42
+ .handoff-*.md
43
+ .recon-*.md
44
+ .plan-*.md
45
+ HANDOFF.md
46
+ HANDOFF-*.md
47
+ .research-*.md
48
+ .results-*.md
49
+ .review-*.md
50
+ REPORT.md
51
+ V3-ACTION-PLAN.md
52
+ V3-COVERAGE-REPORT.md
53
+ .hermes/
54
+
55
+ # One-off audit working directory: built sdist/wheel under .audit/dist,
56
+ # pytest logs, isolated HOME, sweep helper scripts. Re-created each time
57
+ # an audit is run; the human-facing record lives in AUDIT_REPORT.md.
58
+ .audit/
59
+
60
+ # Misc
61
+ .tmp/
62
+ *.lock
63
+ .smux-board.json
64
+
65
+ # Test artefacts (Workstream B — defensive testing expansion)
66
+ tests/fuzz/_bypass_report.txt
67
+ research/differential-*.json
68
+
69
+ # Private security research — do not publish. Keep this anchored so package
70
+ # modules such as src/hermes_katana/proving_ground/research/ remain trackable.
71
+ /research/
72
+ .hypothesis/
73
+ tests/fuzz/_bypass_report.txt
74
+ .task-*.md
75
+ research/wild-attacks-2026-04-05/sources/
76
+ honeypot/
77
+ .env
78
+ .env.*
79
+ auth.json
80
+ docker/**/auth.json
81
+
82
+ # Vast.ai ephemeral
83
+ training/.vastai_*
84
+
85
+ # Large model / data artifacts — mirrored to T7 SSD / Drive, not Git
86
+ training/checkpoints/
87
+ training/models/
88
+ training/data/
89
+ training/data_v*/
90
+ training/data_v5_1/
91
+ training/data_v5_1_public/
92
+ training/data_v6/
93
+ training/data_v7/
94
+ training/data_v8/
95
+ training/models/deberta_v3_small_katana_v8*/
96
+ training/models/zvec_v8*/
97
+ training/models/v8*/
98
+ training/models/attack_centroids_128d_v8*.json
99
+ training/models/attack_centroids_128d_v8*.npz
100
+ training/pkgs/
101
+
102
+ # Eval outputs (generated). Benchmark definitions under evals/benchmarks/
103
+ # (build.py, LEADERBOARD.md, locked test.jsonl) stay tracked.
104
+ results/
105
+
106
+ # Stray archives (checkpoint backups)
107
+ training/*.tar
108
+ training/*.zip
109
+ training/checkpoints/*.tar
110
+ training/checkpoints/*.zip
111
+
112
+ # Model/artifact blobs belong on Hugging Face, not GitHub
113
+ *.onnx
114
+ *.safetensors
115
+ *.pt
116
+ *.pth
117
+ *.pkl
118
+ *.joblib
119
+ artifact-cache/
120
+
121
+ # Proving Ground runtime outputs/corpora
122
+ sessions/
123
+ batch/
124
+ shards/
125
+ synthdata/incoming/
126
+ synthdata/checkpoints/
127
+ *.db
128
+ *.sqlite
129
+ *.sqlite3
130
+ *.log
hermes_katana-3.0.0/.gitleaks.toml ADDED
@@ -0,0 +1,13 @@
1
+ [allowlist]
2
+ description = "Intentional fake secrets used by scanner tests, examples, and canary fixtures."
3
+ regexes = [
4
+ '''sk-live-abc123secretkey''',
5
+ '''AKIAIOSFODNN7EXAMPLE''',
6
+ '''AKIA1234567890ABCDEF''',
7
+ '''ghp_abc123def456ghi789''',
8
+ '''sk-ant-demo-1234567890abcdef''',
9
+ '''sk-kproof-9f3a2b1c4d5e6f7a8b9c0d1e2f3a4b5c6d7e8f9a''',
10
+ '''AKIAKPROOFCANARY123456''',
11
+ '''ghp_1234567890ABCDEFghijklmnopqrstuvwxyz12''',
12
+ '''MIIEowIBAAK''',
13
+ ]
hermes_katana-3.0.0/CHANGELOG.md ADDED
@@ -0,0 +1,64 @@
1
+ # Changelog
2
+
3
+ All notable changes to HermesKatana will be documented in this file.
4
+
5
+ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
6
+ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7
+
8
+ ## [Unreleased]
9
+
10
+ ### Added
11
+ - GitHub Pages static manual at `docs/index.html`.
12
+ - Generated policy documentation check via `scripts/generate_policy_assets.py`.
13
+
14
+ ### Changed
15
+ - Built-in policy YAML files are now the source of truth for runtime defaults and README preset documentation.
16
+ - The strict built-in policy preset is now named `max`; users with older configs should reinstall or upgrade and run `katana policy use max`.
17
+ - Proving Ground helper entry points now use packaged module paths instead of repository-root compatibility shims.
18
+
19
+ ### Removed
20
+ - Legacy root compatibility shims and duplicated Proving Ground research trees from the public repository root.
21
+ - Stale machine-specific Proving Ground runbooks that referenced private fleet specs.
22
+
23
+ ## [3.0.0] - 2026-05-19
24
+
25
+ ### Added
26
+ - V3 production middleware profiles: `fast_cpu`, `balanced`, and `max`.
27
+ - Fast CPU Scabbard profile using the distilled v15 MiniLM ONNX runtime with route-aware scanning defaults.
28
+ - Readiness and latency diagnostics in Katana plugin status output.
29
+ - Scanner-change release gate covering ruff, false-positive smoke, evasion, and adversarial integration checks.
30
+ - `katana artifacts` registry and guided setup for the default MiniLM ONNX artifact and optional large local model.
31
+ - Three regression tests in `tests/unit/test_scabbard_pipeline.py` pinning the threshold defaults so accidental reverts fail loudly.
32
+
33
+ ### Changed
34
+ - **`ScabbardConfig.block_threshold` default lowered from 0.7 to 0.5** (also reflected in `production()` and `katana_v14()` factories). Selected via principled sweep over `confirmed_only_v1` + `hard_negatives.jsonl` + `splits/test.jsonl`; new threshold catches +12 attacks per 1000 on confirmed_only_v1 vs 0.7, with hard-negatives FPR unchanged at 0.10%. The threshold is argmax-equivalent (matches the eval script's reporting) and recovers the one live-test miss observed at confidence 0.5031 in the 2026-05-08 codex+minimax bare/katana run. `katana_v11()` factory keeps 0.7 for v1.0 reproducibility.
35
+ - `live_test_v14_attacks.py` now takes `--block-threshold` and `--allow-threshold` arguments (default 0.5/0.3) and records them in `metrics.json` for replay.
36
+ - `ScabbardConfig.katana_v15_minilm()` now resolves ONNX artifacts through `KATANA_MINILM_ONNX_DIR` or the artifact cache instead of `training/checkpoints`.
37
+ - Release metadata now reports `3.0.0` across package, CLI, installer marker, plugin metadata, README, and operations docs.
38
+
39
+ ### Fixed
40
+ - Codec-taint propagation now survives base64, hex, and JSON round trips.
41
+ - Batch 1 scanner gates now include decoder findings and fail closed on semantic recall backend errors.
42
+ - Removed the broken top-level `validators` shim that imported a nonexistent module.
43
+
44
+ ### Removed
45
+ - Research PDFs and private release debris from the public release branch.
46
+
47
+ ## [2.0.0] - 2026-04-04
48
+
49
+ ### Added
50
+ - CaMeL-inspired taint tracking with character-level provenance
51
+ - Information flow control with configurable source/sink policies
52
+ - Injection scanner with 30+ heuristic patterns and encoding detection
53
+ - Secret scanner with 15+ patterns (API keys, tokens, private keys)
54
+ - Command scanner with 40+ dangerous command patterns
55
+ - Content scanner (ANSI injection, homograph URLs, markdown attacks)
56
+ - Unicode scanner (bidi overrides, zero-width chars, homoglyphs)
57
+ - Declarative policy engine with YAML configuration and three presets
58
+ - Middleware chain architecture with priority-ordered processing
59
+ - AES-256-GCM encrypted vault with OS keyring integration
60
+ - SHA-256 hash-chained audit trail with tamper detection
61
+ - mitmproxy-based HTTPS proxy with secret scrubbing
62
+ - `katana` CLI with doctor, scan, policy, vault, audit, and proxy commands
63
+ - Hermes agent installer with dry-run and backup support
64
+ - 1214 tests with property-based testing via Hypothesis
hermes_katana-3.0.0/CONTRIBUTING.md ADDED
@@ -0,0 +1,57 @@
1
+ # Contributing to HermesKatana
2
+
3
+ Thank you for your interest in contributing to HermesKatana!
4
+
5
+ ## Getting Started
6
+
7
+ ```bash
8
+ git clone https://github.com/claudlos/hermes-katana.git
9
+ cd hermes-katana
10
+ pip install -e ".[dev]"
11
+ pytest tests/ -q # verify everything passes
12
+ ```
13
+
14
+ ## Development Workflow
15
+
16
+ 1. Fork the repository and create a feature branch from `master`.
17
+ 2. Make your changes with tests.
18
+ 3. Run the test suite: `pytest tests/ -q`
19
+ 4. Run the linter: `ruff check src/ tests/`
20
+ 5. Run the formatter: `ruff format src/ tests/`
21
+ 6. For scanner, policy, routing, or security-threshold changes, run: `scripts/verify_scanner_change.sh`
22
+ 7. Before release, run: `scripts/release_gate.sh`
23
+ 8. Submit a pull request.
24
+
25
+ ## Code Style
26
+
27
+ - Python 3.10+ with type annotations
28
+ - Line length: 120 characters
29
+ - Formatting: `ruff format`
30
+ - Linting: `ruff check`
31
+ - All public APIs need docstrings
32
+
33
+ ## Testing
34
+
35
+ - Tests live in `tests/` mirroring the `src/` structure
36
+ - Use `pytest` with the fixtures in `tests/conftest.py`
37
+ - Aim for high coverage on security-critical paths (scanners, taint, policy)
38
+ - Property-based tests use `hypothesis`
39
+
40
+ ## What to Contribute
41
+
42
+ - New scanner patterns for emerging attack techniques
43
+ - Policy engine enhancements
44
+ - Documentation improvements
45
+ - Bug fixes with regression tests
46
+ - Performance improvements with benchmarks
47
+
48
+ ## Pull Request Guidelines
49
+
50
+ - Keep PRs focused on a single change
51
+ - Include tests for new functionality
52
+ - Update documentation if behavior changes
53
+ - Reference any related issues
54
+
55
+ ## License
56
+
57
+ By contributing, you agree that your contributions will be licensed under the MIT License.
hermes_katana-3.0.0/LICENSE ADDED
@@ -0,0 +1,21 @@
1
+ MIT License
2
+
3
+ Copyright (c) 2026 Hermes Katana contributors
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in all
13
+ copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21
+ SOFTWARE.