From 3549fca9959c2ea12be2359ada625f315681f28e Mon Sep 17 00:00:00 2001
From: tuanaiseo <tuanaiseo@gmail.com>
Date: Sun, 17 May 2026 06:03:52 +0700
Subject: [PATCH] fix(security): environment variable token fallback in request
 res

In agent/core/hf_tokens.py, the resolve_hf_request_token function has include_env_fallback=True by default. This means server-side HF_TOKEN environment variable can be used as a fallback when no user token is provided. If HF_TOKEN is set to a production token, it could be inadvertently used in contexts where only user tokens should apply.

Affected files: hf_tokens.py

Signed-off-by: tuanaiseo <221258316+tuanaiseo@users.noreply.github.com>
---
 agent/core/hf_tokens.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/agent/core/hf_tokens.py b/agent/core/hf_tokens.py
index 3e72ccc1..e2e48b68 100644
--- a/agent/core/hf_tokens.py
+++ b/agent/core/hf_tokens.py
@@ -66,7 +66,7 @@ def bearer_token_from_header(auth_header: str | None) -> str | None:
 def resolve_hf_request_token(
     request: Any,
     *,
-    include_env_fallback: bool = True,
+    include_env_fallback: bool = False,
 ) -> str | None:
     """Resolve a user token from a FastAPI request.