hermes - 💡(How to fix) Fix [Hardening] session_search surfaces stored content to the model without ANSI stripping [1 pull requests]

Summary

tools/session_search_tool.py returns stored message text — content (via _shape_message), the FTS5 snippet, browse preview, and title — verbatim into the tool result the model consumes. None of it passes through strip_ansi.

tools/ansi_strip.py exists precisely to keep ANSI control sequences out of the model's context (its docstring: "prevents ANSI codes from entering the model's context — which is the root cause of models copying escape sequences into file writes") and is applied to terminal_tool / code_execution_tool / process_registry / file reads. Search / browse / scroll results are a parallel path into context that currently bypasses it: a stored message containing real ANSI/OSC control bytes is re-surfaced to the model intact.

Proposed fix

Strip ANSI from the surfaced copy only — the on-disk transcript stays raw (paste-to-analyze is intentional). A small _clean_surfaced_text() helper applying strip_ansi to content / snippet / preview / title at the result-shaping points.

strip_ansi matches only genuine ESC-anchored / C1 sequences, so this is zero-false-positive: ordinary text that merely describes escape codes (documentation, code samples — e.g. a message containing the literal text \x1b]11;…) is left untouched, so search stays useful for exactly those messages.

Scope / notes

• Defensive hardening, consistent with how command/file output is already cleaned.
• Web / x / browser search tools surface external content through the same pattern and could get the same treatment in a follow-up; this covers the internal session search.
• Related title-sink fix: #40103 / #40105.