Hermes BibleUnofficial Docs
← All docs Docs / Using Hermes

Security

Hermes Agent is designed with a defense in depth security model. This page covers every security boundary — from command approval to container isolation to user

Using Hermes
Section
Using Hermes
Source
hermesbible.com/docs/user-guide/security

Hermes Agent is designed with a defense in depth security model. This page covers every security boundary — from command approval to container isolation to user

Excerpt from the official Hermes Agent documentation, quoted for reference. View source

What this page covers

Section outline mirrored from the official Hermes Agent documentation. Follow any heading to read the complete text on the source site.

Upstream outline

  1. Overview
  2. Dangerous Command Approval
  3. Approval Modes
  4. YOLO Mode
  5. Hardline Blocklist (Always-On Floor)
  6. Approval Timeout
  7. What Triggers Approval
  8. Approval Flow (CLI)
  9. Approval Flow (Gateway/Messaging)
  10. Permanent Allowlist
  11. User Authorization (Gateway)
  12. Authorization Check Order
  13. Platform Allowlists
  14. DM Pairing System

Section map

Overview

Maps overview to the Using Hermes documentation path, with the source page reserved for exact commands and updates.

Dangerous Command Approval

Maps dangerous command approval to the Using Hermes documentation path, with the source page reserved for exact commands and updates.

Approval Modes

Maps approval modes to the Using Hermes documentation path, with the source page reserved for exact commands and updates.

YOLO Mode

Maps yolo mode to the Using Hermes documentation path, with the source page reserved for exact commands and updates.

Hardline Blocklist (Always-On Floor)

Maps hardline blocklist (always-on floor) to the Using Hermes documentation path, with the source page reserved for exact commands and updates.

Approval Timeout

Maps approval timeout to the Using Hermes documentation path, with the source page reserved for exact commands and updates.

What Triggers Approval

Maps what triggers approval to the Using Hermes documentation path, with the source page reserved for exact commands and updates.

Approval Flow (CLI)

Maps approval flow (cli) to the Using Hermes documentation path, with the source page reserved for exact commands and updates.

Implementation notes

  • Use this Using Hermes doc as a navigation page first: the local clone mirrors the source structure and links each heading back to the authoritative upstream section.
  • Primary decision areas: Overview, Dangerous Command Approval, Approval Modes, YOLO Mode, Hardline Blocklist (Always-On Floor). Read those source anchors before changing installs, credentials, automation, or runtime configuration.
  • Useful search signals for this doc: security, designed, defense, depth, model.. These are derived from the public title and summary so the clone remains lightweight.

Decision table

Best fitUsing Hermes documentation

Use when you need orientation for security before applying exact upstream commands.

Verify firstOverview

Open the source anchor for Overview and confirm platform-specific requirements before changing configuration.

Escalate to sourceCommands, credentials, runtime behavior

Use the upstream page as the authority for current syntax, release changes, and security-sensitive steps.

Verification checklist

  1. Use this page to orient yourself within Using Hermes, then open the linked source page for exact current syntax.
  2. Start with the source section for Overview; do not rely on the local summary for commands or secrets.
  3. Check platform, install method, provider, and credential assumptions before changing a real environment.
  4. Review the source section for Dangerous Command Approval if the page involves setup, automation, messaging, or runtime behavior.
  5. After applying anything from the source, run the smallest relevant smoke test before widening scope.

Risk notes

Automation

Start with a bounded dry run, logs, and a manual stop path before enabling recurring or unattended execution.

External messages

Keep human review before sending public posts, customer messages, trading instructions, or team notifications.

Model spend

Set provider, token, and retry limits before scaling the workflow beyond a single test run.

Runtime access

Check filesystem, shell, browser, repository, and server permissions before granting the agent write access.

What this page covers

  • Core concept and where it fits in the Hermes Agent system.
  • Setup or operating context implied by the upstream page summary.
  • The source page link for full current details and updates.

Source mirror note

This page is generated from the public Hermes Bible index so the clone has the same route coverage and search surface. It stores the public title, category, summary, and source link locally; use the source page for full upstream text and updates.

Open source page