hermes - 💡(How to fix) Fix Add plain-English semantic reasons to permission prompts

Feature request

When Hermes asks a user to approve a permission-gated action, the agent should provide a semantically relevant plain-English “why” reason in the chat before or alongside the approval request.

This is especially important for destructive, irreversible, public-write, credential, or privacy-sensitive actions. A raw command or generic approval prompt is not enough context for a normal user to make a good decision.

Motivation

Users being asked to grant permissions should understand the operational reason, not just the command. For example, instead of only asking to approve rm /some/path, Hermes should explain:

• what the file/resource is;
• why it is stale, wrong, dangerous, or necessary to change;
• what exact path/scope will be touched;
• what will not be touched;
• what safety check was already performed;
• what happens if the user denies the action.

I tried to force this behavior locally with skills and preferences. The agent still regressed repeatedly — six times across two days — and wasted significant user time and tokens. That suggests this should be supported by the permission/approval UX itself, not left entirely to prompt/skill compliance.

Proposed behavior

Add an approval UX path that supports higher-effort, semantically relevant reasons generated by the agent and visible in chat before the user approves.

Possible implementation shape:

1. Before invoking an approval-gated tool call, require or strongly encourage an approval_reason / why field in the tool-call metadata or command approval request.
2. Render that reason in the user-facing chat/approval UI in plain English.
3. For high-risk actions, require a minimum structured explanation, such as:
   • Why this action is needed
   • Exact scope/path/resource
   • What will not be touched
   • Safety/rollback plan or verification already done
4. Offer users a config option for explanation level, e.g.:
   • minimal: current concise approval prompt
   • standard: one-sentence semantic reason
   • high: fuller plain-English reason with scope/safety bullets
5. If the reason is missing or generic for high-risk actions, either block the approval request or ask the agent to restate it before showing the permission prompt.

Example

Bad:

Approve command: rm /Users/me/.hermes/continuous-improvement/regressions.md

Better:

I need permission to delete this stale duplicate regression log because it was created in the wrong non-canonical location. The canonical copy already exists inside the continuous-improvement skill and has newer entries. This will only remove the stale loose file; it will not touch the canonical skill support file. If denied, I will leave the stale file in place and not claim cleanup is complete.

Acceptance criteria

• Approval-gated actions can carry a user-visible semantic reason.
• Users can opt into higher-effort plain-English explanations for permission prompts.
• High-risk actions have structured scope/safety context, not only command text.
• The approval UI/chat transcript preserves the reason so future sessions can understand why the user approved or denied the action.
• Existing minimal approval behavior remains available for users who prefer speed.

User impact

This reduces accidental approvals/denials, prevents repeated clarification loops, and makes Hermes safer for non-developer users who should not have to infer intent from shell commands or raw tool prompts.