Issue Station
Sign In
Tools hereToolbox

hermes - ✅(Solved) Fix Docx feedback from @versun (OpenClaw→Hermes migration, Kimi 2.6): browser-over-curl, no skill install-from-URL, cross-language digest mixing, subagent false-success, redact-knob undiscoverable, OpenClaw path residue [4 pull requests, 3 comments, 2 participants]

Official PRs (…)
ON THIS PAGE

Recommended Tools

×6

Utilities matched from this issue’s tags and category — try them while you read without losing context.

GitHub issue graph ai analysis

Paste a GitHub issue URL. We fetch that issue, discover linked issues from bodies/comments/timeline, collect linked pull requests, and produce a structured English report.

The report is written in English Markdown for sharing and archival.

Helpful · Quick feedback

Loading…
GitHub stats
NousResearch/hermes-agent#16328Fetched 2026-04-28 06:53:54
View on GitHub
Comments
3
Participants
2
Timeline
19
Reactions
0
Author
teknium1teknium1
Participants
teknium1teknium1versunversun
Timeline (top)
labeled ×7cross-referenced ×5commented ×3closed ×1

Error Message

User asked for a Chinese digest. Subagents were spawned, did research, returned English summaries. Parent pasted them verbatim into the final output, then wrote the tail section in Chinese. Result: bilingual digest, the opposite of what was requested. tools/delegate_tool.py tool description tells the model to pass "file paths, error messages, constraints" via context but says nothing about language or style preferences. Fix: add a bullet — "pass user language / output-style preferences in context when they differ from English (e.g. 'respond in Chinese')." User used the sharethis-chat skill via delegation. Subagent reported success; page was empty except "test". User asked "are you sure?", Hermes rechecked, found only "test" had been uploaded. delegate_task returns a summary string; parent has zero verification of claimed side-effects. This is a structural property of context-isolated delegation (the feature, not a bug) and fixing it generally is hard — parent would need verification logic for every side-effect type. What we CAN do cheaply: update the delegate_task tool description to warn the calling model — "subagent summaries are self-reports, not verified facts. For operations with external side-effects (HTTP POST/PUT, remote writes, file creation at shared paths), require the subagent to return a verifiable handle (URL, ID, path) and verify it yourself before claiming success to the user." Structural fix (a general side-effect-verification mechanism across arbitrary tools) deferred — not in scope for this batch.

Root Cause

Root cause is broader than redaction: nothing in the system prompt tells the agent "if the user asks about Hermes config/setup/usage, load the hermes-agent skill first." The bundled skills/autonomous-ai-agents/hermes-agent/SKILL.md skill has the right description ("Load this skill when helping users configure Hermes, troubleshoot issues...") — but the Skills-mandatory block is generic, and Kimi 2.6 doesn't think "redaction question → Hermes meta-skill." Two fixes:

  • 4a. Add an explicit line to agent/prompt_builder.py's "Skills (mandatory)" block: "Whenever the user asks to configure, set up, install, enable, disable, modify, or troubleshoot Hermes Agent itself, load the hermes-agent skill first."
  • 4b. The hermes-agent skill itself doesn't currently mention secret redaction, PII redaction, approval/yolo bypass, or other common "how do I turn off this safety thing" toggles. Add a "Security & Privacy Toggles" section covering security.redact_secrets (with the import-time-snapshot restart-required caveat), privacy.redact_pii, approvals.mode (manual/smart/off), --yolo + HERMES_YOLO_MODE, shell hooks allowlist, and how to disable network/media tools entirely. Verify every command against the actual config keys — no invented knobs.

Fix Action

Fix / Workaround

1. browser_navigate used for a plain .md URL; no first-class "install skill from URL" path. User asked Hermes to update a skill from https://sharethis.chat/SKILL.md. Agent called browser_navigate four times before user said "use curl" — then it worked. Two independent fixes:

  • Strengthen the browser_navigate description — the generic "prefer web_search or web_extract" wasn't enough; models kept firing up the browser for plain-text URLs. Call out .md / .txt / .json / .yaml / .csv / .xml / raw.githubusercontent.com / API endpoints as specifically preferring curl or web_extract.
  • hermes skills install accepts hub identifiers only, not arbitrary HTTP URLs, so the agent had to improvise (curlpatchcp). Add a UrlSource adapter to tools/skills_hub.py alongside GitHubSource / WellKnownSkillSource / etc., so hermes skills install https://example.com/SKILL.md and /skills install <url> work as first-class operations. Scope for v1: single-file SKILL.md only; multi-file skills with references/ / scripts/ need a manifest we can't discover from a bare URL.

4. Secret-redaction toggle is undiscoverable to the agent itself — and the larger problem is the system prompt doesn't route Hermes-config questions to the hermes-agent skill. User hit redaction, asked the agent to disable it. Agent suggested workarounds (echo, python3 -c) instead of the real knob: hermes config set security.redact_secrets false. Worse, agent/redact.py line 60 snapshots HERMES_REDACT_SECRETS at import time — so even if the agent tries the env-var route, it silently fails; user must edit ~/.hermes/config.yaml and restart. This is deliberate (it prevents an LLM from turning off redaction mid-session), but the agent has no way to know it.

Deferred:

  • Structural subagent external-side-effect verification (mechanism across arbitrary tools). Tool-description warning in #16325 is the only cheap mitigation worth making now.

PR fix notes

PR #16323: feat(skills): install skills from a direct HTTP(S) URL

Description (problem / solution / changelog)

Summary

hermes skills install <url-to-SKILL.md> and /skills install <url> now work directly — no more agent improvisation with curl + patch + cp.

Why

From @versun's docx feedback (see tracking issue): user asked the agent to update a skill from https://sharethis.chat/SKILL.md. Kimi 2.6 burned 7 iterations calling browser_navigate before switching to curl, then had to glue together curlpatchcp manually. No first-class path existed.

Changes

  • tools/skills_hub.py: new UrlSource adapter (SkillSource subclass). Claims bare http(s)://…/*.md URLs; skips /.well-known/skills/ URLs so WellKnownSkillSource keeps them. Registered in create_source_router between WellKnownSkillSource and GitHubSource so it wins over the GitHub fallback.
  • hermes_cli/main.py: argparse help for hermes skills install mentions the URL option.
  • hermes_cli/skills_hub.py: /skills install usage text + docstring examples updated.
  • tests/tools/test_skills_hub.py: 14 new tests (_matches boundaries, inspect/fetch happy path + error paths + path-traversal rejection) + 2 router tests confirming UrlSource is registered and ordered before GitHubSource.

Design

  • Single-file SKILL.md only for v1. Multi-file skills (with references/, scripts/) need a manifest we can't discover from a bare URL — future work, separate PR.
  • Skill name: YAML frontmatter name: wins; URL-slug fallback (.../my-skill/SKILL.mdmy-skill, .../my-skill.mdmy-skill).
  • Trust level: always community. Full skills_guard security scan still runs — same treatment as every other external source.
  • Identifier stored in lock file is the URL itself, so hermes skills update re-fetches from the same URL automatically (no special-case code needed in check_for_skill_updates).

Validation

BeforeAfter
hermes skills install https://example.com/SKILL.md"Error: Could not fetch from any source"Installs to ~/.hermes/skills/<name>/, scanned, locked
hermes skills updateN/ARe-fetches from stored URL, replaces local copy on content-hash change
Unit tests16/16 new tests pass; 98/98 test_skills_hub.py pass
E2E (local HTTP server)Install + update both round-trip a mutable SKILL.md end-to-end

Ref: tracking issue with all @versun's docx findings (link in issue body).

Changed files

  • hermes_cli/main.py (modified, +7/-1)
  • hermes_cli/skills_hub.py (modified, +170/-6)
  • tests/hermes_cli/test_skills_hub.py (modified, +208/-0)
  • tests/tools/test_skills_hub.py (modified, +217/-0)
  • tools/skills_hub.py (modified, +171/-0)

PR #16325: improve(agent): guidance for plain-text URLs, subagent language/verification, hermes-config routing

Description (problem / solution / changelog)

Summary

Four agent-guidance tweaks addressing recurring model mistakes seen in a user's docx feedback (see tracking issue). Small, surgical — no code behavior change, just description/skill content.

Changes

  • tools/browser_tool.py: browser_navigate description now calls out .md / .txt / .json / .yaml / .csv / .xml / raw.githubusercontent.com / API endpoints as specifically preferring curl or web_extract. The generic "prefer web_search or web_extract" wasn't strong enough — Kimi 2.6 burned 7 iterations on browser_navigate against a plain SKILL.md URL before the user said "use curl."

  • tools/delegate_tool.py: two bullets added to the delegate_task description.

    1. Pass language/output-style preferences in context when they differ from English. Otherwise subagents default to English and their summaries contaminate the final reply (cause of the bilingual Chinese/English digest bug the user reported).
    2. Subagent summaries are self-reports, not verified facts. For operations with external side-effects (HTTP uploads, remote writes, file creation at shared paths), require a verifiable handle (URL, ID, path) and verify it yourself before claiming success. Cause of the "upload succeeded" / page-empty bug the user reported.

  • agent/prompt_builder.py "Skills (mandatory)" block: new line telling the agent to load the hermes-agent skill first whenever the user asks to configure / set up / modify / install / enable / disable / troubleshoot Hermes itself. The generic "load what's relevant" didn't route Hermes-meta questions (like "how do I turn off redaction?") to the one skill with the answer. E2E-verified the hint lands in the built skills block.

  • skills/autonomous-ai-agents/hermes-agent/SKILL.md: new "Security & Privacy Toggles" section covering:

    • security.redact_secrets (with the import-time-snapshot → restart-required caveat, which is what tripped up the user's reported session)
    • privacy.redact_pii
    • approvals.mode (manual / smart / off) + --yolo + HERMES_YOLO_MODE
    • shell hooks allowlist
    • how to disable network/media tools entirely

    Every command verified against the actual config keys in hermes_cli/config.py and tools/approval.py — no invented knobs. Initial draft had approvals.mode: always_allow (wrong — actual value is off) and a --no-redact-secrets flag (doesn't exist); both fixed before commit.

Why

All four come from one user's docx feedback after an OpenClaw→Hermes migration:

  1. Browser called for a plain .md URL.
  2. Chinese digest came back half-English because subagents weren't told the target language.
  3. Subagent reported "uploaded successfully" but the page was empty.
  4. Agent didn't know hermes config set security.redact_secrets false exists and suggested echo/python3 -c workarounds.

The underlying pattern: tool descriptions and the Skills-mandatory block were too generic for models to self-route correctly. Tightening the prose costs us ~800 tokens in the system prompt and prevents an entire class of session failure.

Validation

BeforeAfter
browser_navigate hint on plain-text URLsGeneric "prefer web_search or web_extract"Lists specific file extensions + API endpoints
delegate_task language propagationNo guidanceExplicit bullet + example
delegate_task side-effect verificationNo guidanceExplicit bullet requiring verifiable handle
System prompt → hermes-agent skill routingGeneric "load what's relevant"Explicit trigger list + example commands
hermes-agent skill redaction docsNot mentionedFull "Security & Privacy Toggles" section
Targeted test suitestests/agent/ skills-prompt: 116/116 pass; tests/tools/ browser+delegate: 400 passed, 1 skipped
E2E prompt-builderVerified new hint lands in the generated <available_skills> block

Ref: tracking issue with all of @versun's docx findings (link in issue body).

Changed files

  • agent/prompt_builder.py (modified, +5/-0)
  • skills/autonomous-ai-agents/hermes-agent/SKILL.md (modified, +57/-0)
  • tools/browser_tool.py (modified, +1/-1)
  • tools/delegate_tool.py (modified, +12/-0)

PR #16327: fix(openclaw-migration): case-preserving brand rewrite + one-time ~/.openclaw residue banner

Description (problem / solution / changelog)

Summary

Two related fixes for OpenClaw-residue problems after a migration (especially when the migration was done via OpenClaw's own tool, which doesn't archive the source directory).

Problem

From a user's docx feedback (see tracking issue): after migrating from OpenClaw to Hermes, the agent kept running cat ~/.openclaw/config.yaml when asked to check its own configuration. Two compounding causes:

  1. rebrand_text() broke filesystem paths. Our migration script's _REBRAND_PATTERNS used a case-insensitive regex (\bOpen[\s-]?Claw\b) with a static replacement ("Hermes"). So ~/.openclaw/config.yaml~/.Hermes/config.yaml — a path that doesn't exist. Memory entries created by the migration pointed at a broken location.

  2. No awareness that ~/.openclaw/ was still there. The user migrated using OpenClaw's own tool (not ours), so our rebrand never ran, and OpenClaw-era memory entries with literal .openclaw paths carried over verbatim. hermes claw cleanup archives the directory but is undiscoverable from inside a chat session.

Changes

  • optional-skills/migration/openclaw-migration/scripts/openclaw_to_hermes.pyrebrand_text() is now case-preserving. Regex logic unchanged; the replacement function checks if the matched text was all-lowercase and emits the replacement in the matching case. So:
    • OpenClaw prefers PythonHermes prefers Python (unchanged)
    • ~/.openclaw/config.yaml~/.hermes/config.yaml (NEW — was ~/.Hermes/config.yaml)
    • OPENCLAW uses tools wellHermes uses tools well (unchanged — any uppercase → capital H)
  • agent/onboarding.py — new OPENCLAW_RESIDUE_FLAG + detect_openclaw_residue(home=None) + openclaw_residue_hint_cli() matching the existing first-touch-hint framework.
  • cli.py — one-time startup banner right after the welcome line. Fires iff ~/.openclaw/ exists and the onboarding flag isn't set. Tells the user to run hermes claw cleanup. Gated by the existing onboarding.seen.<flag> config mechanism — prints exactly once per install, never again unless the user wipes the flag.

Validation

BeforeAfter
rebrand_text("~/.openclaw/config.yaml")~/.Hermes/config.yaml (broken path)~/.hermes/config.yaml (real Hermes home)
rebrand_text("OpenClaw is an agent")Hermes is an agentHermes is an agent (unchanged)
~/.openclaw/ present on CLI launchSilent — agent will read it on first config questionBanner prints once, then never again
hermes claw cleanup discoverabilityBuried in migration script notesFirst-run banner points at it directly
tests/agent/test_onboarding.py20 passing31 passing (+11 new for residue detection / hint / flag)
tests/skills/test_openclaw_migration.py32 passing33 passing (+1 regression test for filesystem-path casing; 2 existing tests updated to the case-preserving contract)
import cli smokeOKOK
E2E simulationBanner fires once with fake ~/.openclaw/, mark_seen persists to config.yaml correctly, second-run detection returns False after cleanup

Ref: tracking issue with all of @versun's docx findings (link in issue body).

Changed files

  • agent/onboarding.py (modified, +33/-0)
  • cli.py (modified, +24/-0)
  • optional-skills/migration/openclaw-migration/scripts/openclaw_to_hermes.py (modified, +27/-2)
  • tests/agent/test_onboarding.py (modified, +50/-0)
  • tests/skills/test_openclaw_migration.py (modified, +28/-3)

PR #16355: docs(skills): document URL install across features, reference, guide, and hermes-agent skill

Description (problem / solution / changelog)

Summary

Follow-up to #16323 — the UrlSource adapter landed but four docs surfaces still only showed hub-identifier install examples. This adds URL-install coverage everywhere the hub-identifier form already appears.

Changes

  • website/docs/user-guide/features/skills.mdurl row in the Supported-hub-sources table; new "#### 8. Direct URL (url)" section with scope (single-file SKILL.md only), the full name-resolution order (frontmatter → URL slug → interactive prompt → --name flag), and examples for both TTY and non-interactive surfaces. Two URL examples added to the top-of-file install-examples block.
  • website/docs/reference/cli-commands.md — two URL install examples + one note explaining the name-resolution fallback chain.
  • website/docs/guides/work-with-skills.md — one URL-install example alongside the existing hub-identifier examples.
  • skills/autonomous-ai-agents/hermes-agent/SKILL.md — Quick Reference block's hermes skills install line now says "ID can be a hub identifier OR a direct SKILL.md URL" and mentions --name.

Why

The user-facing docs are the first place someone looks when they're not sure how to install a skill that isn't on an established hub. Without these updates the URL-install path effectively only exists for people who read release notes.

Validation

BeforeAfter
Source types table6 sources listed7 sources listed (adds url)
Install examples in features/skills.mdNo URL examples2 URL examples (basic + --name)
reference/cli-commands.md examplesNo URL examples2 URL examples + fallback-chain note
guides/work-with-skills.mdNo URL examples1 URL example
hermes-agent skill Quick Referencehermes skills install ID genericExplicit note about URL IDs + --name

No code changes. No new dependencies.

Ref: tracking issue #16328 (follow-up from @versun's docx feedback).

Changed files

  • skills/autonomous-ai-agents/hermes-agent/SKILL.md (modified, +1/-1)
  • website/docs/guides/work-with-skills.md (modified, +4/-0)
  • website/docs/reference/cli-commands.md (modified, +3/-0)
  • website/docs/user-guide/features/skills.md (modified, +32/-0)
RAW_BUFFERClick to expand / collapse

A user (@versun on X, hermes-en.docx) wrote up issues experienced after migrating from OpenClaw to Hermes on an M1 Mac mini running Kimi 2.6 as the main model. Migration was done via OpenClaw's own tool (not our hermes claw migrate), which matters for some of these. Triaged against current main — most are real bugs with clear code fixes, some are UX gaps, one is misunderstood. Tracking all of them here so nothing falls through.

Claims — triaged

Real

1. browser_navigate used for a plain .md URL; no first-class "install skill from URL" path. User asked Hermes to update a skill from https://sharethis.chat/SKILL.md. Agent called browser_navigate four times before user said "use curl" — then it worked. Two independent fixes:

  • Strengthen the browser_navigate description — the generic "prefer web_search or web_extract" wasn't enough; models kept firing up the browser for plain-text URLs. Call out .md / .txt / .json / .yaml / .csv / .xml / raw.githubusercontent.com / API endpoints as specifically preferring curl or web_extract.
  • hermes skills install accepts hub identifiers only, not arbitrary HTTP URLs, so the agent had to improvise (curlpatchcp). Add a UrlSource adapter to tools/skills_hub.py alongside GitHubSource / WellKnownSkillSource / etc., so hermes skills install https://example.com/SKILL.md and /skills install <url> work as first-class operations. Scope for v1: single-file SKILL.md only; multi-file skills with references/ / scripts/ need a manifest we can't discover from a bare URL.

2. delegate_task has no guidance to propagate user-language / output-style preferences to subagents. User asked for a Chinese digest. Subagents were spawned, did research, returned English summaries. Parent pasted them verbatim into the final output, then wrote the tail section in Chinese. Result: bilingual digest, the opposite of what was requested. tools/delegate_tool.py tool description tells the model to pass "file paths, error messages, constraints" via context but says nothing about language or style preferences. Fix: add a bullet — "pass user language / output-style preferences in context when they differ from English (e.g. 'respond in Chinese')."

3. Subagent "succeeded" but nothing was actually uploaded. User used the sharethis-chat skill via delegation. Subagent reported success; page was empty except "test". User asked "are you sure?", Hermes rechecked, found only "test" had been uploaded. delegate_task returns a summary string; parent has zero verification of claimed side-effects. This is a structural property of context-isolated delegation (the feature, not a bug) and fixing it generally is hard — parent would need verification logic for every side-effect type. What we CAN do cheaply: update the delegate_task tool description to warn the calling model — "subagent summaries are self-reports, not verified facts. For operations with external side-effects (HTTP POST/PUT, remote writes, file creation at shared paths), require the subagent to return a verifiable handle (URL, ID, path) and verify it yourself before claiming success to the user." Structural fix (a general side-effect-verification mechanism across arbitrary tools) deferred — not in scope for this batch.

4. Secret-redaction toggle is undiscoverable to the agent itself — and the larger problem is the system prompt doesn't route Hermes-config questions to the hermes-agent skill. User hit redaction, asked the agent to disable it. Agent suggested workarounds (echo, python3 -c) instead of the real knob: hermes config set security.redact_secrets false. Worse, agent/redact.py line 60 snapshots HERMES_REDACT_SECRETS at import time — so even if the agent tries the env-var route, it silently fails; user must edit ~/.hermes/config.yaml and restart. This is deliberate (it prevents an LLM from turning off redaction mid-session), but the agent has no way to know it.

Root cause is broader than redaction: nothing in the system prompt tells the agent "if the user asks about Hermes config/setup/usage, load the hermes-agent skill first." The bundled skills/autonomous-ai-agents/hermes-agent/SKILL.md skill has the right description ("Load this skill when helping users configure Hermes, troubleshoot issues...") — but the Skills-mandatory block is generic, and Kimi 2.6 doesn't think "redaction question → Hermes meta-skill." Two fixes:

  • 4a. Add an explicit line to agent/prompt_builder.py's "Skills (mandatory)" block: "Whenever the user asks to configure, set up, install, enable, disable, modify, or troubleshoot Hermes Agent itself, load the hermes-agent skill first."
  • 4b. The hermes-agent skill itself doesn't currently mention secret redaction, PII redaction, approval/yolo bypass, or other common "how do I turn off this safety thing" toggles. Add a "Security & Privacy Toggles" section covering security.redact_secrets (with the import-time-snapshot restart-required caveat), privacy.redact_pii, approvals.mode (manual/smart/off), --yolo + HERMES_YOLO_MODE, shell hooks allowlist, and how to disable network/media tools entirely. Verify every command against the actual config keys — no invented knobs.

5. OpenClaw path residue after third-party-tool migration. User migrated via OpenClaw, not our script. When asked "check your configuration," Hermes ran cat ~/.openclaw/config.yaml and nmem_search "openclaw OR pi OR agent configuration". Two sub-problems:

  • 5a. optional-skills/migration/openclaw-migration/scripts/openclaw_to_hermes.py _REBRAND_PATTERNS (line 383) rewrites .openclaw.Hermes (capital H) instead of .hermes. ~/.Hermes/ doesn't exist — when this script DOES run, it creates broken memory entries with the wrong path. Fix: case-preserving replacement (lowercase matches → lowercase replacement, any uppercase → Hermes).
  • 5b. User migrated via OpenClaw's own tool, so our rebrand never ran at all — OpenClaw-era memory entries with literal .openclaw paths carried over verbatim. hermes claw cleanup exists for this but is buried. Fix: detect ~/.openclaw/ on CLI launch and print a one-time banner ("OpenClaw workspace detected — run hermes claw cleanup to archive it"), gated on the existing onboarding seen-flag framework.

Not real / already addressed

6. "Difficulty handling multiple messages gracefully." Reporter's X friend already explained /queue and /steer. Already addressed:

  • PR #16118 (merged 2026-04-26) — "feat(cli,tui): surface /queue, /bg, /steer in agent-running placeholder." The busy-input placeholder now advertises all four options inline: msg=interrupt · /queue · /bg · /steer · Ctrl+C cancel, in both the classic CLI and the TUI.
  • PR #16279 (merged shortly after) — "feat(busy): add 'steer' as a third display.busy_input_mode option." A config toggle so a message sent while the agent is busy goes straight to steer instead of requiring /steer.

Nothing to do here; already shipped before the docx arrived.

7. "System prompt and model tuning feels behind OpenClaw." Reporter explicitly says subjective, no concrete evidence. Skip.

Fix plan — PRs

PRScopeClaim
#16323feat(skills): install skills from a direct HTTP(S) URLUrlSource adapter, argparse + slash-command help text, 16 tests + E2E1 (URL install path)
#16325improve(agent): guidance for plain-text URLs, subagent language/verification, hermes-config routingbrowser_navigate description, delegate_task description (2 bullets), prompt_builder.py Skills-mandatory block, hermes-agent skill Security & Privacy Toggles section1 (browser hint), 2, 3 (self-report warning), 4a, 4b
#16327fix(openclaw-migration): case-preserving brand rewrite + one-time ~/.openclaw residue bannerrebrand_text() case-preserving replacement, agent/onboarding.py OPENCLAW_RESIDUE_FLAG + hint + detector, cli.py startup banner, 11 new tests + regression test5a, 5b

Deferred:

  • Structural subagent external-side-effect verification (mechanism across arbitrary tools). Tool-description warning in #16325 is the only cheap mitigation worth making now.

Reporter: @versun on X — docx at https://versun.me/static/hermes-en.docx.

extent analysis

TL;DR

The most likely fix involves updating the browser_navigate description, adding a UrlSource adapter, and modifying the delegate_task tool description to warn about self-reports, along with other changes to address the reported issues.

Guidance

  • Update the browser_navigate description to call out specific URL types that prefer curl or web_extract.
  • Add a UrlSource adapter to tools/skills_hub.py to enable installing skills from direct HTTP(S) URLs.
  • Modify the delegate_task tool description to warn about self-reports and the need for verification of external side-effects.
  • Update the prompt_builder.py Skills-mandatory block to load the hermes-agent skill for Hermes configuration questions.
  • Add a "Security & Privacy Toggles" section to the hermes-agent skill to cover common safety toggles.

Example

No code snippet is provided as the issue does not require a specific code example to understand the fixes.

Notes

The provided fixes are based on the information given in the issue and may not cover all possible scenarios or edge cases. Additional testing and verification may be necessary to ensure the fixes work as intended.

Recommendation

Apply the workarounds and fixes outlined in the guidance section, as they address the reported issues and provide a clear path forward for resolving the problems.

Vote matrix · Quick signals

Works
Did the solution work? Tap to confirm.
Easy Fix
Was it a quick fix?
Time Saver
Did it save you time?
Blocking
Was it severely blocking?
Common Issue
Are others likely hitting this too?
Flaky / Intermittent
Is it intermittent?
Verified / Reproducible
Can you reproduce it reliably?
Loading…
#api#ssr#task chaining#parallel task#integration issue

Still need to ship something?

×6

Another batch ranked right after the header list — different links, same matching logic.

Back to top recommendations

TRENDING

hermes - ✅(Solved) Fix Docx feedback from @versun (OpenClaw→Hermes migration, Kimi 2.6): browser-over-curl, no skill install-from-URL, cross-language digest mixing, subagent false-success, redact-knob undiscoverable, OpenClaw path residue [4 pull requests, 3 comments, 2 participants]