2025-08-09 09:52:25 -07:00
|
|
|
#!/usr/bin/env python3
|
|
|
|
|
"""
|
|
|
|
|
Model Tools Module
|
|
|
|
|
|
2026-02-21 20:22:33 -08:00
|
|
|
Thin orchestration layer over the tool registry. Each tool file in tools/
|
|
|
|
|
self-registers its schema, handler, and metadata via tools.registry.register().
|
|
|
|
|
This module triggers discovery (by importing all tool modules), then provides
|
|
|
|
|
the public API that run_agent.py, cli.py, batch_runner.py, and the RL
|
|
|
|
|
environments consume.
|
|
|
|
|
|
|
|
|
|
Public API (signatures preserved from the original 2,400-line version):
|
|
|
|
|
get_tool_definitions(enabled_toolsets, disabled_toolsets, quiet_mode) -> list
|
|
|
|
|
handle_function_call(function_name, function_args, task_id, user_task) -> str
|
|
|
|
|
TOOL_TO_TOOLSET_MAP: dict (for batch_runner.py)
|
|
|
|
|
TOOLSET_REQUIREMENTS: dict (for cli.py, doctor.py)
|
|
|
|
|
get_all_tool_names() -> list
|
|
|
|
|
get_toolset_for_tool(name) -> str
|
|
|
|
|
get_available_toolsets() -> dict
|
|
|
|
|
check_toolset_requirements() -> dict
|
|
|
|
|
check_tool_availability(quiet) -> tuple
|
2025-08-09 09:52:25 -07:00
|
|
|
"""
|
|
|
|
|
|
|
|
|
|
import json
|
|
|
|
|
import asyncio
|
2026-02-21 20:22:33 -08:00
|
|
|
import logging
|
2026-03-20 09:44:50 -07:00
|
|
|
import threading
|
2026-02-02 19:28:27 -08:00
|
|
|
from typing import Dict, Any, List, Optional, Tuple
|
2025-08-09 09:52:25 -07:00
|
|
|
|
2026-02-21 20:22:33 -08:00
|
|
|
from tools.registry import registry
|
2026-02-20 23:23:32 -08:00
|
|
|
from toolsets import resolve_toolset, validate_toolset
|
2025-08-09 09:52:25 -07:00
|
|
|
|
2026-02-21 20:22:33 -08:00
|
|
|
logger = logging.getLogger(__name__)
|
|
|
|
|
|
2026-02-02 19:28:27 -08:00
|
|
|
|
refactor: deduplicate toolsets, unify async bridging, fix approval race condition, harden security
- Replace 4 copy-pasted messaging platform toolsets with shared _HERMES_CORE_TOOLS list
- Consolidate 5 ad-hoc async-bridging patterns into single _run_async() in model_tools.py
- Removes deprecated get_event_loop()/set_event_loop() calls
- Makes all tool handlers self-protecting regardless of caller's event loop state
- RL handler refactored from if/elif chain to dispatch dict
- Fix exec approval race condition: replace module-level globals with thread-safe
per-session tools/approval.py (submit_pending, pop_pending, approve_session, is_approved)
- Session A approving "rm" no longer approves it for all other sessions
- Fix config deep merge: user overriding tts.elevenlabs.voice_id no longer clobbers
tts.elevenlabs.model_id; migration detection now recurses to arbitrary depth
- Gateway default-deny: unauthenticated users denied unless GATEWAY_ALLOW_ALL_USERS=true
- Add 10 dangerous command patterns: rm --recursive, bash -c, python -e, curl|bash,
xargs rm, find -delete
- Sanitize gateway error messages: users see generic message, full traceback goes to logs
2026-02-21 18:28:49 -08:00
|
|
|
# =============================================================================
|
2026-02-21 20:22:33 -08:00
|
|
|
# Async Bridging (single source of truth -- used by registry.dispatch too)
|
refactor: deduplicate toolsets, unify async bridging, fix approval race condition, harden security
- Replace 4 copy-pasted messaging platform toolsets with shared _HERMES_CORE_TOOLS list
- Consolidate 5 ad-hoc async-bridging patterns into single _run_async() in model_tools.py
- Removes deprecated get_event_loop()/set_event_loop() calls
- Makes all tool handlers self-protecting regardless of caller's event loop state
- RL handler refactored from if/elif chain to dispatch dict
- Fix exec approval race condition: replace module-level globals with thread-safe
per-session tools/approval.py (submit_pending, pop_pending, approve_session, is_approved)
- Session A approving "rm" no longer approves it for all other sessions
- Fix config deep merge: user overriding tts.elevenlabs.voice_id no longer clobbers
tts.elevenlabs.model_id; migration detection now recurses to arbitrary depth
- Gateway default-deny: unauthenticated users denied unless GATEWAY_ALLOW_ALL_USERS=true
- Add 10 dangerous command patterns: rm --recursive, bash -c, python -e, curl|bash,
xargs rm, find -delete
- Sanitize gateway error messages: users see generic message, full traceback goes to logs
2026-02-21 18:28:49 -08:00
|
|
|
# =============================================================================
|
|
|
|
|
|
2026-03-20 09:44:50 -07:00
|
|
|
_tool_loop = None # persistent loop for the main (CLI) thread
|
|
|
|
|
_tool_loop_lock = threading.Lock()
|
2026-03-20 15:41:06 -04:00
|
|
|
_worker_thread_local = threading.local() # per-worker-thread persistent loops
|
2026-03-20 09:44:50 -07:00
|
|
|
|
|
|
|
|
|
|
|
|
|
def _get_tool_loop():
|
|
|
|
|
"""Return a long-lived event loop for running async tool handlers.
|
|
|
|
|
|
|
|
|
|
Using a persistent loop (instead of asyncio.run() which creates and
|
|
|
|
|
*closes* a fresh loop every time) prevents "Event loop is closed"
|
|
|
|
|
errors that occur when cached httpx/AsyncOpenAI clients attempt to
|
|
|
|
|
close their transport on a dead loop during garbage collection.
|
|
|
|
|
"""
|
|
|
|
|
global _tool_loop
|
|
|
|
|
with _tool_loop_lock:
|
|
|
|
|
if _tool_loop is None or _tool_loop.is_closed():
|
|
|
|
|
_tool_loop = asyncio.new_event_loop()
|
|
|
|
|
return _tool_loop
|
|
|
|
|
|
|
|
|
|
|
2026-03-20 15:41:06 -04:00
|
|
|
def _get_worker_loop():
|
|
|
|
|
"""Return a persistent event loop for the current worker thread.
|
|
|
|
|
|
|
|
|
|
Each worker thread (e.g., delegate_task's ThreadPoolExecutor threads)
|
|
|
|
|
gets its own long-lived loop stored in thread-local storage. This
|
|
|
|
|
prevents the "Event loop is closed" errors that occurred when
|
|
|
|
|
asyncio.run() was used per-call: asyncio.run() creates a loop, runs
|
|
|
|
|
the coroutine, then *closes* the loop — but cached httpx/AsyncOpenAI
|
|
|
|
|
clients remain bound to that now-dead loop and raise RuntimeError
|
|
|
|
|
during garbage collection or subsequent use.
|
|
|
|
|
|
|
|
|
|
By keeping the loop alive for the thread's lifetime, cached clients
|
|
|
|
|
stay valid and their cleanup runs on a live loop.
|
|
|
|
|
"""
|
|
|
|
|
loop = getattr(_worker_thread_local, 'loop', None)
|
|
|
|
|
if loop is None or loop.is_closed():
|
|
|
|
|
loop = asyncio.new_event_loop()
|
|
|
|
|
asyncio.set_event_loop(loop)
|
|
|
|
|
_worker_thread_local.loop = loop
|
|
|
|
|
return loop
|
|
|
|
|
|
|
|
|
|
|
refactor: deduplicate toolsets, unify async bridging, fix approval race condition, harden security
- Replace 4 copy-pasted messaging platform toolsets with shared _HERMES_CORE_TOOLS list
- Consolidate 5 ad-hoc async-bridging patterns into single _run_async() in model_tools.py
- Removes deprecated get_event_loop()/set_event_loop() calls
- Makes all tool handlers self-protecting regardless of caller's event loop state
- RL handler refactored from if/elif chain to dispatch dict
- Fix exec approval race condition: replace module-level globals with thread-safe
per-session tools/approval.py (submit_pending, pop_pending, approve_session, is_approved)
- Session A approving "rm" no longer approves it for all other sessions
- Fix config deep merge: user overriding tts.elevenlabs.voice_id no longer clobbers
tts.elevenlabs.model_id; migration detection now recurses to arbitrary depth
- Gateway default-deny: unauthenticated users denied unless GATEWAY_ALLOW_ALL_USERS=true
- Add 10 dangerous command patterns: rm --recursive, bash -c, python -e, curl|bash,
xargs rm, find -delete
- Sanitize gateway error messages: users see generic message, full traceback goes to logs
2026-02-21 18:28:49 -08:00
|
|
|
def _run_async(coro):
|
|
|
|
|
"""Run an async coroutine from a sync context.
|
|
|
|
|
|
|
|
|
|
If the current thread already has a running event loop (e.g., inside
|
|
|
|
|
the gateway's async stack or Atropos's event loop), we spin up a
|
|
|
|
|
disposable thread so asyncio.run() can create its own loop without
|
|
|
|
|
conflicting.
|
|
|
|
|
|
2026-03-20 09:44:50 -07:00
|
|
|
For the common CLI path (no running loop), we use a persistent event
|
|
|
|
|
loop so that cached async clients (httpx / AsyncOpenAI) remain bound
|
|
|
|
|
to a live loop and don't trigger "Event loop is closed" on GC.
|
|
|
|
|
|
2026-03-20 15:41:06 -04:00
|
|
|
When called from a worker thread (parallel tool execution), we use a
|
|
|
|
|
per-thread persistent loop to avoid both contention with the main
|
|
|
|
|
thread's shared loop AND the "Event loop is closed" errors caused by
|
|
|
|
|
asyncio.run()'s create-and-destroy lifecycle.
|
2026-03-20 11:39:13 -07:00
|
|
|
|
refactor: deduplicate toolsets, unify async bridging, fix approval race condition, harden security
- Replace 4 copy-pasted messaging platform toolsets with shared _HERMES_CORE_TOOLS list
- Consolidate 5 ad-hoc async-bridging patterns into single _run_async() in model_tools.py
- Removes deprecated get_event_loop()/set_event_loop() calls
- Makes all tool handlers self-protecting regardless of caller's event loop state
- RL handler refactored from if/elif chain to dispatch dict
- Fix exec approval race condition: replace module-level globals with thread-safe
per-session tools/approval.py (submit_pending, pop_pending, approve_session, is_approved)
- Session A approving "rm" no longer approves it for all other sessions
- Fix config deep merge: user overriding tts.elevenlabs.voice_id no longer clobbers
tts.elevenlabs.model_id; migration detection now recurses to arbitrary depth
- Gateway default-deny: unauthenticated users denied unless GATEWAY_ALLOW_ALL_USERS=true
- Add 10 dangerous command patterns: rm --recursive, bash -c, python -e, curl|bash,
xargs rm, find -delete
- Sanitize gateway error messages: users see generic message, full traceback goes to logs
2026-02-21 18:28:49 -08:00
|
|
|
This is the single source of truth for sync->async bridging in tool
|
|
|
|
|
handlers. The RL paths (agent_loop.py, tool_context.py) also provide
|
|
|
|
|
outer thread-pool wrapping as defense-in-depth, but each handler is
|
|
|
|
|
self-protecting via this function.
|
|
|
|
|
"""
|
|
|
|
|
try:
|
|
|
|
|
loop = asyncio.get_running_loop()
|
|
|
|
|
except RuntimeError:
|
|
|
|
|
loop = None
|
|
|
|
|
|
|
|
|
|
if loop and loop.is_running():
|
2026-03-20 11:39:13 -07:00
|
|
|
# Inside an async context (gateway, RL env) — run in a fresh thread.
|
refactor: deduplicate toolsets, unify async bridging, fix approval race condition, harden security
- Replace 4 copy-pasted messaging platform toolsets with shared _HERMES_CORE_TOOLS list
- Consolidate 5 ad-hoc async-bridging patterns into single _run_async() in model_tools.py
- Removes deprecated get_event_loop()/set_event_loop() calls
- Makes all tool handlers self-protecting regardless of caller's event loop state
- RL handler refactored from if/elif chain to dispatch dict
- Fix exec approval race condition: replace module-level globals with thread-safe
per-session tools/approval.py (submit_pending, pop_pending, approve_session, is_approved)
- Session A approving "rm" no longer approves it for all other sessions
- Fix config deep merge: user overriding tts.elevenlabs.voice_id no longer clobbers
tts.elevenlabs.model_id; migration detection now recurses to arbitrary depth
- Gateway default-deny: unauthenticated users denied unless GATEWAY_ALLOW_ALL_USERS=true
- Add 10 dangerous command patterns: rm --recursive, bash -c, python -e, curl|bash,
xargs rm, find -delete
- Sanitize gateway error messages: users see generic message, full traceback goes to logs
2026-02-21 18:28:49 -08:00
|
|
|
import concurrent.futures
|
|
|
|
|
with concurrent.futures.ThreadPoolExecutor(max_workers=1) as pool:
|
|
|
|
|
future = pool.submit(asyncio.run, coro)
|
|
|
|
|
return future.result(timeout=300)
|
2026-03-20 09:44:50 -07:00
|
|
|
|
2026-03-20 15:41:06 -04:00
|
|
|
# If we're on a worker thread (e.g., parallel tool execution in
|
|
|
|
|
# delegate_task), use a per-thread persistent loop. This avoids
|
|
|
|
|
# contention with the main thread's shared loop while keeping cached
|
|
|
|
|
# httpx/AsyncOpenAI clients bound to a live loop for the thread's
|
|
|
|
|
# lifetime — preventing "Event loop is closed" on GC cleanup.
|
2026-03-20 11:39:13 -07:00
|
|
|
if threading.current_thread() is not threading.main_thread():
|
2026-03-20 15:41:06 -04:00
|
|
|
worker_loop = _get_worker_loop()
|
|
|
|
|
return worker_loop.run_until_complete(coro)
|
2026-03-20 11:39:13 -07:00
|
|
|
|
2026-03-20 09:44:50 -07:00
|
|
|
tool_loop = _get_tool_loop()
|
|
|
|
|
return tool_loop.run_until_complete(coro)
|
refactor: deduplicate toolsets, unify async bridging, fix approval race condition, harden security
- Replace 4 copy-pasted messaging platform toolsets with shared _HERMES_CORE_TOOLS list
- Consolidate 5 ad-hoc async-bridging patterns into single _run_async() in model_tools.py
- Removes deprecated get_event_loop()/set_event_loop() calls
- Makes all tool handlers self-protecting regardless of caller's event loop state
- RL handler refactored from if/elif chain to dispatch dict
- Fix exec approval race condition: replace module-level globals with thread-safe
per-session tools/approval.py (submit_pending, pop_pending, approve_session, is_approved)
- Session A approving "rm" no longer approves it for all other sessions
- Fix config deep merge: user overriding tts.elevenlabs.voice_id no longer clobbers
tts.elevenlabs.model_id; migration detection now recurses to arbitrary depth
- Gateway default-deny: unauthenticated users denied unless GATEWAY_ALLOW_ALL_USERS=true
- Add 10 dangerous command patterns: rm --recursive, bash -c, python -e, curl|bash,
xargs rm, find -delete
- Sanitize gateway error messages: users see generic message, full traceback goes to logs
2026-02-21 18:28:49 -08:00
|
|
|
|
|
|
|
|
|
2026-02-02 19:28:27 -08:00
|
|
|
# =============================================================================
|
2026-02-21 20:22:33 -08:00
|
|
|
# Tool Discovery (importing each module triggers its registry.register calls)
|
2026-02-02 19:28:27 -08:00
|
|
|
# =============================================================================
|
|
|
|
|
|
2026-02-21 20:22:33 -08:00
|
|
|
def _discover_tools():
|
|
|
|
|
"""Import all tool modules to trigger their registry.register() calls.
|
|
|
|
|
|
|
|
|
|
Wrapped in a function so import errors in optional tools (e.g., fal_client
|
|
|
|
|
not installed) don't prevent the rest from loading.
|
|
|
|
|
"""
|
|
|
|
|
_modules = [
|
|
|
|
|
"tools.web_tools",
|
|
|
|
|
"tools.terminal_tool",
|
|
|
|
|
"tools.file_tools",
|
|
|
|
|
"tools.vision_tools",
|
|
|
|
|
"tools.mixture_of_agents_tool",
|
|
|
|
|
"tools.image_generation_tool",
|
|
|
|
|
"tools.skills_tool",
|
|
|
|
|
"tools.skill_manager_tool",
|
|
|
|
|
"tools.browser_tool",
|
|
|
|
|
"tools.cronjob_tools",
|
|
|
|
|
"tools.rl_training_tool",
|
|
|
|
|
"tools.tts_tool",
|
|
|
|
|
"tools.todo_tool",
|
|
|
|
|
"tools.memory_tool",
|
|
|
|
|
"tools.session_search_tool",
|
|
|
|
|
"tools.clarify_tool",
|
|
|
|
|
"tools.code_execution_tool",
|
|
|
|
|
"tools.delegate_tool",
|
|
|
|
|
"tools.process_registry",
|
|
|
|
|
"tools.send_message_tool",
|
feat(memory): pluggable memory provider interface with profile isolation, review fixes, and honcho CLI restoration (#4623)
* feat(memory): add pluggable memory provider interface with profile isolation
Introduces a pluggable MemoryProvider ABC so external memory backends can
integrate with Hermes without modifying core files. Each backend becomes a
plugin implementing a standard interface, orchestrated by MemoryManager.
Key architecture:
- agent/memory_provider.py — ABC with core + optional lifecycle hooks
- agent/memory_manager.py — single integration point in the agent loop
- agent/builtin_memory_provider.py — wraps existing MEMORY.md/USER.md
Profile isolation fixes applied to all 6 shipped plugins:
- Cognitive Memory: use get_hermes_home() instead of raw env var
- Hindsight Memory: check $HERMES_HOME/hindsight/config.json first,
fall back to legacy ~/.hindsight/ for backward compat
- Hermes Memory Store: replace hardcoded ~/.hermes paths with
get_hermes_home() for config loading and DB path defaults
- Mem0 Memory: use get_hermes_home() instead of raw env var
- RetainDB Memory: auto-derive profile-scoped project name from
hermes_home path (hermes-<profile>), explicit env var overrides
- OpenViking Memory: read-only, no local state, isolation via .env
MemoryManager.initialize_all() now injects hermes_home into kwargs so
every provider can resolve profile-scoped storage without importing
get_hermes_home() themselves.
Plugin system: adds register_memory_provider() to PluginContext and
get_plugin_memory_providers() accessor.
Based on PR #3825. 46 tests (37 unit + 5 E2E + 4 plugin registration).
* refactor(memory): drop cognitive plugin, rewrite OpenViking as full provider
Remove cognitive-memory plugin (#727) — core mechanics are broken:
decay runs 24x too fast (hourly not daily), prefetch uses row ID as
timestamp, search limited by importance not similarity.
Rewrite openviking-memory plugin from a read-only search wrapper into
a full bidirectional memory provider using the complete OpenViking
session lifecycle API:
- sync_turn: records user/assistant messages to OpenViking session
(threaded, non-blocking)
- on_session_end: commits session to trigger automatic memory extraction
into 6 categories (profile, preferences, entities, events, cases,
patterns)
- prefetch: background semantic search via find() endpoint
- on_memory_write: mirrors built-in memory writes to the session
- is_available: checks env var only, no network calls (ABC compliance)
Tools expanded from 3 to 5:
- viking_search: semantic search with mode/scope/limit
- viking_read: tiered content (abstract ~100tok / overview ~2k / full)
- viking_browse: filesystem-style navigation (list/tree/stat)
- viking_remember: explicit memory storage via session
- viking_add_resource: ingest URLs/docs into knowledge base
Uses direct HTTP via httpx (no openviking SDK dependency needed).
Response truncation on viking_read to prevent context flooding.
* fix(memory): harden Mem0 plugin — thread safety, non-blocking sync, circuit breaker
- Remove redundant mem0_context tool (identical to mem0_search with
rerank=true, top_k=5 — wastes a tool slot and confuses the model)
- Thread sync_turn so it's non-blocking — Mem0's server-side LLM
extraction can take 5-10s, was stalling the agent after every turn
- Add threading.Lock around _get_client() for thread-safe lazy init
(prefetch and sync threads could race on first client creation)
- Add circuit breaker: after 5 consecutive API failures, pause calls
for 120s instead of hammering a down server every turn. Auto-resets
after cooldown. Logs a warning when tripped.
- Track success/failure in prefetch, sync_turn, and all tool calls
- Wait for previous sync to finish before starting a new one (prevents
unbounded thread accumulation on rapid turns)
- Clean up shutdown to join both prefetch and sync threads
* fix(memory): enforce single external memory provider limit
MemoryManager now rejects a second non-builtin provider with a warning.
Built-in memory (MEMORY.md/USER.md) is always accepted. Only ONE
external plugin provider is allowed at a time. This prevents tool
schema bloat (some providers add 3-5 tools each) and conflicting
memory backends.
The warning message directs users to configure memory.provider in
config.yaml to select which provider to activate.
Updated all 47 tests to use builtin + one external pattern instead
of multiple externals. Added test_second_external_rejected to verify
the enforcement.
* feat(memory): add ByteRover memory provider plugin
Implements the ByteRover integration (from PR #3499 by hieuntg81) as a
MemoryProvider plugin instead of direct run_agent.py modifications.
ByteRover provides persistent memory via the brv CLI — a hierarchical
knowledge tree with tiered retrieval (fuzzy text then LLM-driven search).
Local-first with optional cloud sync.
Plugin capabilities:
- prefetch: background brv query for relevant context
- sync_turn: curate conversation turns (threaded, non-blocking)
- on_memory_write: mirror built-in memory writes to brv
- on_pre_compress: extract insights before context compression
Tools (3):
- brv_query: search the knowledge tree
- brv_curate: store facts/decisions/patterns
- brv_status: check CLI version and context tree state
Profile isolation: working directory at $HERMES_HOME/byterover/ (scoped
per profile). Binary resolution cached with thread-safe double-checked
locking. All write operations threaded to avoid blocking the agent
(curate can take 120s with LLM processing).
* fix(memory): thread remaining sync_turns, fix holographic, add config key
Plugin fixes:
- Hindsight: thread sync_turn (was blocking up to 30s via _run_in_thread)
- RetainDB: thread sync_turn (was blocking on HTTP POST)
- Both: shutdown now joins sync threads alongside prefetch threads
Holographic retrieval fixes:
- reason(): removed dead intersection_key computation (bundled but never
used in scoring). Now reuses pre-computed entity_residuals directly,
moved role_content encoding outside the inner loop.
- contradict(): added _MAX_CONTRADICT_FACTS=500 scaling guard. Above
500 facts, only checks the most recently updated ones to avoid O(n^2)
explosion (~125K comparisons at 500 is acceptable).
Config:
- Added memory.provider key to DEFAULT_CONFIG ("" = builtin only).
No version bump needed (deep_merge handles new keys automatically).
* feat(memory): extract Honcho as a MemoryProvider plugin
Creates plugins/honcho-memory/ as a thin adapter over the existing
honcho_integration/ package. All 4 Honcho tools (profile, search,
context, conclude) move from the normal tool registry to the
MemoryProvider interface.
The plugin delegates all work to HonchoSessionManager — no Honcho
logic is reimplemented. It uses the existing config chain:
$HERMES_HOME/honcho.json -> ~/.honcho/config.json -> env vars.
Lifecycle hooks:
- initialize: creates HonchoSessionManager via existing client factory
- prefetch: background dialectic query
- sync_turn: records messages + flushes to API (threaded)
- on_memory_write: mirrors user profile writes as conclusions
- on_session_end: flushes all pending messages
This is a prerequisite for the MemoryManager wiring in run_agent.py.
Once wired, Honcho goes through the same provider interface as all
other memory plugins, and the scattered Honcho code in run_agent.py
can be consolidated into the single MemoryManager integration point.
* feat(memory): wire MemoryManager into run_agent.py
Adds 8 integration points for the external memory provider plugin,
all purely additive (zero existing code modified):
1. Init (~L1130): Create MemoryManager, find matching plugin provider
from memory.provider config, initialize with session context
2. Tool injection (~L1160): Append provider tool schemas to self.tools
and self.valid_tool_names after memory_manager init
3. System prompt (~L2705): Add external provider's system_prompt_block
alongside existing MEMORY.md/USER.md blocks
4. Tool routing (~L5362): Route provider tool calls through
memory_manager.handle_tool_call() before the catchall handler
5. Memory write bridge (~L5353): Notify external provider via
on_memory_write() when the built-in memory tool writes
6. Pre-compress (~L5233): Call on_pre_compress() before context
compression discards messages
7. Prefetch (~L6421): Inject provider prefetch results into the
current-turn user message (same pattern as Honcho turn context)
8. Turn sync + session end (~L8161, ~L8172): sync_all() after each
completed turn, queue_prefetch_all() for next turn, on_session_end()
+ shutdown_all() at conversation end
All hooks are wrapped in try/except — a failing provider never breaks
the agent. The existing memory system, Honcho integration, and all
other code paths are completely untouched.
Full suite: 7222 passed, 4 pre-existing failures.
* refactor(memory): remove legacy Honcho integration from core
Extracts all Honcho-specific code from run_agent.py, model_tools.py,
toolsets.py, and gateway/run.py. Honcho is now exclusively available
as a memory provider plugin (plugins/honcho-memory/).
Removed from run_agent.py (-457 lines):
- Honcho init block (session manager creation, activation, config)
- 8 Honcho methods: _honcho_should_activate, _strip_honcho_tools,
_activate_honcho, _register_honcho_exit_hook, _queue_honcho_prefetch,
_honcho_prefetch, _honcho_save_user_observation, _honcho_sync
- _inject_honcho_turn_context module-level function
- Honcho system prompt block (tool descriptions, CLI commands)
- Honcho context injection in api_messages building
- Honcho params from __init__ (honcho_session_key, honcho_manager,
honcho_config)
- HONCHO_TOOL_NAMES constant
- All honcho-specific tool dispatch forwarding
Removed from other files:
- model_tools.py: honcho_tools import, honcho params from handle_function_call
- toolsets.py: honcho toolset definition, honcho tools from core tools list
- gateway/run.py: honcho params from AIAgent constructor calls
Removed tests (-339 lines):
- 9 Honcho-specific test methods from test_run_agent.py
- TestHonchoAtexitFlush class from test_exit_cleanup_interrupt.py
Restored two regex constants (_SURROGATE_RE, _BUDGET_WARNING_RE) that
were accidentally removed during the honcho function extraction.
The honcho_integration/ package is kept intact — the plugin delegates
to it. tools/honcho_tools.py registry entries are now dead code (import
commented out in model_tools.py) but the file is preserved for reference.
Full suite: 7207 passed, 4 pre-existing failures. Zero regressions.
* refactor(memory): restructure plugins, add CLI, clean gateway, migration notice
Plugin restructure:
- Move all memory plugins from plugins/<name>-memory/ to plugins/memory/<name>/
(byterover, hindsight, holographic, honcho, mem0, openviking, retaindb)
- New plugins/memory/__init__.py discovery module that scans the directory
directly, loading providers by name without the general plugin system
- run_agent.py uses load_memory_provider() instead of get_plugin_memory_providers()
CLI wiring:
- hermes memory setup — interactive curses picker + config wizard
- hermes memory status — show active provider, config, availability
- hermes memory off — disable external provider (built-in only)
- hermes honcho — now shows migration notice pointing to hermes memory setup
Gateway cleanup:
- Remove _get_or_create_gateway_honcho (already removed in prev commit)
- Remove _shutdown_gateway_honcho and _shutdown_all_gateway_honcho methods
- Remove all calls to shutdown methods (4 call sites)
- Remove _honcho_managers/_honcho_configs dict references
Dead code removal:
- Delete tools/honcho_tools.py (279 lines, import was already commented out)
- Delete tests/gateway/test_honcho_lifecycle.py (131 lines, tested removed methods)
- Remove if False placeholder from run_agent.py
Migration:
- Honcho migration notice on startup: detects existing honcho.json or
~/.honcho/config.json, prints guidance to run hermes memory setup.
Only fires when memory.provider is not set and not in quiet mode.
Full suite: 7203 passed, 4 pre-existing failures. Zero regressions.
* feat(memory): standardize plugin config + add per-plugin documentation
Config architecture:
- Add save_config(values, hermes_home) to MemoryProvider ABC
- Honcho: writes to $HERMES_HOME/honcho.json (SDK native)
- Mem0: writes to $HERMES_HOME/mem0.json
- Hindsight: writes to $HERMES_HOME/hindsight/config.json
- Holographic: writes to config.yaml under plugins.hermes-memory-store
- OpenViking/RetainDB/ByteRover: env-var only (default no-op)
Setup wizard (hermes memory setup):
- Now calls provider.save_config() for non-secret config
- Secrets still go to .env via env vars
- Only memory.provider activation key goes to config.yaml
Documentation:
- README.md for each of the 7 providers in plugins/memory/<name>/
- Requirements, setup (wizard + manual), config reference, tools table
- Consistent format across all providers
The contract for new memory plugins:
- get_config_schema() declares all fields (REQUIRED)
- save_config() writes native config (REQUIRED if not env-var-only)
- Secrets use env_var field in schema, written to .env by wizard
- README.md in the plugin directory
* docs: add memory providers user guide + developer guide
New pages:
- user-guide/features/memory-providers.md — comprehensive guide covering
all 7 shipped providers (Honcho, OpenViking, Mem0, Hindsight,
Holographic, RetainDB, ByteRover). Each with setup, config, tools,
cost, and unique features. Includes comparison table and profile
isolation notes.
- developer-guide/memory-provider-plugin.md — how to build a new memory
provider plugin. Covers ABC, required methods, config schema,
save_config, threading contract, profile isolation, testing.
Updated pages:
- user-guide/features/memory.md — replaced Honcho section with link to
new Memory Providers page
- user-guide/features/honcho.md — replaced with migration redirect to
the new Memory Providers page
- sidebars.ts — added both new pages to navigation
* fix(memory): auto-migrate Honcho users to memory provider plugin
When honcho.json or ~/.honcho/config.json exists but memory.provider
is not set, automatically set memory.provider: honcho in config.yaml
and activate the plugin. The plugin reads the same config files, so
all data and credentials are preserved. Zero user action needed.
Persists the migration to config.yaml so it only fires once. Prints
a one-line confirmation in non-quiet mode.
* fix(memory): only auto-migrate Honcho when enabled + credentialed
Check HonchoClientConfig.enabled AND (api_key OR base_url) before
auto-migrating — not just file existence. Prevents false activation
for users who disabled Honcho, stopped using it (config lingers),
or have ~/.honcho/ from a different tool.
* feat(memory): auto-install pip dependencies during hermes memory setup
Reads pip_dependencies from plugin.yaml, checks which are missing,
installs them via pip before config walkthrough. Also shows install
guidance for external_dependencies (e.g. brv CLI for ByteRover).
Updated all 7 plugin.yaml files with pip_dependencies:
- honcho: honcho-ai
- mem0: mem0ai
- openviking: httpx
- hindsight: hindsight-client
- holographic: (none)
- retaindb: requests
- byterover: (external_dependencies for brv CLI)
* fix: remove remaining Honcho crash risks from cli.py and gateway
cli.py: removed Honcho session re-mapping block (would crash importing
deleted tools/honcho_tools.py), Honcho flush on compress, Honcho
session display on startup, Honcho shutdown on exit, honcho_session_key
AIAgent param.
gateway/run.py: removed honcho_session_key params from helper methods,
sync_honcho param, _honcho.shutdown() block.
tests: fixed test_cron_session_with_honcho_key_skipped (was passing
removed honcho_key param to _flush_memories_for_session).
* fix: include plugins/ in pyproject.toml package list
Without this, plugins/memory/ wouldn't be included in non-editable
installs. Hermes always runs from the repo checkout so this is belt-
and-suspenders, but prevents breakage if the install method changes.
* fix(memory): correct pip-to-import name mapping for dep checks
The heuristic dep.replace('-', '_') fails for packages where the pip
name differs from the import name: honcho-ai→honcho, mem0ai→mem0,
hindsight-client→hindsight_client. Added explicit mapping table so
hermes memory setup doesn't try to reinstall already-installed packages.
* chore: remove dead code from old plugin memory registration path
- hermes_cli/plugins.py: removed register_memory_provider(),
_memory_providers list, get_plugin_memory_providers() — memory
providers now use plugins/memory/ discovery, not the general plugin system
- hermes_cli/main.py: stripped 74 lines of dead honcho argparse
subparsers (setup, status, sessions, map, peer, mode, tokens,
identity, migrate) — kept only the migration redirect
- agent/memory_provider.py: updated docstring to reflect new
registration path
- tests: replaced TestPluginMemoryProviderRegistration with
TestPluginMemoryDiscovery that tests the actual plugins/memory/
discovery system. Added 3 new tests (discover, load, nonexistent).
* chore: delete dead honcho_integration/cli.py and its tests
cli.py (794 lines) was the old 'hermes honcho' command handler — nobody
calls it since cmd_honcho was replaced with a migration redirect.
Deleted tests that imported from removed code:
- tests/honcho_integration/test_cli.py (tested _resolve_api_key)
- tests/honcho_integration/test_config_isolation.py (tested CLI config paths)
- tests/tools/test_honcho_tools.py (tested the deleted tools/honcho_tools.py)
Remaining honcho_integration/ files (actively used by the plugin):
- client.py (445 lines) — config loading, SDK client creation
- session.py (991 lines) — session management, queries, flush
* refactor: move honcho_integration/ into the honcho plugin
Moves client.py (445 lines) and session.py (991 lines) from the
top-level honcho_integration/ package into plugins/memory/honcho/.
No Honcho code remains in the main codebase.
- plugins/memory/honcho/client.py — config loading, SDK client creation
- plugins/memory/honcho/session.py — session management, queries, flush
- Updated all imports: run_agent.py (auto-migration), hermes_cli/doctor.py,
plugin __init__.py, session.py cross-import, all tests
- Removed honcho_integration/ package and pyproject.toml entry
- Renamed tests/honcho_integration/ → tests/honcho_plugin/
* docs: update architecture + gateway-internals for memory provider system
- architecture.md: replaced honcho_integration/ with plugins/memory/
- gateway-internals.md: replaced Honcho-specific session routing and
flush lifecycle docs with generic memory provider interface docs
* fix: update stale mock path for resolve_active_host after honcho plugin migration
* fix(memory): address review feedback — P0 lifecycle, ABC contract, honcho CLI restore
Review feedback from Honcho devs (erosika):
P0 — Provider lifecycle:
- Remove on_session_end() + shutdown_all() from run_conversation() tail
(was killing providers after every turn in multi-turn sessions)
- Add shutdown_memory_provider() method on AIAgent for callers
- Wire shutdown into CLI atexit, reset_conversation, gateway stop/expiry
Bug fixes:
- Remove sync_honcho=False kwarg from /btw callsites (TypeError crash)
- Fix doctor.py references to dead 'hermes honcho setup' command
- Cache prefetch_all() before tool loop (was re-calling every iteration)
ABC contract hardening (all backwards-compatible):
- Add session_id kwarg to prefetch/sync_turn/queue_prefetch
- Make on_pre_compress() return str (provider insights in compression)
- Add **kwargs to on_turn_start() for runtime context
- Add on_delegation() hook for parent-side subagent observation
- Document agent_context/agent_identity/agent_workspace kwargs on
initialize() (prevents cron corruption, enables profile scoping)
- Fix docstring: single external provider, not multiple
Honcho CLI restoration:
- Add plugins/memory/honcho/cli.py (from main's honcho_integration/cli.py
with imports adapted to plugin path)
- Restore full hermes honcho command with all subcommands (status, peer,
mode, tokens, identity, enable/disable, sync, peers, --target-profile)
- Restore auto-clone on profile creation + sync on hermes update
- hermes honcho setup now redirects to hermes memory setup
* fix(memory): wire on_delegation, skip_memory for cron/flush, fix ByteRover return type
- Wire on_delegation() in delegate_tool.py — parent's memory provider
is notified with task+result after each subagent completes
- Add skip_memory=True to cron scheduler (prevents cron system prompts
from corrupting user representations — closes #4052)
- Add skip_memory=True to gateway flush agent (throwaway agent shouldn't
activate memory provider)
- Fix ByteRover on_pre_compress() return type: None -> str
* fix(honcho): port profile isolation fixes from PR #4632
Ports 5 bug fixes found during profile testing (erosika's PR #4632):
1. 3-tier config resolution — resolve_config_path() now checks
$HERMES_HOME/honcho.json → ~/.hermes/honcho.json → ~/.honcho/config.json
(non-default profiles couldn't find shared host blocks)
2. Thread host=_host_key() through from_global_config() in cmd_setup,
cmd_status, cmd_identity (--target-profile was being ignored)
3. Use bare profile name as aiPeer (not host key with dots) — Honcho's
peer ID pattern is ^[a-zA-Z0-9_-]+$, dots are invalid
4. Wrap add_peers() in try/except — was fatal on new AI peers, killed
all message uploads for the session
5. Gate Honcho clone behind --clone/--clone-all on profile create
(bare create should be blank-slate)
Also: sanitize assistant_peer_id via _sanitize_id()
* fix(tests): add module cleanup fixture to test_cli_provider_resolution
test_cli_provider_resolution._import_cli() wipes tools.*, cli, and
run_agent from sys.modules to force fresh imports, but had no cleanup.
This poisoned all subsequent tests on the same xdist worker — mocks
targeting tools.file_tools, tools.send_message_tool, etc. patched the
NEW module object while already-imported functions still referenced
the OLD one. Caused ~25 cascade failures: send_message KeyError,
process_registry FileNotFoundError, file_read_guards timeouts,
read_loop_detection file-not-found, mcp_oauth None port, and
provider_parity/codex_execution stale tool lists.
Fix: autouse fixture saves all affected modules before each test and
restores them after, matching the pattern in
test_managed_browserbase_and_modal.py.
2026-04-02 15:33:51 -07:00
|
|
|
# "tools.honcho_tools", # Removed — Honcho is now a memory provider plugin
|
2026-02-28 13:32:48 +03:00
|
|
|
"tools.homeassistant_tool",
|
2026-02-12 10:05:08 -08:00
|
|
|
]
|
2026-02-21 20:22:33 -08:00
|
|
|
import importlib
|
|
|
|
|
for mod_name in _modules:
|
|
|
|
|
try:
|
|
|
|
|
importlib.import_module(mod_name)
|
|
|
|
|
except Exception as e:
|
2026-03-17 04:31:26 -07:00
|
|
|
logger.warning("Could not import tool module %s: %s", mod_name, e)
|
2026-02-12 10:05:08 -08:00
|
|
|
|
|
|
|
|
|
2026-02-21 20:22:33 -08:00
|
|
|
_discover_tools()
|
Add messaging platform enhancements: STT, stickers, Discord UX, Slack, pairing, hooks
Major feature additions inspired by OpenClaw/ClawdBot integration analysis:
Voice Message Transcription (STT):
- Auto-transcribe voice/audio messages via OpenAI Whisper API
- Download voice to ~/.hermes/audio_cache/ on Telegram/Discord/WhatsApp
- Inject transcript as text so all models can understand voice input
- Configurable model (whisper-1, gpt-4o-mini-transcribe, gpt-4o-transcribe)
Telegram Sticker Understanding:
- Describe static stickers via vision tool with JSON-backed cache
- Cache keyed by file_unique_id avoids redundant API calls
- Animated/video stickers get emoji-based fallback description
Discord Rich UX:
- Native slash commands (/ask, /reset, /status, /stop) via app_commands
- Button-based exec approvals (Allow Once / Always Allow / Deny)
- ExecApprovalView with user authorization and timeout handling
Slack Integration:
- Full SlackAdapter using slack-bolt with Socket Mode
- DMs, channel messages (mention-gated), /hermes slash command
- File attachment handling with bot-token-authenticated downloads
DM Pairing System:
- Code-based user authorization as alternative to static allowlists
- 8-char codes from unambiguous alphabet, 1-hour expiry
- Rate limiting, lockout after failed attempts, chmod 0600 on data
- CLI: hermes pairing list/approve/revoke/clear-pending
Event Hook System:
- File-based hook discovery from ~/.hermes/hooks/
- HOOK.yaml + handler.py per hook, sync/async handler support
- Events: gateway:startup, session:start/reset, agent:start/step/end
- Wildcard matching (command:* catches all command events)
Cross-Channel Messaging:
- send_message agent tool for delivering to any connected platform
- Enables cron job delivery and cross-platform notifications
Human-Like Response Pacing:
- Configurable delays between message chunks (off/natural/custom)
- HERMES_HUMAN_DELAY_MODE env var with min/max ms settings
Warm Injection Message Style:
- Retrofitted image vision messages with friendly kawaii-consistent tone
- All new injection messages (STT, stickers, errors) use warm style
Also: updated config migration to prompt for optional keys interactively,
bumped config version, updated README, AGENTS.md, .env.example,
cli-config.yaml.example, install scripts, pyproject.toml, and toolsets.
2026-02-15 21:38:59 -08:00
|
|
|
|
feat: add MCP (Model Context Protocol) client support
Connect to external MCP servers via stdio transport, discover their tools
at startup, and register them into the hermes-agent tool registry.
- New tools/mcp_tool.py: config loading, server connection via background
event loop, tool handler factories, discovery, and graceful shutdown
- model_tools.py: trigger MCP discovery after built-in tool imports
- cli.py: call shutdown_mcp_servers in _run_cleanup
- pyproject.toml: add mcp>=1.2.0 as optional dependency
- 27 unit tests covering config, schema conversion, handlers, registration,
SDK interaction, toolset injection, graceful fallback, and shutdown
Config format (in ~/.hermes/config.yaml):
mcp_servers:
filesystem:
command: "npx"
args: ["-y", "@modelcontextprotocol/server-filesystem", "/tmp"]
2026-03-02 21:03:14 +03:00
|
|
|
# MCP tool discovery (external MCP servers from config)
|
|
|
|
|
try:
|
|
|
|
|
from tools.mcp_tool import discover_mcp_tools
|
|
|
|
|
discover_mcp_tools()
|
|
|
|
|
except Exception as e:
|
|
|
|
|
logger.debug("MCP tool discovery failed: %s", e)
|
|
|
|
|
|
feat: first-class plugin architecture (#1555)
Plugin system for extending Hermes with custom tools, hooks, and
integrations — no source code changes required.
Core system (hermes_cli/plugins.py):
- Plugin discovery from ~/.hermes/plugins/, .hermes/plugins/, and
pip entry_points (hermes_agent.plugins group)
- PluginContext with register_tool() and register_hook()
- 6 lifecycle hooks: pre/post tool_call, pre/post llm_call,
on_session_start/end
- Namespace package handling for relative imports in plugins
- Graceful error isolation — broken plugins never crash the agent
Integration (model_tools.py):
- Plugin discovery runs after built-in + MCP tools
- Plugin tools bypass toolset filter via get_plugin_tool_names()
- Pre/post tool call hooks fire in handle_function_call()
CLI:
- /plugins command shows loaded plugins, tool counts, status
- Added to COMMANDS dict for autocomplete
Docs:
- Getting started guide (build-a-hermes-plugin.md) — full tutorial
building a calculator plugin step by step
- Reference page (features/plugins.md) — quick overview + tables
- Covers: file structure, schemas, handlers, hooks, data files,
bundled skills, env var gating, pip distribution, common mistakes
Tests: 16 tests covering discovery, loading, hooks, tool visibility.
2026-03-16 07:17:36 -07:00
|
|
|
# Plugin tool discovery (user/project/pip plugins)
|
|
|
|
|
try:
|
|
|
|
|
from hermes_cli.plugins import discover_plugins
|
|
|
|
|
discover_plugins()
|
|
|
|
|
except Exception as e:
|
|
|
|
|
logger.debug("Plugin discovery failed: %s", e)
|
|
|
|
|
|
Add messaging platform enhancements: STT, stickers, Discord UX, Slack, pairing, hooks
Major feature additions inspired by OpenClaw/ClawdBot integration analysis:
Voice Message Transcription (STT):
- Auto-transcribe voice/audio messages via OpenAI Whisper API
- Download voice to ~/.hermes/audio_cache/ on Telegram/Discord/WhatsApp
- Inject transcript as text so all models can understand voice input
- Configurable model (whisper-1, gpt-4o-mini-transcribe, gpt-4o-transcribe)
Telegram Sticker Understanding:
- Describe static stickers via vision tool with JSON-backed cache
- Cache keyed by file_unique_id avoids redundant API calls
- Animated/video stickers get emoji-based fallback description
Discord Rich UX:
- Native slash commands (/ask, /reset, /status, /stop) via app_commands
- Button-based exec approvals (Allow Once / Always Allow / Deny)
- ExecApprovalView with user authorization and timeout handling
Slack Integration:
- Full SlackAdapter using slack-bolt with Socket Mode
- DMs, channel messages (mention-gated), /hermes slash command
- File attachment handling with bot-token-authenticated downloads
DM Pairing System:
- Code-based user authorization as alternative to static allowlists
- 8-char codes from unambiguous alphabet, 1-hour expiry
- Rate limiting, lockout after failed attempts, chmod 0600 on data
- CLI: hermes pairing list/approve/revoke/clear-pending
Event Hook System:
- File-based hook discovery from ~/.hermes/hooks/
- HOOK.yaml + handler.py per hook, sync/async handler support
- Events: gateway:startup, session:start/reset, agent:start/step/end
- Wildcard matching (command:* catches all command events)
Cross-Channel Messaging:
- send_message agent tool for delivering to any connected platform
- Enables cron job delivery and cross-platform notifications
Human-Like Response Pacing:
- Configurable delays between message chunks (off/natural/custom)
- HERMES_HUMAN_DELAY_MODE env var with min/max ms settings
Warm Injection Message Style:
- Retrofitted image vision messages with friendly kawaii-consistent tone
- All new injection messages (STT, stickers, errors) use warm style
Also: updated config migration to prompt for optional keys interactively,
bumped config version, updated README, AGENTS.md, .env.example,
cli-config.yaml.example, install scripts, pyproject.toml, and toolsets.
2026-02-15 21:38:59 -08:00
|
|
|
|
2026-02-21 20:22:33 -08:00
|
|
|
# =============================================================================
|
|
|
|
|
# Backward-compat constants (built once after discovery)
|
|
|
|
|
# =============================================================================
|
Add background process management with process tool, wait, PTY, and stdin support
New process registry and tool for managing long-running background processes
across all terminal backends (local, Docker, Singularity, Modal, SSH).
Process Registry (tools/process_registry.py):
- ProcessSession tracking with rolling 200KB output buffer
- spawn_local() with optional PTY via ptyprocess for interactive CLIs
- spawn_via_env() for non-local backends (runs inside sandbox, never on host)
- Background reader threads per process (Popen stdout or PTY)
- wait() with timeout clamping, interrupt support, and transparent limit reporting
- JSON checkpoint to ~/.hermes/processes.json for gateway crash recovery
- Module-level singleton shared across agent loop, gateway, and RL
Process Tool (model_tools.py):
- 7 actions: list, poll, log, wait, kill, write, submit
- Paired with terminal in all toolsets (CLI, messaging, RL)
- Timeout clamping with transparent notes in response
Terminal Tool Updates (tools/terminal_tool.py):
- Replaced nohup background mode with registry spawn (returns session_id)
- Added workdir parameter for per-command working directory
- Added check_interval parameter for gateway auto-check watchers
- Added pty parameter for interactive CLI tools (Codex, Claude Code)
- Updated TERMINAL_TOOL_DESCRIPTION with full background workflow docs
- Cleanup thread now respects active background processes (won't reap sandbox)
Gateway Integration (gateway/run.py, session.py, config.py):
- Session reset protection: sessions with active processes exempt from reset
- Default idle timeout increased from 2 hours to 24 hours
- from_dict fallback aligned to match (was 120, now 1440)
- session_key env var propagated to process registry for session mapping
- Crash recovery on gateway startup via checkpoint probe
- check_interval watcher: asyncio task polls process, delivers updates to platform
RL Safety (environments/):
- tool_context.py cleanup() kills background processes on episode end
- hermes_base_env.py warns when enabled_toolsets is None (loads all tools)
- Process tool safe in RL via wait() blocking the agent loop
Also:
- Added ptyprocess as optional dependency (in pyproject.toml [pty] extra + [all])
- Fixed pre-existing bug: rl_test_inference missing from TOOL_TO_TOOLSET_MAP
- Updated AGENTS.md with process management docs and project structure
- Updated README.md terminal section with process management overview
2026-02-17 02:51:31 -08:00
|
|
|
|
2026-02-21 20:22:33 -08:00
|
|
|
TOOL_TO_TOOLSET_MAP: Dict[str, str] = registry.get_tool_to_toolset_map()
|
Add background process management with process tool, wait, PTY, and stdin support
New process registry and tool for managing long-running background processes
across all terminal backends (local, Docker, Singularity, Modal, SSH).
Process Registry (tools/process_registry.py):
- ProcessSession tracking with rolling 200KB output buffer
- spawn_local() with optional PTY via ptyprocess for interactive CLIs
- spawn_via_env() for non-local backends (runs inside sandbox, never on host)
- Background reader threads per process (Popen stdout or PTY)
- wait() with timeout clamping, interrupt support, and transparent limit reporting
- JSON checkpoint to ~/.hermes/processes.json for gateway crash recovery
- Module-level singleton shared across agent loop, gateway, and RL
Process Tool (model_tools.py):
- 7 actions: list, poll, log, wait, kill, write, submit
- Paired with terminal in all toolsets (CLI, messaging, RL)
- Timeout clamping with transparent notes in response
Terminal Tool Updates (tools/terminal_tool.py):
- Replaced nohup background mode with registry spawn (returns session_id)
- Added workdir parameter for per-command working directory
- Added check_interval parameter for gateway auto-check watchers
- Added pty parameter for interactive CLI tools (Codex, Claude Code)
- Updated TERMINAL_TOOL_DESCRIPTION with full background workflow docs
- Cleanup thread now respects active background processes (won't reap sandbox)
Gateway Integration (gateway/run.py, session.py, config.py):
- Session reset protection: sessions with active processes exempt from reset
- Default idle timeout increased from 2 hours to 24 hours
- from_dict fallback aligned to match (was 120, now 1440)
- session_key env var propagated to process registry for session mapping
- Crash recovery on gateway startup via checkpoint probe
- check_interval watcher: asyncio task polls process, delivers updates to platform
RL Safety (environments/):
- tool_context.py cleanup() kills background processes on episode end
- hermes_base_env.py warns when enabled_toolsets is None (loads all tools)
- Process tool safe in RL via wait() blocking the agent loop
Also:
- Added ptyprocess as optional dependency (in pyproject.toml [pty] extra + [all])
- Fixed pre-existing bug: rl_test_inference missing from TOOL_TO_TOOLSET_MAP
- Updated AGENTS.md with process management docs and project structure
- Updated README.md terminal section with process management overview
2026-02-17 02:51:31 -08:00
|
|
|
|
2026-02-21 20:22:33 -08:00
|
|
|
TOOLSET_REQUIREMENTS: Dict[str, dict] = registry.get_toolset_requirements()
|
2025-11-17 01:14:31 -05:00
|
|
|
|
2026-02-21 20:22:33 -08:00
|
|
|
# Resolved tool names from the last get_tool_definitions() call.
|
|
|
|
|
# Used by code_execution_tool to know which tools are available in this session.
|
|
|
|
|
_last_resolved_tool_names: List[str] = []
|
2025-11-17 01:14:31 -05:00
|
|
|
|
2025-08-09 09:52:25 -07:00
|
|
|
|
2026-02-21 20:22:33 -08:00
|
|
|
# =============================================================================
|
|
|
|
|
# Legacy toolset name mapping (old _tools-suffixed names -> tool name lists)
|
|
|
|
|
# =============================================================================
|
2025-08-09 09:52:25 -07:00
|
|
|
|
2026-02-21 20:22:33 -08:00
|
|
|
_LEGACY_TOOLSET_MAP = {
|
|
|
|
|
"web_tools": ["web_search", "web_extract"],
|
|
|
|
|
"terminal_tools": ["terminal"],
|
|
|
|
|
"vision_tools": ["vision_analyze"],
|
|
|
|
|
"moa_tools": ["mixture_of_agents"],
|
|
|
|
|
"image_tools": ["image_generate"],
|
|
|
|
|
"skills_tools": ["skills_list", "skill_view", "skill_manage"],
|
|
|
|
|
"browser_tools": [
|
|
|
|
|
"browser_navigate", "browser_snapshot", "browser_click",
|
|
|
|
|
"browser_type", "browser_scroll", "browser_back",
|
|
|
|
|
"browser_press", "browser_close", "browser_get_images",
|
2026-03-17 02:02:49 -07:00
|
|
|
"browser_vision", "browser_console"
|
2026-02-21 20:22:33 -08:00
|
|
|
],
|
2026-03-14 12:21:50 -07:00
|
|
|
"cronjob_tools": ["cronjob"],
|
2026-02-21 20:22:33 -08:00
|
|
|
"rl_tools": [
|
|
|
|
|
"rl_list_environments", "rl_select_environment",
|
|
|
|
|
"rl_get_current_config", "rl_edit_config",
|
|
|
|
|
"rl_start_training", "rl_check_status",
|
|
|
|
|
"rl_stop_training", "rl_get_results",
|
|
|
|
|
"rl_list_runs", "rl_test_inference"
|
|
|
|
|
],
|
|
|
|
|
"file_tools": ["read_file", "write_file", "patch", "search_files"],
|
|
|
|
|
"tts_tools": ["text_to_speech"],
|
2026-02-08 20:19:14 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2026-02-21 20:22:33 -08:00
|
|
|
# =============================================================================
|
|
|
|
|
# get_tool_definitions (the main schema provider)
|
|
|
|
|
# =============================================================================
|
2026-02-19 23:23:43 -08:00
|
|
|
|
2025-08-09 09:52:25 -07:00
|
|
|
def get_tool_definitions(
|
|
|
|
|
enabled_toolsets: List[str] = None,
|
2026-01-31 06:30:48 +00:00
|
|
|
disabled_toolsets: List[str] = None,
|
|
|
|
|
quiet_mode: bool = False,
|
2025-08-09 09:52:25 -07:00
|
|
|
) -> List[Dict[str, Any]]:
|
|
|
|
|
"""
|
2025-09-10 00:43:55 -07:00
|
|
|
Get tool definitions for model API calls with toolset-based filtering.
|
2026-02-21 20:22:33 -08:00
|
|
|
|
|
|
|
|
All tools must be part of a toolset to be accessible.
|
|
|
|
|
|
2025-08-09 09:52:25 -07:00
|
|
|
Args:
|
2026-02-21 20:22:33 -08:00
|
|
|
enabled_toolsets: Only include tools from these toolsets.
|
|
|
|
|
disabled_toolsets: Exclude tools from these toolsets (if enabled_toolsets is None).
|
|
|
|
|
quiet_mode: Suppress status prints.
|
|
|
|
|
|
2025-08-09 09:52:25 -07:00
|
|
|
Returns:
|
2026-02-21 20:22:33 -08:00
|
|
|
Filtered list of OpenAI-format tool definitions.
|
2025-08-09 09:52:25 -07:00
|
|
|
"""
|
2026-02-21 20:22:33 -08:00
|
|
|
# Determine which tool names the caller wants
|
|
|
|
|
tools_to_include: set = set()
|
2025-11-17 01:14:31 -05:00
|
|
|
|
2026-03-30 21:10:05 -07:00
|
|
|
if enabled_toolsets is not None:
|
2025-08-09 09:52:25 -07:00
|
|
|
for toolset_name in enabled_toolsets:
|
2025-09-10 00:43:55 -07:00
|
|
|
if validate_toolset(toolset_name):
|
2026-02-21 20:22:33 -08:00
|
|
|
resolved = resolve_toolset(toolset_name)
|
|
|
|
|
tools_to_include.update(resolved)
|
|
|
|
|
if not quiet_mode:
|
|
|
|
|
print(f"✅ Enabled toolset '{toolset_name}': {', '.join(resolved) if resolved else 'no tools'}")
|
|
|
|
|
elif toolset_name in _LEGACY_TOOLSET_MAP:
|
|
|
|
|
legacy_tools = _LEGACY_TOOLSET_MAP[toolset_name]
|
|
|
|
|
tools_to_include.update(legacy_tools)
|
2026-02-02 23:46:41 -08:00
|
|
|
if not quiet_mode:
|
2026-02-21 20:22:33 -08:00
|
|
|
print(f"✅ Enabled legacy toolset '{toolset_name}': {', '.join(legacy_tools)}")
|
2025-08-09 09:52:25 -07:00
|
|
|
else:
|
2026-02-21 20:22:33 -08:00
|
|
|
if not quiet_mode:
|
|
|
|
|
print(f"⚠️ Unknown toolset: {toolset_name}")
|
|
|
|
|
|
2025-08-09 09:52:25 -07:00
|
|
|
elif disabled_toolsets:
|
2025-09-10 00:43:55 -07:00
|
|
|
from toolsets import get_all_toolsets
|
2026-02-21 20:22:33 -08:00
|
|
|
for ts_name in get_all_toolsets():
|
|
|
|
|
tools_to_include.update(resolve_toolset(ts_name))
|
|
|
|
|
|
2025-09-10 00:43:55 -07:00
|
|
|
for toolset_name in disabled_toolsets:
|
|
|
|
|
if validate_toolset(toolset_name):
|
2026-02-21 20:22:33 -08:00
|
|
|
resolved = resolve_toolset(toolset_name)
|
|
|
|
|
tools_to_include.difference_update(resolved)
|
|
|
|
|
if not quiet_mode:
|
|
|
|
|
print(f"🚫 Disabled toolset '{toolset_name}': {', '.join(resolved) if resolved else 'no tools'}")
|
|
|
|
|
elif toolset_name in _LEGACY_TOOLSET_MAP:
|
|
|
|
|
legacy_tools = _LEGACY_TOOLSET_MAP[toolset_name]
|
|
|
|
|
tools_to_include.difference_update(legacy_tools)
|
2026-02-02 23:46:41 -08:00
|
|
|
if not quiet_mode:
|
2026-02-21 20:22:33 -08:00
|
|
|
print(f"🚫 Disabled legacy toolset '{toolset_name}': {', '.join(legacy_tools)}")
|
2025-09-10 00:43:55 -07:00
|
|
|
else:
|
2026-02-21 20:22:33 -08:00
|
|
|
if not quiet_mode:
|
|
|
|
|
print(f"⚠️ Unknown toolset: {toolset_name}")
|
2025-09-10 00:43:55 -07:00
|
|
|
else:
|
|
|
|
|
from toolsets import get_all_toolsets
|
2026-02-21 20:22:33 -08:00
|
|
|
for ts_name in get_all_toolsets():
|
|
|
|
|
tools_to_include.update(resolve_toolset(ts_name))
|
|
|
|
|
|
2026-03-22 04:55:34 -07:00
|
|
|
# Plugin-registered tools are now resolved through the normal toolset
|
|
|
|
|
# path — validate_toolset() / resolve_toolset() / get_all_toolsets()
|
|
|
|
|
# all check the tool registry for plugin-provided toolsets. No bypass
|
|
|
|
|
# needed; plugins respect enabled_toolsets / disabled_toolsets like any
|
|
|
|
|
# other toolset.
|
feat: first-class plugin architecture (#1555)
Plugin system for extending Hermes with custom tools, hooks, and
integrations — no source code changes required.
Core system (hermes_cli/plugins.py):
- Plugin discovery from ~/.hermes/plugins/, .hermes/plugins/, and
pip entry_points (hermes_agent.plugins group)
- PluginContext with register_tool() and register_hook()
- 6 lifecycle hooks: pre/post tool_call, pre/post llm_call,
on_session_start/end
- Namespace package handling for relative imports in plugins
- Graceful error isolation — broken plugins never crash the agent
Integration (model_tools.py):
- Plugin discovery runs after built-in + MCP tools
- Plugin tools bypass toolset filter via get_plugin_tool_names()
- Pre/post tool call hooks fire in handle_function_call()
CLI:
- /plugins command shows loaded plugins, tool counts, status
- Added to COMMANDS dict for autocomplete
Docs:
- Getting started guide (build-a-hermes-plugin.md) — full tutorial
building a calculator plugin step by step
- Reference page (features/plugins.md) — quick overview + tables
- Covers: file structure, schemas, handlers, hooks, data files,
bundled skills, env var gating, pip distribution, common mistakes
Tests: 16 tests covering discovery, loading, hooks, tool visibility.
2026-03-16 07:17:36 -07:00
|
|
|
|
2026-02-21 20:22:33 -08:00
|
|
|
# Ask the registry for schemas (only returns tools whose check_fn passes)
|
|
|
|
|
filtered_tools = registry.get_definitions(tools_to_include, quiet=quiet_mode)
|
|
|
|
|
|
2026-03-19 10:08:14 -07:00
|
|
|
# The set of tool names that actually passed check_fn filtering.
|
|
|
|
|
# Use this (not tools_to_include) for any downstream schema that references
|
|
|
|
|
# other tools by name — otherwise the model sees tools mentioned in
|
|
|
|
|
# descriptions that don't actually exist, and hallucinates calls to them.
|
|
|
|
|
available_tool_names = {t["function"]["name"] for t in filtered_tools}
|
|
|
|
|
|
2026-03-06 17:36:06 -08:00
|
|
|
# Rebuild execute_code schema to only list sandbox tools that are actually
|
2026-03-19 10:08:14 -07:00
|
|
|
# available. Without this, the model sees "web_search is available in
|
|
|
|
|
# execute_code" even when the API key isn't configured or the toolset is
|
|
|
|
|
# disabled (#560-discord).
|
|
|
|
|
if "execute_code" in available_tool_names:
|
2026-03-06 17:36:06 -08:00
|
|
|
from tools.code_execution_tool import SANDBOX_ALLOWED_TOOLS, build_execute_code_schema
|
2026-03-19 10:08:14 -07:00
|
|
|
sandbox_enabled = SANDBOX_ALLOWED_TOOLS & available_tool_names
|
2026-03-06 17:36:06 -08:00
|
|
|
dynamic_schema = build_execute_code_schema(sandbox_enabled)
|
|
|
|
|
for i, td in enumerate(filtered_tools):
|
|
|
|
|
if td.get("function", {}).get("name") == "execute_code":
|
|
|
|
|
filtered_tools[i] = {"type": "function", "function": dynamic_schema}
|
|
|
|
|
break
|
|
|
|
|
|
2026-03-19 10:08:14 -07:00
|
|
|
# Strip web tool cross-references from browser_navigate description when
|
|
|
|
|
# web_search / web_extract are not available. The static schema says
|
|
|
|
|
# "prefer web_search or web_extract" which causes the model to hallucinate
|
|
|
|
|
# those tools when they're missing.
|
|
|
|
|
if "browser_navigate" in available_tool_names:
|
|
|
|
|
web_tools_available = {"web_search", "web_extract"} & available_tool_names
|
|
|
|
|
if not web_tools_available:
|
|
|
|
|
for i, td in enumerate(filtered_tools):
|
|
|
|
|
if td.get("function", {}).get("name") == "browser_navigate":
|
|
|
|
|
desc = td["function"].get("description", "")
|
|
|
|
|
desc = desc.replace(
|
|
|
|
|
" For simple information retrieval, prefer web_search or web_extract (faster, cheaper).",
|
|
|
|
|
"",
|
|
|
|
|
)
|
|
|
|
|
filtered_tools[i] = {
|
|
|
|
|
"type": "function",
|
|
|
|
|
"function": {**td["function"], "description": desc},
|
|
|
|
|
}
|
|
|
|
|
break
|
|
|
|
|
|
2026-01-31 06:30:48 +00:00
|
|
|
if not quiet_mode:
|
|
|
|
|
if filtered_tools:
|
|
|
|
|
tool_names = [t["function"]["name"] for t in filtered_tools]
|
|
|
|
|
print(f"🛠️ Final tool selection ({len(filtered_tools)} tools): {', '.join(tool_names)}")
|
|
|
|
|
else:
|
|
|
|
|
print("🛠️ No tools selected (all filtered out or unavailable)")
|
2026-02-21 20:22:33 -08:00
|
|
|
|
2026-02-19 23:23:43 -08:00
|
|
|
global _last_resolved_tool_names
|
|
|
|
|
_last_resolved_tool_names = [t["function"]["name"] for t in filtered_tools]
|
2026-01-29 06:10:24 +00:00
|
|
|
|
2026-02-21 20:22:33 -08:00
|
|
|
return filtered_tools
|
2026-01-29 06:10:24 +00:00
|
|
|
|
2026-02-02 08:26:42 -08:00
|
|
|
|
2026-02-21 20:22:33 -08:00
|
|
|
# =============================================================================
|
|
|
|
|
# handle_function_call (the main dispatcher)
|
|
|
|
|
# =============================================================================
|
2026-02-02 08:26:42 -08:00
|
|
|
|
2026-02-21 20:22:33 -08:00
|
|
|
# Tools whose execution is intercepted by the agent loop (run_agent.py)
|
|
|
|
|
# because they need agent-level state (TodoStore, MemoryStore, etc.).
|
|
|
|
|
# The registry still holds their schemas; dispatch just returns a stub error
|
|
|
|
|
# so if something slips through, the LLM sees a sensible message.
|
|
|
|
|
_AGENT_LOOP_TOOLS = {"todo", "memory", "session_search", "delegate_task"}
|
2026-03-18 03:04:07 -07:00
|
|
|
_READ_SEARCH_TOOLS = {"read_file", "search_files"}
|
2026-02-03 23:41:26 -08:00
|
|
|
|
|
|
|
|
|
2026-02-21 20:22:33 -08:00
|
|
|
def handle_function_call(
|
2026-02-05 03:49:46 -08:00
|
|
|
function_name: str,
|
|
|
|
|
function_args: Dict[str, Any],
|
2026-01-29 06:10:24 +00:00
|
|
|
task_id: Optional[str] = None,
|
2026-02-21 20:22:33 -08:00
|
|
|
user_task: Optional[str] = None,
|
2026-03-10 06:32:08 -07:00
|
|
|
enabled_tools: Optional[List[str]] = None,
|
2026-01-29 06:10:24 +00:00
|
|
|
) -> str:
|
2025-08-09 09:52:25 -07:00
|
|
|
"""
|
2026-02-21 20:22:33 -08:00
|
|
|
Main function call dispatcher that routes calls to the tool registry.
|
2025-11-03 17:42:23 -05:00
|
|
|
|
2025-08-09 09:52:25 -07:00
|
|
|
Args:
|
2026-02-21 20:22:33 -08:00
|
|
|
function_name: Name of the function to call.
|
|
|
|
|
function_args: Arguments for the function.
|
|
|
|
|
task_id: Unique identifier for terminal/browser session isolation.
|
|
|
|
|
user_task: The user's original task (for browser_snapshot context).
|
2026-03-10 06:32:08 -07:00
|
|
|
enabled_tools: Tool names enabled for this session. When provided,
|
|
|
|
|
execute_code uses this list to determine which sandbox
|
|
|
|
|
tools to generate. Falls back to the process-global
|
|
|
|
|
``_last_resolved_tool_names`` for backward compat.
|
2025-11-03 17:42:23 -05:00
|
|
|
|
2025-08-09 09:52:25 -07:00
|
|
|
Returns:
|
2026-02-21 20:22:33 -08:00
|
|
|
Function result as a JSON string.
|
2025-08-09 09:52:25 -07:00
|
|
|
"""
|
fix: improve read-loop detection — consecutive-only, correct thresholds, fix bugs
Follow-up to PR #705 (merged from 0xbyt4). Addresses several issues:
1. CONSECUTIVE-ONLY TRACKING: Redesigned the read/search tracker to only
warn/block on truly consecutive identical calls. Any other tool call
in between (write, patch, terminal, etc.) resets the counter via
notify_other_tool_call(), called from handle_function_call() in
model_tools.py. This prevents false blocks in read→edit→verify flows.
2. THRESHOLD ADJUSTMENT: Warn on 3rd consecutive (was 2nd), block on
4th+ consecutive (was 3rd+). Gives the model more room before
intervening.
3. TUPLE UNPACKING BUG: Fixed get_read_files_summary() which crashed on
search keys (5-tuple) when trying to unpack as 3-tuple. Now uses a
separate read_history set that only tracks file reads.
4. WEB_EXTRACT DOCSTRING: Reverted incorrect removal of 'title' from
web_extract return docs in code_execution_tool.py — the field IS
returned by web_tools.py.
5. TESTS: Rewrote test_read_loop_detection.py (35 tests) to cover
consecutive-only behavior, notify_other_tool_call, interleaved
read/search, and summary-unaffected-by-searches.
2026-03-10 16:25:41 -07:00
|
|
|
# Notify the read-loop tracker when a non-read/search tool runs,
|
|
|
|
|
# so the *consecutive* counter resets (reads after other work are fine).
|
|
|
|
|
if function_name not in _READ_SEARCH_TOOLS:
|
|
|
|
|
try:
|
|
|
|
|
from tools.file_tools import notify_other_tool_call
|
|
|
|
|
notify_other_tool_call(task_id or "default")
|
|
|
|
|
except Exception:
|
|
|
|
|
pass # file_tools may not be loaded yet
|
|
|
|
|
|
2025-08-09 09:52:25 -07:00
|
|
|
try:
|
2026-02-21 20:22:33 -08:00
|
|
|
if function_name in _AGENT_LOOP_TOOLS:
|
|
|
|
|
return json.dumps({"error": f"{function_name} must be handled by the agent loop"})
|
Add background process management with process tool, wait, PTY, and stdin support
New process registry and tool for managing long-running background processes
across all terminal backends (local, Docker, Singularity, Modal, SSH).
Process Registry (tools/process_registry.py):
- ProcessSession tracking with rolling 200KB output buffer
- spawn_local() with optional PTY via ptyprocess for interactive CLIs
- spawn_via_env() for non-local backends (runs inside sandbox, never on host)
- Background reader threads per process (Popen stdout or PTY)
- wait() with timeout clamping, interrupt support, and transparent limit reporting
- JSON checkpoint to ~/.hermes/processes.json for gateway crash recovery
- Module-level singleton shared across agent loop, gateway, and RL
Process Tool (model_tools.py):
- 7 actions: list, poll, log, wait, kill, write, submit
- Paired with terminal in all toolsets (CLI, messaging, RL)
- Timeout clamping with transparent notes in response
Terminal Tool Updates (tools/terminal_tool.py):
- Replaced nohup background mode with registry spawn (returns session_id)
- Added workdir parameter for per-command working directory
- Added check_interval parameter for gateway auto-check watchers
- Added pty parameter for interactive CLI tools (Codex, Claude Code)
- Updated TERMINAL_TOOL_DESCRIPTION with full background workflow docs
- Cleanup thread now respects active background processes (won't reap sandbox)
Gateway Integration (gateway/run.py, session.py, config.py):
- Session reset protection: sessions with active processes exempt from reset
- Default idle timeout increased from 2 hours to 24 hours
- from_dict fallback aligned to match (was 120, now 1440)
- session_key env var propagated to process registry for session mapping
- Crash recovery on gateway startup via checkpoint probe
- check_interval watcher: asyncio task polls process, delivers updates to platform
RL Safety (environments/):
- tool_context.py cleanup() kills background processes on episode end
- hermes_base_env.py warns when enabled_toolsets is None (loads all tools)
- Process tool safe in RL via wait() blocking the agent loop
Also:
- Added ptyprocess as optional dependency (in pyproject.toml [pty] extra + [all])
- Fixed pre-existing bug: rl_test_inference missing from TOOL_TO_TOOLSET_MAP
- Updated AGENTS.md with process management docs and project structure
- Updated README.md terminal section with process management overview
2026-02-17 02:51:31 -08:00
|
|
|
|
feat: first-class plugin architecture (#1555)
Plugin system for extending Hermes with custom tools, hooks, and
integrations — no source code changes required.
Core system (hermes_cli/plugins.py):
- Plugin discovery from ~/.hermes/plugins/, .hermes/plugins/, and
pip entry_points (hermes_agent.plugins group)
- PluginContext with register_tool() and register_hook()
- 6 lifecycle hooks: pre/post tool_call, pre/post llm_call,
on_session_start/end
- Namespace package handling for relative imports in plugins
- Graceful error isolation — broken plugins never crash the agent
Integration (model_tools.py):
- Plugin discovery runs after built-in + MCP tools
- Plugin tools bypass toolset filter via get_plugin_tool_names()
- Pre/post tool call hooks fire in handle_function_call()
CLI:
- /plugins command shows loaded plugins, tool counts, status
- Added to COMMANDS dict for autocomplete
Docs:
- Getting started guide (build-a-hermes-plugin.md) — full tutorial
building a calculator plugin step by step
- Reference page (features/plugins.md) — quick overview + tables
- Covers: file structure, schemas, handlers, hooks, data files,
bundled skills, env var gating, pip distribution, common mistakes
Tests: 16 tests covering discovery, loading, hooks, tool visibility.
2026-03-16 07:17:36 -07:00
|
|
|
try:
|
|
|
|
|
from hermes_cli.plugins import invoke_hook
|
|
|
|
|
invoke_hook("pre_tool_call", tool_name=function_name, args=function_args, task_id=task_id or "")
|
|
|
|
|
except Exception:
|
|
|
|
|
pass
|
|
|
|
|
|
2026-02-21 20:22:33 -08:00
|
|
|
if function_name == "execute_code":
|
2026-03-10 06:32:08 -07:00
|
|
|
# Prefer the caller-provided list so subagents can't overwrite
|
|
|
|
|
# the parent's tool set via the process-global.
|
|
|
|
|
sandbox_enabled = enabled_tools if enabled_tools is not None else _last_resolved_tool_names
|
feat: first-class plugin architecture (#1555)
Plugin system for extending Hermes with custom tools, hooks, and
integrations — no source code changes required.
Core system (hermes_cli/plugins.py):
- Plugin discovery from ~/.hermes/plugins/, .hermes/plugins/, and
pip entry_points (hermes_agent.plugins group)
- PluginContext with register_tool() and register_hook()
- 6 lifecycle hooks: pre/post tool_call, pre/post llm_call,
on_session_start/end
- Namespace package handling for relative imports in plugins
- Graceful error isolation — broken plugins never crash the agent
Integration (model_tools.py):
- Plugin discovery runs after built-in + MCP tools
- Plugin tools bypass toolset filter via get_plugin_tool_names()
- Pre/post tool call hooks fire in handle_function_call()
CLI:
- /plugins command shows loaded plugins, tool counts, status
- Added to COMMANDS dict for autocomplete
Docs:
- Getting started guide (build-a-hermes-plugin.md) — full tutorial
building a calculator plugin step by step
- Reference page (features/plugins.md) — quick overview + tables
- Covers: file structure, schemas, handlers, hooks, data files,
bundled skills, env var gating, pip distribution, common mistakes
Tests: 16 tests covering discovery, loading, hooks, tool visibility.
2026-03-16 07:17:36 -07:00
|
|
|
result = registry.dispatch(
|
2026-02-21 20:22:33 -08:00
|
|
|
function_name, function_args,
|
2026-02-19 23:23:43 -08:00
|
|
|
task_id=task_id,
|
2026-03-10 06:32:08 -07:00
|
|
|
enabled_tools=sandbox_enabled,
|
2026-02-19 23:23:43 -08:00
|
|
|
)
|
feat: first-class plugin architecture (#1555)
Plugin system for extending Hermes with custom tools, hooks, and
integrations — no source code changes required.
Core system (hermes_cli/plugins.py):
- Plugin discovery from ~/.hermes/plugins/, .hermes/plugins/, and
pip entry_points (hermes_agent.plugins group)
- PluginContext with register_tool() and register_hook()
- 6 lifecycle hooks: pre/post tool_call, pre/post llm_call,
on_session_start/end
- Namespace package handling for relative imports in plugins
- Graceful error isolation — broken plugins never crash the agent
Integration (model_tools.py):
- Plugin discovery runs after built-in + MCP tools
- Plugin tools bypass toolset filter via get_plugin_tool_names()
- Pre/post tool call hooks fire in handle_function_call()
CLI:
- /plugins command shows loaded plugins, tool counts, status
- Added to COMMANDS dict for autocomplete
Docs:
- Getting started guide (build-a-hermes-plugin.md) — full tutorial
building a calculator plugin step by step
- Reference page (features/plugins.md) — quick overview + tables
- Covers: file structure, schemas, handlers, hooks, data files,
bundled skills, env var gating, pip distribution, common mistakes
Tests: 16 tests covering discovery, loading, hooks, tool visibility.
2026-03-16 07:17:36 -07:00
|
|
|
else:
|
|
|
|
|
result = registry.dispatch(
|
|
|
|
|
function_name, function_args,
|
|
|
|
|
task_id=task_id,
|
|
|
|
|
user_task=user_task,
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
try:
|
|
|
|
|
from hermes_cli.plugins import invoke_hook
|
|
|
|
|
invoke_hook("post_tool_call", tool_name=function_name, args=function_args, result=result, task_id=task_id or "")
|
|
|
|
|
except Exception:
|
|
|
|
|
pass
|
2026-02-19 23:23:43 -08:00
|
|
|
|
feat: first-class plugin architecture (#1555)
Plugin system for extending Hermes with custom tools, hooks, and
integrations — no source code changes required.
Core system (hermes_cli/plugins.py):
- Plugin discovery from ~/.hermes/plugins/, .hermes/plugins/, and
pip entry_points (hermes_agent.plugins group)
- PluginContext with register_tool() and register_hook()
- 6 lifecycle hooks: pre/post tool_call, pre/post llm_call,
on_session_start/end
- Namespace package handling for relative imports in plugins
- Graceful error isolation — broken plugins never crash the agent
Integration (model_tools.py):
- Plugin discovery runs after built-in + MCP tools
- Plugin tools bypass toolset filter via get_plugin_tool_names()
- Pre/post tool call hooks fire in handle_function_call()
CLI:
- /plugins command shows loaded plugins, tool counts, status
- Added to COMMANDS dict for autocomplete
Docs:
- Getting started guide (build-a-hermes-plugin.md) — full tutorial
building a calculator plugin step by step
- Reference page (features/plugins.md) — quick overview + tables
- Covers: file structure, schemas, handlers, hooks, data files,
bundled skills, env var gating, pip distribution, common mistakes
Tests: 16 tests covering discovery, loading, hooks, tool visibility.
2026-03-16 07:17:36 -07:00
|
|
|
return result
|
2026-02-12 10:05:08 -08:00
|
|
|
|
2026-02-21 20:22:33 -08:00
|
|
|
except Exception as e:
|
|
|
|
|
error_msg = f"Error executing {function_name}: {str(e)}"
|
|
|
|
|
logger.error(error_msg)
|
|
|
|
|
return json.dumps({"error": error_msg}, ensure_ascii=False)
|
Add messaging platform enhancements: STT, stickers, Discord UX, Slack, pairing, hooks
Major feature additions inspired by OpenClaw/ClawdBot integration analysis:
Voice Message Transcription (STT):
- Auto-transcribe voice/audio messages via OpenAI Whisper API
- Download voice to ~/.hermes/audio_cache/ on Telegram/Discord/WhatsApp
- Inject transcript as text so all models can understand voice input
- Configurable model (whisper-1, gpt-4o-mini-transcribe, gpt-4o-transcribe)
Telegram Sticker Understanding:
- Describe static stickers via vision tool with JSON-backed cache
- Cache keyed by file_unique_id avoids redundant API calls
- Animated/video stickers get emoji-based fallback description
Discord Rich UX:
- Native slash commands (/ask, /reset, /status, /stop) via app_commands
- Button-based exec approvals (Allow Once / Always Allow / Deny)
- ExecApprovalView with user authorization and timeout handling
Slack Integration:
- Full SlackAdapter using slack-bolt with Socket Mode
- DMs, channel messages (mention-gated), /hermes slash command
- File attachment handling with bot-token-authenticated downloads
DM Pairing System:
- Code-based user authorization as alternative to static allowlists
- 8-char codes from unambiguous alphabet, 1-hour expiry
- Rate limiting, lockout after failed attempts, chmod 0600 on data
- CLI: hermes pairing list/approve/revoke/clear-pending
Event Hook System:
- File-based hook discovery from ~/.hermes/hooks/
- HOOK.yaml + handler.py per hook, sync/async handler support
- Events: gateway:startup, session:start/reset, agent:start/step/end
- Wildcard matching (command:* catches all command events)
Cross-Channel Messaging:
- send_message agent tool for delivering to any connected platform
- Enables cron job delivery and cross-platform notifications
Human-Like Response Pacing:
- Configurable delays between message chunks (off/natural/custom)
- HERMES_HUMAN_DELAY_MODE env var with min/max ms settings
Warm Injection Message Style:
- Retrofitted image vision messages with friendly kawaii-consistent tone
- All new injection messages (STT, stickers, errors) use warm style
Also: updated config migration to prompt for optional keys interactively,
bumped config version, updated README, AGENTS.md, .env.example,
cli-config.yaml.example, install scripts, pyproject.toml, and toolsets.
2026-02-15 21:38:59 -08:00
|
|
|
|
2026-02-17 17:02:33 -08:00
|
|
|
|
2026-02-21 20:22:33 -08:00
|
|
|
# =============================================================================
|
|
|
|
|
# Backward-compat wrapper functions
|
|
|
|
|
# =============================================================================
|
2026-02-19 00:57:31 -08:00
|
|
|
|
2026-02-21 20:22:33 -08:00
|
|
|
def get_all_tool_names() -> List[str]:
|
|
|
|
|
"""Return all registered tool names."""
|
|
|
|
|
return registry.get_all_tool_names()
|
2026-02-19 00:57:31 -08:00
|
|
|
|
2026-02-20 03:15:53 -08:00
|
|
|
|
2026-02-21 20:22:33 -08:00
|
|
|
def get_toolset_for_tool(tool_name: str) -> Optional[str]:
|
|
|
|
|
"""Return the toolset a tool belongs to."""
|
|
|
|
|
return registry.get_toolset_for_tool(tool_name)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def get_available_toolsets() -> Dict[str, dict]:
|
|
|
|
|
"""Return toolset availability info for UI display."""
|
|
|
|
|
return registry.get_available_toolsets()
|
2025-08-09 09:52:25 -07:00
|
|
|
|
|
|
|
|
|
|
|
|
|
def check_toolset_requirements() -> Dict[str, bool]:
|
2026-02-21 20:22:33 -08:00
|
|
|
"""Return {toolset: available_bool} for every registered toolset."""
|
|
|
|
|
return registry.check_toolset_requirements()
|
2025-11-17 01:14:31 -05:00
|
|
|
|
2025-08-09 09:52:25 -07:00
|
|
|
|
2026-02-21 20:22:33 -08:00
|
|
|
def check_tool_availability(quiet: bool = False) -> Tuple[List[str], List[dict]]:
|
|
|
|
|
"""Return (available_toolsets, unavailable_info)."""
|
|
|
|
|
return registry.check_tool_availability(quiet=quiet)
|