website/docs/user-guide/features/code-execution.md

---
sidebar_position: 8
title: "Code Execution"
description: "Sandboxed Python execution with RPC tool access — collapse multi-step workflows into a single turn"
---

# Code Execution (Programmatic Tool Calling)

The `execute_code` tool lets the agent write Python scripts that call Hermes tools programmatically, collapsing multi-step workflows into a single LLM turn. The script runs in a sandboxed child process on the agent host, communicating via Unix domain socket RPC.

## How It Works

```python
# The agent can write scripts like:
from hermes_tools import web_search, web_extract

results = web_search("Python 3.13 features", limit=5)
for r in results["data"]["web"]:
    content = web_extract([r["url"]])
    # ... filter and process ...
print(summary)
```

**Available tools in sandbox:** `web_search`, `web_extract`, `read_file`, `write_file`, `search_files`, `patch`, `terminal` (foreground only).

## When the Agent Uses This

The agent uses `execute_code` when there are:

- **3+ tool calls** with processing logic between them
- Bulk data filtering or conditional branching
- Loops over results

The key benefit: intermediate tool results never enter the context window — only the final `print()` output comes back, dramatically reducing token usage.

## Security

:::danger Security Model
The child process runs with a **minimal environment**. API keys, tokens, and credentials are stripped entirely. The script accesses tools exclusively via the RPC channel — it cannot read secrets from environment variables.
:::

Only safe system variables (`PATH`, `HOME`, `LANG`, etc.) are passed through.

## Configuration

```yaml
# In ~/.hermes/config.yaml
code_execution:
  timeout: 300       # Max seconds per script (default: 300)
  max_tool_calls: 50 # Max tool calls per execution (default: 50)
```
feat: add documentation website (Docusaurus) - 25 documentation pages covering Getting Started, User Guide, Developer Guide, and Reference - Docusaurus with custom amber/gold theme matching the landing page branding - GitHub Actions workflow to deploy landing page + docs to GitHub Pages - Landing page at root, docs at /docs/ on hermes-agent.nousresearch.com - Content extracted and restructured from existing repo docs (README, AGENTS.md, CONTRIBUTING.md, docs/) - Auto-deploy on push to main when website/ or landingpage/ changes 2026-03-05 05:24:55 -08:00			`---`
			`sidebar_position: 8`
			`title: "Code Execution"`
			`description: "Sandboxed Python execution with RPC tool access — collapse multi-step workflows into a single turn"`
			`---`

			`# Code Execution (Programmatic Tool Calling)`

			The `execute_code` tool lets the agent write Python scripts that call Hermes tools programmatically, collapsing multi-step workflows into a single LLM turn. The script runs in a sandboxed child process on the agent host, communicating via Unix domain socket RPC.

			`## How It Works`

			```python
			`# The agent can write scripts like:`
			`from hermes_tools import web_search, web_extract`

			`results = web_search("Python 3.13 features", limit=5)`
			`for r in results["data"]["web"]:`
			`content = web_extract([r["url"]])`
			`# ... filter and process ...`
			`print(summary)`
			```

docs: comprehensive accuracy audit fixes (35+ corrections) CRITICAL fixes: - Installation: Remove false prerequisites (installer auto-installs everything except git) - Tools: Remove non-existent 'web_crawl' tool from tools table - Memory: Remove non-existent 'read' action (only add/replace/remove exist) - Code execution: Fix 'search' to 'search_files' in sandbox tools list - CLI commands: Fix --model/--provider/--toolsets/--verbose as chat subcommand flags IMPORTANT fixes: - Installation: Add missing installer features (Node.js, ripgrep, ffmpeg, skills seeding) - Installation: Add 6 missing package extras to table (mcp, honcho, tts-premium, etc) - Installation: Fix mkdir to include all directories the installer creates - Quickstart: Add OpenAI Codex to provider table - CLI: Fix all 'hermes --flag' to 'hermes chat --flag' across all docs - Configuration: Remove non-existent --max-turns CLI flag - Tools: Fix 'search' to 'search_files', add missing 'process' tool - Skills: Remove skills_categories() (not a registered tool) - Cron: Remove unsupported 'daily at 9am' schedule format - TTS: Fix output directory to ~/.hermes/audio_cache/ - Delegation: Clarify depth limit wording - Architecture: Fix default model, chat() signature, file names - Contributing: Fix Python requirement from 3.11+ to 3.10+ - CLI reference: Add missing commands (login, tools, sessions subcommands) - Env vars: Fix TERMINAL_DOCKER_IMAGE default, add HERMES_MODEL 2026-03-05 06:50:22 -08:00			Available tools in sandbox: `web_search`, `web_extract`, `read_file`, `write_file`, `search_files`, `patch`, `terminal` (foreground only).
feat: add documentation website (Docusaurus) - 25 documentation pages covering Getting Started, User Guide, Developer Guide, and Reference - Docusaurus with custom amber/gold theme matching the landing page branding - GitHub Actions workflow to deploy landing page + docs to GitHub Pages - Landing page at root, docs at /docs/ on hermes-agent.nousresearch.com - Content extracted and restructured from existing repo docs (README, AGENTS.md, CONTRIBUTING.md, docs/) - Auto-deploy on push to main when website/ or landingpage/ changes 2026-03-05 05:24:55 -08:00
			`## When the Agent Uses This`

			The agent uses `execute_code` when there are:

			`- 3+ tool calls with processing logic between them`
			`- Bulk data filtering or conditional branching`
			`- Loops over results`

			The key benefit: intermediate tool results never enter the context window — only the final `print()` output comes back, dramatically reducing token usage.

			`## Security`

			`:::danger Security Model`
			`The child process runs with a minimal environment. API keys, tokens, and credentials are stripped entirely. The script accesses tools exclusively via the RPC channel — it cannot read secrets from environment variables.`
			`:::`

			Only safe system variables (`PATH`, `HOME`, `LANG`, etc.) are passed through.

			`## Configuration`

			```yaml
			`# In ~/.hermes/config.yaml`
			`code_execution:`
			`timeout: 300 # Max seconds per script (default: 300)`
			`max_tool_calls: 50 # Max tool calls per execution (default: 50)`
			```