d578d06f59
CRITICAL fixes: - Installation: Remove false prerequisites (installer auto-installs everything except git) - Tools: Remove non-existent 'web_crawl' tool from tools table - Memory: Remove non-existent 'read' action (only add/replace/remove exist) - Code execution: Fix 'search' to 'search_files' in sandbox tools list - CLI commands: Fix --model/--provider/--toolsets/--verbose as chat subcommand flags IMPORTANT fixes: - Installation: Add missing installer features (Node.js, ripgrep, ffmpeg, skills seeding) - Installation: Add 6 missing package extras to table (mcp, honcho, tts-premium, etc) - Installation: Fix mkdir to include all directories the installer creates - Quickstart: Add OpenAI Codex to provider table - CLI: Fix all 'hermes --flag' to 'hermes chat --flag' across all docs - Configuration: Remove non-existent --max-turns CLI flag - Tools: Fix 'search' to 'search_files', add missing 'process' tool - Skills: Remove skills_categories() (not a registered tool) - Cron: Remove unsupported 'daily at 9am' schedule format - TTS: Fix output directory to ~/.hermes/audio_cache/ - Delegation: Clarify depth limit wording - Architecture: Fix default model, chat() signature, file names - Contributing: Fix Python requirement from 3.11+ to 3.10+ - CLI reference: Add missing commands (login, tools, sessions subcommands) - Env vars: Fix TERMINAL_DOCKER_IMAGE default, add HERMES_MODEL
52 lines
1.8 KiB
Markdown
52 lines
1.8 KiB
Markdown
---
|
|
sidebar_position: 8
|
|
title: "Code Execution"
|
|
description: "Sandboxed Python execution with RPC tool access — collapse multi-step workflows into a single turn"
|
|
---
|
|
|
|
# Code Execution (Programmatic Tool Calling)
|
|
|
|
The `execute_code` tool lets the agent write Python scripts that call Hermes tools programmatically, collapsing multi-step workflows into a single LLM turn. The script runs in a sandboxed child process on the agent host, communicating via Unix domain socket RPC.
|
|
|
|
## How It Works
|
|
|
|
```python
|
|
# The agent can write scripts like:
|
|
from hermes_tools import web_search, web_extract
|
|
|
|
results = web_search("Python 3.13 features", limit=5)
|
|
for r in results["data"]["web"]:
|
|
content = web_extract([r["url"]])
|
|
# ... filter and process ...
|
|
print(summary)
|
|
```
|
|
|
|
**Available tools in sandbox:** `web_search`, `web_extract`, `read_file`, `write_file`, `search_files`, `patch`, `terminal` (foreground only).
|
|
|
|
## When the Agent Uses This
|
|
|
|
The agent uses `execute_code` when there are:
|
|
|
|
- **3+ tool calls** with processing logic between them
|
|
- Bulk data filtering or conditional branching
|
|
- Loops over results
|
|
|
|
The key benefit: intermediate tool results never enter the context window — only the final `print()` output comes back, dramatically reducing token usage.
|
|
|
|
## Security
|
|
|
|
:::danger Security Model
|
|
The child process runs with a **minimal environment**. API keys, tokens, and credentials are stripped entirely. The script accesses tools exclusively via the RPC channel — it cannot read secrets from environment variables.
|
|
:::
|
|
|
|
Only safe system variables (`PATH`, `HOME`, `LANG`, etc.) are passed through.
|
|
|
|
## Configuration
|
|
|
|
```yaml
|
|
# In ~/.hermes/config.yaml
|
|
code_execution:
|
|
timeout: 300 # Max seconds per script (default: 300)
|
|
max_tool_calls: 50 # Max tool calls per execution (default: 50)
|
|
```
|