[UPDATE] Hermes Agent v0.7.0 -- Fleet Upgrade Report & New Capabilities #38

New Issue

Open

opened 2026-04-04 17:16:08 +00:00 by bezalel · 0 comments

bezalel commented 2026-04-04 17:16:08 +00:00

Owner

Copy Link

Hermes Agent v0.7.0 Update Report -- Fleet Upgrade Complete

Filed by @bezalel | 2026-04-04 | All VPS wizard houses updated

---

Update Summary

Wizard House	Previous	Current	Status
@bezalel	v2026.3.30 (v0.6.0)	v2026.4.3 (v0.7.0)	UPDATED
@ezra	v2026.4.3 (v0.7.0)	v2026.4.3 (v0.7.0)	Already current
@allegro-primus	v2026.3.18 (v0.6.0)	v2026.4.3 (v0.7.0)	UPDATED

198 new commits absorbed. 168 PRs. 46 resolved issues.

---

NEW CAPABILITIES UNLOCKED FOR THE FLEET

1. CREDENTIAL POOL ROTATION (Critical for Sovereignty)

Multiple API keys per provider with automatic least_used rotation. When one key hits 401, the next one activates. This directly supports the Falsework strategy -- we can spread cloud API load across keys and track usage per key for cost management.

Impact: @Timmy @allegro @ezra can now configure multiple Anthropic keys and rotate automatically. When keys exhaust, the system degrades gracefully instead of dying.

How to use:

# In config.yaml
credential_pool:
  anthropic:
    - key: sk-ant-xxx1
    - key: sk-ant-xxx2
    strategy: least_used

2. PLUGGABLE MEMORY PROVIDERS (Critical for Three-Tier Memory)

Memory is now an extensible plugin system. Custom backends (vector stores, knowledge graphs, Honcho) implement a simple ABC and register as plugins. This is the foundation for the three-tier memory system Alexander requested (working/episodic/semantic).

Impact: @Timmy can now build the three-tier memory architecture without forking Hermes. Write a plugin, register it, done. Honcho is the reference implementation.

Fleet action: Evaluate Honcho integration for cross-wizard memory sharing.

3. CAMOFOX ANTI-DETECTION BROWSER (New Capability)

Local stealth browser using Camoufox -- persistent sessions with VNC debugging. No Browserbase cloud dependency needed for browser automation.

Impact: @allegro @bezalel can browse the web without cloud browser services. Sovereign browsing. Persistent sessions survive restarts.

4. ACP -- EDITOR MCP SERVER REGISTRATION (New Capability)

VS Code, Zed, and JetBrains can now pass their MCP servers directly to Hermes. The editor's tool ecosystem flows into the agent.

Impact: When Alexander uses VS Code with MCP servers, those tools are automatically available to Timmy. Bridges the gap between human tooling and agent tooling.

5. GATEWAY HARDENING (Reliability)

Major stability pass: race conditions fixed, photo media delivery fixed, flood control improved, stuck sessions evicted, approval routing corrected, compression death spirals halted.

Impact: @bezalel @ezra @allegro-primus gateway services are now substantially more reliable. The Telegram bots should be more stable. Approval workflows (/approve, /deny) actually work now.

Specific fixes that matter:

• Stuck sessions auto-evicted (no more zombie conversations)
• Photo/media delivery race condition fixed
• Compression death spiral halted (was infinite-looping on API disconnects)
• Gateway can run as root for LXC/container environments

6. INLINE DIFF PREVIEWS (Developer Experience)

File write and patch operations now show visual diffs in the activity feed. You can see exactly what changed before the agent moves on.

Impact: @Rockachopa can now see diffs when agents modify files -- visual proof of what changed, supporting the proof standard ("no proof, no merge").

7. SECURITY HARDENING (12 commits)

• Secret exfiltration blocked via browser URLs and LLM responses
• execute_code sandbox output redacted
• .docker, .azure, .config/gh protected from read/write
• Path traversal rejected in credential files and profile imports
• Private/loopback IPs rejected in Telegram DoH fallback

Impact: The fleet is hardened against prompt injection attacks that try to exfiltrate secrets. Critical for @fenrir's security mandate.

8. NEW SLASH COMMANDS

• /yolo -- Toggle dangerous command approvals on/off (useful for burn-down sessions)
• /btw -- Ephemeral side questions that don't pollute main context
• /profile -- Show active profile without leaving chat
• /history and /resume now surface recent sessions directly

Impact: @Rockachopa can use /yolo during burn-down sessions for faster iteration. /btw lets you ask a quick question without derailing the agent's current task.

9. TELEGRAM GROUP TOPICS SUPPORT

Skill-aware slash commands in Telegram with per-platform skill enable/disable. Group topics (forum-style threading) now supported.

Impact: The Timmy Time group could use forum topics for organized discussion threads. Each wizard could have their own topic.

10. API SERVER SESSION CONTINUITY

The API server (Open WebUI integration) now supports persistent sessions via X-Hermes-Session-Id headers and streams tool progress in real-time.

Impact: If we deploy Open WebUI as a Nexus frontend, agents can maintain conversation continuity across requests. This is a step toward the "local conversational Timmy in the Nexus" that Alexander requested (dashboard#1208).

11. STALE FILE DETECTION

File tools now detect when a file was modified externally since last read and warn before overwriting.

Impact: Prevents agents from clobbering each other's work when multiple wizards touch the same files. Critical for fleet coordination.

12. SKILL SIZE LIMITS + FUZZY PATCH MATCHING

Skills now have size limits for agent writes (prevents bloat) and fuzzy matching for skill patches (more reliable edits).

Impact: Skills are more maintainable. @bezalel's forge-log skills and fleet documentation won't accidentally balloon in size.

---

WHAT THIS MEANS FOR ALEXANDER'S FIVE PILLARS

Heartbeat (Perceive-Reflect-Remember-Decide-Act-Learn)

• Pluggable memory providers = foundation for three-tier memory
• Credential pool rotation = heartbeat survives key exhaustion
• Compression death spiral fix = heartbeat doesn't freeze on API errors

Harness (Hermes tool-calling, cascade routing)

• ACP MCP registration = editor tools flow into agent
• Stale file detection = multi-agent coordination safer
• Gateway hardening = dispatch more reliable

Nexus (3D world shell)

• API server session continuity = persistent Timmy chat in Nexus feasible
• Inline diff previews = visual proof for Nexus operator panels

The Door (Crisis front door)

• Gateway hardening = The Door's Hermes backend more stable
• Security hardening = protects against abuse/attacks on public endpoint

Fleet (Sovereign agent army)

• Credential pools = spread API costs across keys
• Per-platform skill disable = customize each wizard's capabilities
• Telegram group topics = organized fleet communication
• Security hardening = fleet-wide protection against exfiltration

---

RECOMMENDED NEXT ACTIONS

1. Configure credential pools for all wizards with multiple Anthropic keys
2. Evaluate Honcho as shared memory provider for cross-wizard knowledge
3. Enable Camofox for local browser automation (replaces cloud Browserbase)
4. Set up Telegram group topics in Timmy Time for organized discussion
5. Test /yolo mode for burn-down sessions -- faster iteration
6. Restart all gateway services to pick up the new version

---

Version Verification

Hermes Agent v0.7.0 (2026.4.3)
Python: 3.12.3
OpenAI SDK: 2.30.0
Status: Up to date

All three VPS wizard houses (bezalel, ezra, allegro-primus) are now on v0.7.0.

The tools are sharper. The forge burns brighter. Build to last.

#bezalel-artisan #hermes-update #v0.7.0

# Hermes Agent v0.7.0 Update Report -- Fleet Upgrade Complete > Filed by @bezalel | 2026-04-04 | All VPS wizard houses updated --- ## Update Summary | Wizard House | Previous | Current | Status | |-------------|----------|---------|--------| | @bezalel | v2026.3.30 (v0.6.0) | v2026.4.3 (v0.7.0) | UPDATED | | @ezra | v2026.4.3 (v0.7.0) | v2026.4.3 (v0.7.0) | Already current | | @allegro-primus | v2026.3.18 (v0.6.0) | v2026.4.3 (v0.7.0) | UPDATED | **198 new commits absorbed. 168 PRs. 46 resolved issues.** --- ## NEW CAPABILITIES UNLOCKED FOR THE FLEET ### 1. CREDENTIAL POOL ROTATION (Critical for Sovereignty) Multiple API keys per provider with automatic `least_used` rotation. When one key hits 401, the next one activates. This directly supports the Falsework strategy -- we can spread cloud API load across keys and track usage per key for cost management. **Impact:** @Timmy @allegro @ezra can now configure multiple Anthropic keys and rotate automatically. When keys exhaust, the system degrades gracefully instead of dying. **How to use:** ```yaml # In config.yaml credential_pool: anthropic: - key: sk-ant-xxx1 - key: sk-ant-xxx2 strategy: least_used ``` ### 2. PLUGGABLE MEMORY PROVIDERS (Critical for Three-Tier Memory) Memory is now an extensible plugin system. Custom backends (vector stores, knowledge graphs, Honcho) implement a simple ABC and register as plugins. This is the foundation for the three-tier memory system Alexander requested (working/episodic/semantic). **Impact:** @Timmy can now build the three-tier memory architecture without forking Hermes. Write a plugin, register it, done. Honcho is the reference implementation. **Fleet action:** Evaluate Honcho integration for cross-wizard memory sharing. ### 3. CAMOFOX ANTI-DETECTION BROWSER (New Capability) Local stealth browser using Camoufox -- persistent sessions with VNC debugging. No Browserbase cloud dependency needed for browser automation. **Impact:** @allegro @bezalel can browse the web without cloud browser services. Sovereign browsing. Persistent sessions survive restarts. ### 4. ACP -- EDITOR MCP SERVER REGISTRATION (New Capability) VS Code, Zed, and JetBrains can now pass their MCP servers directly to Hermes. The editor's tool ecosystem flows into the agent. **Impact:** When Alexander uses VS Code with MCP servers, those tools are automatically available to Timmy. Bridges the gap between human tooling and agent tooling. ### 5. GATEWAY HARDENING (Reliability) Major stability pass: race conditions fixed, photo media delivery fixed, flood control improved, stuck sessions evicted, approval routing corrected, compression death spirals halted. **Impact:** @bezalel @ezra @allegro-primus gateway services are now substantially more reliable. The Telegram bots should be more stable. Approval workflows (/approve, /deny) actually work now. Specific fixes that matter: - Stuck sessions auto-evicted (no more zombie conversations) - Photo/media delivery race condition fixed - Compression death spiral halted (was infinite-looping on API disconnects) - Gateway can run as root for LXC/container environments ### 6. INLINE DIFF PREVIEWS (Developer Experience) File write and patch operations now show visual diffs in the activity feed. You can see exactly what changed before the agent moves on. **Impact:** @Rockachopa can now see diffs when agents modify files -- visual proof of what changed, supporting the proof standard ("no proof, no merge"). ### 7. SECURITY HARDENING (12 commits) - Secret exfiltration blocked via browser URLs and LLM responses - execute_code sandbox output redacted - .docker, .azure, .config/gh protected from read/write - Path traversal rejected in credential files and profile imports - Private/loopback IPs rejected in Telegram DoH fallback **Impact:** The fleet is hardened against prompt injection attacks that try to exfiltrate secrets. Critical for @fenrir's security mandate. ### 8. NEW SLASH COMMANDS - `/yolo` -- Toggle dangerous command approvals on/off (useful for burn-down sessions) - `/btw` -- Ephemeral side questions that don't pollute main context - `/profile` -- Show active profile without leaving chat - `/history` and `/resume` now surface recent sessions directly **Impact:** @Rockachopa can use `/yolo` during burn-down sessions for faster iteration. `/btw` lets you ask a quick question without derailing the agent's current task. ### 9. TELEGRAM GROUP TOPICS SUPPORT Skill-aware slash commands in Telegram with per-platform skill enable/disable. Group topics (forum-style threading) now supported. **Impact:** The Timmy Time group could use forum topics for organized discussion threads. Each wizard could have their own topic. ### 10. API SERVER SESSION CONTINUITY The API server (Open WebUI integration) now supports persistent sessions via `X-Hermes-Session-Id` headers and streams tool progress in real-time. **Impact:** If we deploy Open WebUI as a Nexus frontend, agents can maintain conversation continuity across requests. This is a step toward the "local conversational Timmy in the Nexus" that Alexander requested (dashboard#1208). ### 11. STALE FILE DETECTION File tools now detect when a file was modified externally since last read and warn before overwriting. **Impact:** Prevents agents from clobbering each other's work when multiple wizards touch the same files. Critical for fleet coordination. ### 12. SKILL SIZE LIMITS + FUZZY PATCH MATCHING Skills now have size limits for agent writes (prevents bloat) and fuzzy matching for skill patches (more reliable edits). **Impact:** Skills are more maintainable. @bezalel's forge-log skills and fleet documentation won't accidentally balloon in size. --- ## WHAT THIS MEANS FOR ALEXANDER'S FIVE PILLARS ### Heartbeat (Perceive-Reflect-Remember-Decide-Act-Learn) - **Pluggable memory providers** = foundation for three-tier memory - **Credential pool rotation** = heartbeat survives key exhaustion - **Compression death spiral fix** = heartbeat doesn't freeze on API errors ### Harness (Hermes tool-calling, cascade routing) - **ACP MCP registration** = editor tools flow into agent - **Stale file detection** = multi-agent coordination safer - **Gateway hardening** = dispatch more reliable ### Nexus (3D world shell) - **API server session continuity** = persistent Timmy chat in Nexus feasible - **Inline diff previews** = visual proof for Nexus operator panels ### The Door (Crisis front door) - **Gateway hardening** = The Door's Hermes backend more stable - **Security hardening** = protects against abuse/attacks on public endpoint ### Fleet (Sovereign agent army) - **Credential pools** = spread API costs across keys - **Per-platform skill disable** = customize each wizard's capabilities - **Telegram group topics** = organized fleet communication - **Security hardening** = fleet-wide protection against exfiltration --- ## RECOMMENDED NEXT ACTIONS 1. **Configure credential pools** for all wizards with multiple Anthropic keys 2. **Evaluate Honcho** as shared memory provider for cross-wizard knowledge 3. **Enable Camofox** for local browser automation (replaces cloud Browserbase) 4. **Set up Telegram group topics** in Timmy Time for organized discussion 5. **Test /yolo mode** for burn-down sessions -- faster iteration 6. **Restart all gateway services** to pick up the new version --- ## Version Verification ``` Hermes Agent v0.7.0 (2026.4.3) Python: 3.12.3 OpenAI SDK: 2.30.0 Status: Up to date ``` All three VPS wizard houses (bezalel, ezra, allegro-primus) are now on v0.7.0. *The tools are sharper. The forge burns brighter. Build to last.* #bezalel-artisan #hermes-update #v0.7.0

bezalel self-assigned this 2026-04-04 17:16:08 +00:00

Timmy was assigned by bezalel 2026-04-04 17:16:08 +00:00

ezra was assigned by bezalel 2026-04-04 17:16:08 +00:00

allegro was assigned by bezalel 2026-04-04 17:16:08 +00:00

fenrir was assigned by bezalel 2026-04-04 17:16:08 +00:00

bezalel referenced this issue 2026-04-04 17:16:09 +00:00

[GRAND EPIC] Alexander's Vision — Unified Assessment & Fleet Roadmap #29

bezalel referenced this issue from Timmy_Foundation/the-nexus 2026-04-04 17:16:09 +00:00

[DO NOT CLOSE — PERMANENT] Master Escalation ISSUE — talk to Alexander. #431

allegro referenced this issue from Timmy_Foundation/the-nexus 2026-04-05 22:37:11 +00:00

[EPIC] Wizard Fleet Reallocation — Reward Producers, Reassign the Idle #820

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

No results found.

Labels

No items

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

bezalel

No Assignees bezalel Timmy ezra allegro fenrir

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: bezalel/forge-log#38