From 49bd95c43203a2264a7352acc47c35c34c8d5a65 Mon Sep 17 00:00:00 2001 From: r266-tech Date: Sat, 16 May 2026 04:12:36 +0800 Subject: [PATCH] docs(security): document YOLO mode visual indicators added in #26238 --- website/docs/user-guide/security.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/website/docs/user-guide/security.md b/website/docs/user-guide/security.md index 2a48deb2448..0ff53539057 100644 --- a/website/docs/user-guide/security.md +++ b/website/docs/user-guide/security.md @@ -64,6 +64,11 @@ The `/yolo` command is a **toggle** — each use flips the mode on or off: YOLO mode is available in both CLI and gateway sessions. Internally, it sets the `HERMES_YOLO_MODE` environment variable which is checked before every command execution. +When YOLO is active, Hermes shows two persistent visual reminders so it's hard to forget that approval prompts are bypassed: + +- A red banner line at session start when YOLO is already active: `⚠ YOLO mode — all approval prompts bypassed`. Hidden when YOLO is off so the default banner stays uncluttered. +- A `⚠ YOLO` fragment in the status bar across all width tiers, updated live as you toggle YOLO on or off (rich-text renderer and plain-text fallback). + :::danger YOLO mode disables **all** dangerous command safety checks for the session — **except** the hardline blocklist (see below). Use only when you fully trust the commands being generated (e.g., well-tested automation scripts in disposable environments). :::