mirrors/hermes-agent
1
0
Fork 0
mirror of https://github.com/NousResearch/hermes-agent.git synced 2026-06-07 08:02:23 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 10

remove Vercel AI Gateway and Vercel Sandbox (#33067)

Browse source 
* remove Vercel AI Gateway provider and Vercel Sandbox terminal backend

Both Vercel-hosted integrations are removed end-to-end. Users on the AI
Gateway should switch to OpenRouter or one of the other aggregators
(Nous Portal, Kilo Code). Users on the Vercel Sandbox backend should
switch to Docker, Modal, Daytona, or SSH.

What's removed:
- `plugins/model-providers/ai-gateway/` provider plugin
- `hermes_cli/vercel_auth.py` Vercel-Sandbox auth helper
- `tools/environments/vercel_sandbox.py` terminal backend
- `ai-gateway` provider wiring across auth, doctor, setup, models,
  config, status, providers, main, web_server, model_normalize, dump
- `vercel_sandbox` backend wiring across terminal_tool, file_tools,
  code_execution_tool, file_operations, approval, skills_tool,
  environments/local, credential_files, lazy_deps, prompt_builder,
  cli, gateway/run
- `AI_GATEWAY_BASE_URL` constant, `_AI_GATEWAY_HEADERS` auxiliary-client
  header set, run_agent base-URL header/reasoning special-cases
- `[vercel]` pyproject extra and `vercel`/`vercel-workers` from uv.lock
- env vars: `AI_GATEWAY_API_KEY`, `AI_GATEWAY_BASE_URL`, `VERCEL_TOKEN`,
  `VERCEL_PROJECT_ID`, `VERCEL_TEAM_ID`, `VERCEL_OIDC_TOKEN`,
  `TERMINAL_VERCEL_RUNTIME`
- Tests: deletes test_ai_gateway_models.py and
  test_vercel_sandbox_environment.py; scrubs references across 23
  surviving test files (no entire tests deleted unless they were
  dedicated to AI Gateway / Sandbox)
- Docs: provider tables, env-var reference, setup guides, security
  notes, tool config, terminal-backend tables — English plus zh-Hans
  i18n parity
- `hermes-agent` skill: provider table entry and remote-backend list

What stays (intentional):
- `popular-web-designs/templates/vercel.md` — CSS design reference,
  unrelated to Vercel-the-AI-product
- `x-vercel-id` in `stream_diag.py` headers — generic Vercel CDN
  response header, useful diag signal on any Vercel-hosted endpoint
- `vercel-labs/agent-browser` URL in browser config — lightpanda
  browser project, different OSS effort
- `userStories.json` historical contributor entry mentioning Vercel
  Sandbox — archive, not active docs

Validation:
- 1153 tests in the 22 targeted files pass (`scripts/run_tests.sh`)
- Full repo `py_compile` clean
- Live import of every touched module + invariant check (no
  `ai-gateway` in `PROVIDER_REGISTRY`, no `_AI_GATEWAY_HEADERS`, no
  `vercel_sandbox` in `_REMOTE_TERMINAL_BACKENDS`)

* test: convert profile-count check from change-detector to invariant

The hardcoded "== 34" assertion broke when ai-gateway was removed.
Per AGENTS.md change-detector-test guidance, assert the relationship
(registry count >= number of plugin dirs) instead of a literal count.
Counts shift when providers are added/removed; that's expected.
This commit is contained in:
Teknium 2026-05-27 00:43:32 -07:00 committed by GitHub
parent cb38ce28cb
commit febc4cfec0
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
95 changed files with 111 additions and 3088 deletions
Download patch file Download diff file Expand all files Collapse all files

2
website/docs/developer-guide/architecture.md
View file

@ -211,7 +211,7 @@ A shared runtime resolver used by CLI, gateway, cron, ACP, and auxiliary calls.
### Tool System
Central tool registry (`tools/registry.py`) with 70+ registered tools across ~28 toolsets. Each tool file self-registers at import time. The registry handles schema collection, dispatch, availability checking, and error wrapping. Terminal tools support 7 backends (local, Docker, SSH, Daytona, Modal, Singularity, Vercel Sandbox).
Central tool registry (`tools/registry.py`) with 70+ registered tools across ~28 toolsets. Each tool file self-registers at import time. The registry handles schema collection, dispatch, availability checking, and error wrapping. Terminal tools support 6 backends (local, Docker, SSH, Daytona, Modal, Singularity).
→ [Tools Runtime](./tools-runtime.md)

12
website/docs/developer-guide/provider-runtime.md
View file

@ -42,7 +42,6 @@ That ordering matters because Hermes treats the saved model/provider choice as t
Current provider families include (see `plugins/model-providers/` for the complete bundled set):
- AI Gateway (Vercel)
- OpenRouter
- Nous Portal
- OpenAI Codex
@ -93,18 +92,13 @@ This resolver is the main reason Hermes can share auth/runtime logic between:
- ACP editor sessions
- auxiliary model tasks
## AI Gateway
## OpenRouter and custom OpenAI-compatible base URLs
Set `AI_GATEWAY_API_KEY` in `~/.hermes/.env` and run with `--provider ai-gateway`. Hermes fetches available models from the gateway's `/models` endpoint, filtering to language models with tool-use support.
## OpenRouter, AI Gateway, and custom OpenAI-compatible base URLs
Hermes contains logic to avoid leaking the wrong API key to a custom endpoint when multiple provider keys exist (e.g. `OPENROUTER_API_KEY`, `AI_GATEWAY_API_KEY`, and `OPENAI_API_KEY`).
Hermes contains logic to avoid leaking the wrong API key to a custom endpoint when multiple provider keys exist (e.g. `OPENROUTER_API_KEY` and `OPENAI_API_KEY`).
Each provider's API key is scoped to its own base URL:
- `OPENROUTER_API_KEY` is only sent to `openrouter.ai` endpoints
- `AI_GATEWAY_API_KEY` is only sent to `ai-gateway.vercel.sh` endpoints
- `OPENAI_API_KEY` is used for custom endpoints and as a fallback
Hermes also distinguishes between:
@ -115,7 +109,7 @@ Hermes also distinguishes between:
That distinction is especially important for:
- local model servers
- non-OpenRouter/non-AI Gateway OpenAI-compatible APIs
- non-OpenRouter OpenAI-compatible APIs
- switching providers without re-running setup
- config-saved custom endpoints that should keep working even when `OPENAI_BASE_URL` is not exported in the current shell

1
website/docs/developer-guide/tools-runtime.md
View file

@ -213,7 +213,6 @@ The terminal system supports multiple backends:
- singularity
- modal
- daytona
- vercel_sandbox
It also supports:

1
website/docs/getting-started/quickstart.md
View file

@ -124,7 +124,6 @@ Good defaults:
| **NVIDIA NIM** | Nemotron models via build.nvidia.com or local NIM | Set `NVIDIA_API_KEY` (optional: `NVIDIA_BASE_URL`) |
| **GitHub Copilot** | GitHub Copilot subscription (GPT-5.x, Claude, Gemini, etc.) | OAuth via `hermes model`, or `COPILOT_GITHUB_TOKEN` / `GH_TOKEN` |
| **GitHub Copilot ACP** | Copilot ACP agent backend (spawns local `copilot` CLI) | `hermes model` (requires `copilot` CLI + `copilot login`) |
| **Vercel AI Gateway** | Vercel AI Gateway routing | Set `AI_GATEWAY_API_KEY` |
| **Custom Endpoint** | VLLM, SGLang, Ollama, or any OpenAI-compatible API | Set base URL + API key |
For most first-time users: choose a provider, accept the defaults unless you know why you're changing them. The full provider catalog with env vars and setup steps lives on the [Providers](../integrations/providers.md) page.

3
website/docs/integrations/providers.md
View file

@ -21,7 +21,6 @@ You need at least one way to connect to an LLM. Use `hermes model` to switch pro
| **Anthropic** | `hermes model` (Claude Max + extra usage credits via OAuth; also supports Anthropic API key or manual setup-token — see note below) |
| **OpenRouter** | `OPENROUTER_API_KEY` in `~/.hermes/.env` |
| **NovitaAI** | `NOVITA_API_KEY` in `~/.hermes/.env` (provider: `novita`, 200+ models, Model API, Agent Sandbox, GPU Cloud) |
| **AI Gateway** | `AI_GATEWAY_API_KEY` in `~/.hermes/.env` (provider: `ai-gateway`) |
| **z.ai / GLM** | `GLM_API_KEY` in `~/.hermes/.env` (provider: `zai`) |
| **Kimi / Moonshot** | `KIMI_API_KEY` in `~/.hermes/.env` (provider: `kimi-coding`) |
| **Kimi / Moonshot (China)** | `KIMI_CN_API_KEY` in `~/.hermes/.env` (provider: `kimi-coding-cn`; aliases: `kimi-cn`, `moonshot-cn`) |
@ -1490,7 +1489,7 @@ fallback_model:
When activated, the fallback swaps the model and provider mid-session without losing your conversation. The chain is tried entry-by-entry; activation is one-shot per session.
Supported providers: `openrouter`, `nous`, `openai-codex`, `copilot`, `copilot-acp`, `anthropic`, `gemini`, `google-gemini-cli`, `qwen-oauth`, `huggingface`, `zai`, `kimi-coding`, `kimi-coding-cn`, `minimax`, `minimax-cn`, `minimax-oauth`, `deepseek`, `nvidia`, `xai`, `xai-oauth`, `ollama-cloud`, `bedrock`, `ai-gateway`, `azure-foundry`, `opencode-zen`, `opencode-go`, `kilocode`, `xiaomi`, `arcee`, `gmi`, `stepfun`, `lmstudio`, `alibaba`, `alibaba-coding-plan`, `tencent-tokenhub`, `custom`.
Supported providers: `openrouter`, `nous`, `openai-codex`, `copilot`, `copilot-acp`, `anthropic`, `gemini`, `google-gemini-cli`, `qwen-oauth`, `huggingface`, `zai`, `kimi-coding`, `kimi-coding-cn`, `minimax`, `minimax-cn`, `minimax-oauth`, `deepseek`, `nvidia`, `xai`, `xai-oauth`, `ollama-cloud`, `bedrock`, `azure-foundry`, `opencode-zen`, `opencode-go`, `kilocode`, `xiaomi`, `arcee`, `gmi`, `stepfun`, `lmstudio`, `alibaba`, `alibaba-coding-plan`, `tencent-tokenhub`, `custom`.
:::tip
Fallback is configured exclusively through `config.yaml` — or interactively via `hermes fallback`. For full details on when it triggers, how the chain advances, and how it interacts with auxiliary tasks and delegation, see [Fallback Providers](/user-guide/features/fallback-providers).

2
website/docs/reference/cli-commands.md
View file

@ -95,7 +95,7 @@ Common options:
| `-q`, `--query "..."` | One-shot, non-interactive prompt. |
| `-m`, `--model <model>` | Override the model for this run. |
| `-t`, `--toolsets <csv>` | Enable a comma-separated set of toolsets. |
| `--provider <provider>` | Force a provider: `auto`, `openrouter`, `nous`, `openai-codex`, `copilot-acp`, `copilot`, `anthropic`, `gemini`, `google-gemini-cli`, `huggingface`, `novita`, `zai`, `kimi-coding`, `kimi-coding-cn`, `minimax`, `minimax-cn`, `minimax-oauth`, `kilocode`, `xiaomi`, `arcee`, `gmi`, `alibaba`, `alibaba-coding-plan` (alias `alibaba_coding`), `deepseek`, `nvidia`, `ollama-cloud`, `xai` (alias `grok`), `xai-oauth` (alias `grok-oauth`), `qwen-oauth`, `bedrock`, `opencode-zen`, `opencode-go`, `ai-gateway`, `azure-foundry`, `lmstudio`, `stepfun`, `tencent-tokenhub` (alias `tencent`, `tokenhub`). |
| `--provider <provider>` | Force a provider: `auto`, `openrouter`, `nous`, `openai-codex`, `copilot-acp`, `copilot`, `anthropic`, `gemini`, `google-gemini-cli`, `huggingface`, `novita`, `zai`, `kimi-coding`, `kimi-coding-cn`, `minimax`, `minimax-cn`, `minimax-oauth`, `kilocode`, `xiaomi`, `arcee`, `gmi`, `alibaba`, `alibaba-coding-plan` (alias `alibaba_coding`), `deepseek`, `nvidia`, `ollama-cloud`, `xai` (alias `grok`), `xai-oauth` (alias `grok-oauth`), `qwen-oauth`, `bedrock`, `opencode-zen`, `opencode-go`, `azure-foundry`, `lmstudio`, `stepfun`, `tencent-tokenhub` (alias `tencent`, `tokenhub`). |
| `-s`, `--skills <name>` | Preload one or more skills for the session (can be repeated or comma-separated). |
| `-v`, `--verbose` | Verbose output. |
| `-Q`, `--quiet` | Programmatic mode: suppress banner/spinner/tool previews. |

9
website/docs/reference/environment-variables.md
View file

@ -18,8 +18,6 @@ All variables go in `~/.hermes/.env`. You can also set them with `hermes config
| `HERMES_OPENROUTER_CACHE_TTL` | Cache TTL in seconds (1-86400). Overrides `openrouter.response_cache_ttl` in config.yaml. |
| `NOUS_BASE_URL` | Override Nous Portal base URL (rarely needed; development/testing only) |
| `NOUS_INFERENCE_BASE_URL` | Override Nous inference endpoint directly |
| `AI_GATEWAY_API_KEY` | Vercel AI Gateway API key ([ai-gateway.vercel.sh](https://ai-gateway.vercel.sh)) |
| `AI_GATEWAY_BASE_URL` | Override AI Gateway base URL (default: `https://ai-gateway.vercel.sh/v1`) |
| `OPENAI_API_KEY` | API key for custom OpenAI-compatible endpoints (used with `OPENAI_BASE_URL`) |
| `OPENAI_BASE_URL` | Base URL for custom endpoint (VLLM, SGLang, etc.) |
| `COPILOT_GITHUB_TOKEN` | GitHub token for Copilot API — first priority (OAuth `gho_*` or fine-grained PAT `github_pat_*`; classic PATs `ghp_*` are **not supported**) |
@ -156,10 +154,6 @@ For native Anthropic auth, Hermes prefers Claude Code's own credential files whe
| `HINDSIGHT_TIMEOUT` | Timeout in seconds for Hindsight memory-provider API calls (default: `60`). Bump this if your Hindsight instance is slow to respond during `/sync` or `on_session_switch` and you're seeing timeouts in `errors.log`. |
| `SUPERMEMORY_API_KEY` | Semantic long-term memory with profile recall and session ingest ([supermemory.ai](https://supermemory.ai)) |
| `DAYTONA_API_KEY` | Daytona cloud sandboxes ([daytona.io](https://daytona.io/)) |
| `VERCEL_TOKEN` | Vercel Sandbox access token ([vercel.com](https://vercel.com/)) |
| `VERCEL_PROJECT_ID` | Vercel project ID (required with `VERCEL_TOKEN`) |
| `VERCEL_TEAM_ID` | Vercel team ID (required with `VERCEL_TOKEN`) |
| `VERCEL_OIDC_TOKEN` | Vercel short-lived OIDC token (development-only alternative) |
### Langfuse Observability
@ -192,7 +186,7 @@ These variables configure the [Tool Gateway](/user-guide/features/tool-gateway)
| Variable | Description |
|----------|-------------|
| `TERMINAL_ENV` | Backend: `local`, `docker`, `ssh`, `singularity`, `modal`, `daytona`, `vercel_sandbox` |
| `TERMINAL_ENV` | Backend: `local`, `docker`, `ssh`, `singularity`, `modal`, `daytona` |
| `HERMES_DOCKER_BINARY` | Override the container binary Hermes shells out to (e.g. `podman`, `/usr/local/bin/docker`). When unset, Hermes auto-discovers `docker` or `podman` on `PATH`. Needed when both are installed and you want the non-default, or when the binary lives outside `PATH`. |
| `TERMINAL_DOCKER_IMAGE` | Docker image (default: `nikolaik/python-nodejs:python3.11-nodejs20`) |
| `TERMINAL_DOCKER_FORWARD_ENV` | JSON array of env var names to explicitly forward into Docker terminal sessions. Note: skill-declared `required_environment_variables` are forwarded automatically — you only need this for vars not declared by any skill. |
@ -201,7 +195,6 @@ These variables configure the [Tool Gateway](/user-guide/features/tool-gateway)
| `TERMINAL_SINGULARITY_IMAGE` | Singularity image or `.sif` path |
| `TERMINAL_MODAL_IMAGE` | Modal container image |
| `TERMINAL_DAYTONA_IMAGE` | Daytona sandbox image |
| `TERMINAL_VERCEL_RUNTIME` | Vercel Sandbox runtime (`node24`, `node22`, `python3.13`) |
| `TERMINAL_TIMEOUT` | Command timeout in seconds |
| `TERMINAL_LIFETIME_SECONDS` | Max lifetime for terminal sessions in seconds |
| `TERMINAL_CWD` | Working directory for terminal sessions (gateway/cron only; CLI uses launch dir) |

52
website/docs/user-guide/configuration.md
View file

@ -83,11 +83,11 @@ Leaving these unset keeps the legacy defaults (`HERMES_API_TIMEOUT=1800`s, `HERM
## Terminal Backend Configuration
Hermes supports seven terminal backends. Each determines where the agent's shell commands actually execute — your local machine, a Docker container, a remote server via SSH, a Modal cloud sandbox (direct or via the Nous-managed gateway), a Daytona workspace, a Vercel Sandbox, or a Singularity/Apptainer container.
Hermes supports six terminal backends. Each determines where the agent's shell commands actually execute — your local machine, a Docker container, a remote server via SSH, a Modal cloud sandbox (direct or via the Nous-managed gateway), a Daytona workspace, or a Singularity/Apptainer container.
```yaml
terminal:
backend: local # local | docker | ssh | modal | daytona | vercel_sandbox | singularity
backend: local # local | docker | ssh | modal | daytona | singularity
cwd: "." # Gateway/cron working directory (CLI always uses launch dir)
timeout: 180 # Per-command timeout in seconds
env_passthrough: [] # Env var names to forward to sandboxed execution (terminal + execute_code)
@ -96,7 +96,7 @@ terminal:
daytona_image: "nikolaik/python-nodejs:python3.11-nodejs20" # Container image for Daytona backend
```
For cloud sandboxes such as Modal, Daytona, and Vercel Sandbox, `container_persistent: true` means Hermes will try to preserve filesystem state across sandbox recreation. It does not promise that the same live sandbox, PID space, or background processes will still be running later.
For cloud sandboxes such as Modal and Daytona, `container_persistent: true` means Hermes will try to preserve filesystem state across sandbox recreation. It does not promise that the same live sandbox, PID space, or background processes will still be running later.
### Backend Overview
@ -107,7 +107,6 @@ For cloud sandboxes such as Modal, Daytona, and Vercel Sandbox, `container_persi
| **ssh** | Remote server via SSH | Network boundary | Remote dev, powerful hardware |
| **modal** | Modal cloud sandbox | Full (cloud VM) | Ephemeral cloud compute, evals |
| **daytona** | Daytona workspace | Full (cloud container) | Managed cloud dev environments |
| **vercel_sandbox** | Vercel Sandbox | Full (cloud microVM) | Cloud execution with snapshot-backed filesystem persistence |
| **singularity** | Singularity/Apptainer container | Namespaces (--containall) | HPC clusters, shared machines |
### Local Backend
@ -232,49 +231,6 @@ terminal:
**Disk limit:** Daytona enforces a 10 GiB maximum. Requests above this are capped with a warning.
### Vercel Sandbox Backend
Runs commands in a [Vercel Sandbox](https://vercel.com/docs/vercel-sandbox) cloud microVM. Hermes uses the normal terminal and file tool surfaces; there are no Vercel-specific model-facing tools.
```yaml
terminal:
backend: vercel_sandbox
vercel_runtime: node24 # node24 | node22 | python3.13
cwd: /vercel/sandbox # default workspace root
container_persistent: true # Snapshot/restore filesystem
container_disk: 51200 # Shared default only; custom disk is unsupported
```
**Required install:** Install the optional SDK extra:
```bash
pip install 'hermes-agent[vercel]'
```
**Required authentication:** Configure access-token auth with all three of `VERCEL_TOKEN`, `VERCEL_PROJECT_ID`, and `VERCEL_TEAM_ID`. This is the supported setup for deployments and normal long-running Hermes processes on Render, Railway, Docker, and similar hosts.
For one-off local development, Hermes also accepts short-lived Vercel OIDC tokens:
```bash
VERCEL_OIDC_TOKEN="$(vc project token <project-name>)" hermes chat
```
From a linked Vercel project directory, you can omit the project name:
```bash
VERCEL_OIDC_TOKEN="$(vc project token)" hermes chat
```
OIDC tokens are short-lived and should not be used as the documented deployment path.
**Runtime:** `terminal.vercel_runtime` supports `node24`, `node22`, and `python3.13`. If unset, Hermes defaults to `node24`.
**Persistence:** When `container_persistent: true`, Hermes snapshots the sandbox filesystem during cleanup and restores a later sandbox for the same task from that snapshot. Snapshot contents can include Hermes-synced credentials, skills, and cache files that were copied into the sandbox. This preserves filesystem state only; it does not preserve live sandbox identity, PID space, shell state, or running background processes.
**Background commands:** `terminal(background=true)` uses Hermes' generic non-local background process flow. You can spawn, poll, wait, view logs, and kill processes through the normal process tool while the sandbox is alive. Hermes does not provide native Vercel detached-process recovery after cleanup or restart.
**Disk sizing:** Vercel Sandbox does not currently support Hermes' `container_disk` resource knob. Leave `container_disk` unset or at the shared default `51200`; non-default values fail diagnostics and backend creation instead of being silently ignored.
### Singularity/Apptainer Backend
Runs commands in a [Singularity/Apptainer](https://apptainer.org) container. Designed for HPC clusters and shared machines where Docker isn't available.
@ -829,7 +785,7 @@ Every model slot in Hermes — auxiliary tasks, compression, fallback — uses t
When `base_url` is set, Hermes ignores the provider and calls that endpoint directly (using `api_key` or `OPENAI_API_KEY` for auth). When only `provider` is set, Hermes uses that provider's built-in auth and base URL.
Available providers for auxiliary tasks: `auto`, `main`, plus any provider in the [provider registry](/reference/environment-variables) — `openrouter`, `nous`, `openai-codex`, `copilot`, `copilot-acp`, `anthropic`, `gemini`, `google-gemini-cli`, `qwen-oauth`, `zai`, `kimi-coding`, `kimi-coding-cn`, `minimax`, `minimax-cn`, `minimax-oauth`, `deepseek`, `nvidia`, `xai`, `xai-oauth`, `ollama-cloud`, `alibaba`, `bedrock`, `huggingface`, `arcee`, `xiaomi`, `kilocode`, `opencode-zen`, `opencode-go`, `ai-gateway`, `azure-foundry` — or any named custom provider from your `custom_providers` list (e.g. `provider: "beans"`).
Available providers for auxiliary tasks: `auto`, `main`, plus any provider in the [provider registry](/reference/environment-variables) — `openrouter`, `nous`, `openai-codex`, `copilot`, `copilot-acp`, `anthropic`, `gemini`, `google-gemini-cli`, `qwen-oauth`, `zai`, `kimi-coding`, `kimi-coding-cn`, `minimax`, `minimax-cn`, `minimax-oauth`, `deepseek`, `nvidia`, `xai`, `xai-oauth`, `ollama-cloud`, `alibaba`, `bedrock`, `huggingface`, `arcee`, `xiaomi`, `kilocode`, `opencode-zen`, `opencode-go`, `azure-foundry` — or any named custom provider from your `custom_providers` list (e.g. `provider: "beans"`).
:::tip MiniMax OAuth
`minimax-oauth` logs in via browser OAuth (no API key needed). Run `hermes model` and select **MiniMax (OAuth)** to authenticate. Auxiliary tasks use `MiniMax-M2.7-highspeed` automatically. See the [MiniMax OAuth guide](../guides/minimax-oauth.md).

1
website/docs/user-guide/features/fallback-providers.md
View file

@ -47,7 +47,6 @@ Both `provider` and `model` are **required**. If either is missing, the fallback
| Provider | Value | Requirements |
|----------|-------|-------------|
| AI Gateway | `ai-gateway` | `AI_GATEWAY_API_KEY` |
| OpenRouter | `openrouter` | `OPENROUTER_API_KEY` |
| Nous Portal | `nous` | `hermes setup --portal` (fresh) or `hermes auth add nous` (OAuth) |
| OpenAI Codex | `openai-codex` | `hermes model` (ChatGPT OAuth) |

33
website/docs/user-guide/features/tools.md
View file

@ -65,14 +65,13 @@ The terminal tool can execute commands in different environments:
| `singularity` | HPC containers | Cluster computing, rootless |
| `modal` | Cloud execution | Serverless, scale |
| `daytona` | Cloud sandbox workspace | Persistent remote dev environments |
| `vercel_sandbox` | Vercel Sandbox cloud microVM | Cloud execution with snapshot-backed filesystem persistence |
### Configuration
```yaml
# In ~/.hermes/config.yaml
terminal:
backend: local # or: docker, ssh, singularity, modal, daytona, vercel_sandbox
backend: local # or: docker, ssh, singularity, modal, daytona
cwd: "." # Working directory
timeout: 180 # Command timeout in seconds
```
@ -123,41 +122,13 @@ modal setup
hermes config set terminal.backend modal
```
### Vercel Sandbox
```bash
pip install 'hermes-agent[vercel]'
hermes config set terminal.backend vercel_sandbox
hermes config set terminal.vercel_runtime node24
```
Authenticate with all three of `VERCEL_TOKEN`, `VERCEL_PROJECT_ID`, and `VERCEL_TEAM_ID`. This access-token setup is the supported path for deployments and normal long-running Hermes processes on Render, Railway, Docker, and similar hosts. Supported runtimes are `node24`, `node22`, and `python3.13`; Hermes defaults to `/vercel/sandbox` as the remote workspace root.
For one-off local development, Hermes also accepts short-lived Vercel OIDC tokens:
```bash
VERCEL_OIDC_TOKEN="$(vc project token <project-name>)" hermes chat
```
From a linked Vercel project directory:
```bash
VERCEL_OIDC_TOKEN="$(vc project token)" hermes chat
```
With `container_persistent: true`, Hermes uses Vercel snapshots to preserve filesystem state across sandbox recreation for the same task. This can include Hermes-synced credentials, skills, and cache files inside the sandbox. Snapshots do not preserve live processes, PID space, or the same live sandbox identity.
Background terminal commands use Hermes' generic non-local process flow: spawn, poll, wait, log, and kill work through the normal process tool while the sandbox is alive, but Hermes does not provide native Vercel detached-process recovery after cleanup or restart.
Leave `container_disk` unset or at the shared default `51200`; custom disk sizing is unsupported for Vercel Sandbox and will fail diagnostics/backend creation.
### Container Resources
Configure CPU, memory, disk, and persistence for all container backends:
```yaml
terminal:
backend: docker # or singularity, modal, daytona, vercel_sandbox
backend: docker # or singularity, modal, daytona
container_cpu: 1 # CPU cores (default: 1)
container_memory: 5120 # Memory in MB (default: 5GB)
container_disk: 51200 # Disk in MB (default: 50GB)

5
website/docs/user-guide/security.md
View file

@ -144,7 +144,7 @@ The following patterns trigger approval prompts (defined in `tools/approval.py`)
| `gateway run` with `&`/`disown`/`nohup`/`setsid` | Prevents starting gateway outside service manager |
:::info
**Container bypass**: When running in `docker`, `singularity`, `modal`, `daytona`, or `vercel_sandbox` backends, dangerous command checks are **skipped** because the container itself is the security boundary. Destructive commands inside a container can't harm the host.
**Container bypass**: When running in `docker`, `singularity`, `modal`, or `daytona` backends, dangerous command checks are **skipped** because the container itself is the security boundary. Destructive commands inside a container can't harm the host.
:::
### Approval Flow (CLI)
@ -340,7 +340,7 @@ terminal:
- **Ephemeral mode** (`container_persistent: false`): Uses tmpfs for workspace — everything is lost on cleanup
:::tip
For production gateway deployments, use `docker`, `modal`, `daytona`, or `vercel_sandbox` backend to isolate agent commands from your host system. This eliminates the need for dangerous command approval entirely.
For production gateway deployments, use `docker`, `modal`, or `daytona` backend to isolate agent commands from your host system. This eliminates the need for dangerous command approval entirely.
:::
:::warning
@ -357,7 +357,6 @@ If you add names to `terminal.docker_forward_env`, those variables are intention
| **singularity** | Container | ❌ Skipped | HPC environments |
| **modal** | Cloud sandbox | ❌ Skipped | Scalable cloud isolation |
| **daytona** | Cloud sandbox | ❌ Skipped | Persistent cloud workspaces |
| **vercel_sandbox** | Cloud microVM | ❌ Skipped | Cloud execution with snapshot persistence |
## Environment Variable Passthrough {#environment-variable-passthrough}

3
website/docs/user-guide/skills/bundled/autonomous-ai-agents/autonomous-ai-agents-hermes-agent.md
View file

@ -406,7 +406,6 @@ Full config reference: https://hermes-agent.nousresearch.com/docs/user-guide/con
| Alibaba / DashScope | API key | `DASHSCOPE_API_KEY` |
| Xiaomi MiMo | API key | `XIAOMI_API_KEY` |
| Kilo Code | API key | `KILOCODE_API_KEY` |
| AI Gateway (Vercel) | API key | `AI_GATEWAY_API_KEY` |
| OpenCode Zen | API key | `OPENCODE_ZEN_API_KEY` |
| OpenCode Go | API key | `OPENCODE_GO_API_KEY` |
| Qwen OAuth | OAuth | `hermes auth add qwen-oauth` |
@ -1014,7 +1013,7 @@ See `tests/agent/test_prompt_builder.py::TestEnvironmentHints` for a worked exam
Factual guidance about the host OS, user home, cwd, terminal backend, and shell (bash vs. PowerShell on Windows) is emitted from `agent/prompt_builder.py::build_environment_hints()`. This is also where the WSL hint and per-backend probe logic live. The convention:
- **Local terminal backend** → emit host info (OS, `$HOME`, cwd) + Windows-specific notes (hostname ≠ username, `terminal` uses bash not PowerShell).
- **Remote terminal backend** (anything in `_REMOTE_TERMINAL_BACKENDS`: `docker, singularity, modal, daytona, ssh, vercel_sandbox, managed_modal`) → **suppress** host info entirely and describe only the backend. A live `uname`/`whoami`/`pwd` probe runs inside the backend via `tools.environments.get_environment(...).execute(...)`, cached per process in `_BACKEND_PROBE_CACHE`, with a static fallback if the probe times out.
- **Remote terminal backend** (anything in `_REMOTE_TERMINAL_BACKENDS`: `docker, singularity, modal, daytona, ssh, managed_modal`) → **suppress** host info entirely and describe only the backend. A live `uname`/`whoami`/`pwd` probe runs inside the backend via `tools.environments.get_environment(...).execute(...)`, cached per process in `_BACKEND_PROBE_CACHE`, with a static fallback if the probe times out.
- **Key fact for prompt authoring:** when `TERMINAL_ENV != "local"`, *every* file tool (`read_file`, `write_file`, `patch`, `search_files`) runs inside the backend container, not on the host. The system prompt must never describe the host in that case — the agent can't touch it.
Full design notes, the exact emitted strings, and testing pitfalls:

2
website/i18n/zh-Hans/docusaurus-plugin-content-docs/current/developer-guide/architecture.md
View file

@ -211,7 +211,7 @@ CLI、gateway、cron、ACP 及辅助调用共用的运行时解析器。将 `(pr
### 工具系统
中央工具注册表(`tools/registry.py`),包含约 28 个 toolset 中的 70+ 个已注册工具。每个工具文件在导入时自行注册。注册表负责 schema 收集、分发、可用性检查和错误包装。终端工具支持 7 种后端local、Docker、SSH、Daytona、Modal、Singularity、Vercel Sandbox)。
中央工具注册表(`tools/registry.py`),包含约 28 个 toolset 中的 70+ 个已注册工具。每个工具文件在导入时自行注册。注册表负责 schema 收集、分发、可用性检查和错误包装。终端工具支持 6 种后端local、Docker、SSH、Daytona、Modal、Singularity
→ [工具运行时](./tools-runtime.md)

12
website/i18n/zh-Hans/docusaurus-plugin-content-docs/current/developer-guide/provider-runtime.md
View file

@ -42,7 +42,6 @@ Hermes 拥有一个共享的 provider 运行时解析器,用于以下场景:
当前 provider 系列包括(完整内置集合见 `plugins/model-providers/`
- AI GatewayVercel
- OpenRouter
- Nous Portal
- OpenAI Codex
@ -93,18 +92,13 @@ Hermes 拥有一个共享的 provider 运行时解析器,用于以下场景:
- ACP 编辑器会话
- 辅助模型任务
## AI Gateway
## OpenRouter 与自定义 OpenAI 兼容 base URL
`~/.hermes/.env` 中设置 `AI_GATEWAY_API_KEY`,并使用 `--provider ai-gateway` 运行。Hermes 从 gateway 的 `/models` 端点获取可用模型,筛选出支持工具调用的语言模型。
## OpenRouter、AI Gateway 与自定义 OpenAI 兼容 base URL
Hermes 包含相关逻辑,以避免在存在多个 provider 密钥时(例如同时存在 `OPENROUTER_API_KEY``AI_GATEWAY_API_KEY``OPENAI_API_KEY`)将错误的 API key 泄露给自定义端点。
Hermes 包含相关逻辑,以避免在存在多个 provider 密钥时(例如同时存在 `OPENROUTER_API_KEY``OPENAI_API_KEY`)将错误的 API key 泄露给自定义端点。
每个 provider 的 API key 仅作用于其自身的 base URL
- `OPENROUTER_API_KEY` 仅发送至 `openrouter.ai` 端点
- `AI_GATEWAY_API_KEY` 仅发送至 `ai-gateway.vercel.sh` 端点
- `OPENAI_API_KEY` 用于自定义端点及作为回退
Hermes 还区分以下两种情况:
@ -115,7 +109,7 @@ Hermes 还区分以下两种情况:
这种区分对以下场景尤为重要:
- 本地模型服务器
- 非 OpenRouter/非 AI Gateway 的 OpenAI 兼容 API
- 非 OpenRouter 的 OpenAI 兼容 API
- 无需重新运行 setup 即可切换 provider
- 通过 config 保存的自定义端点,即使当前 shell 中未导出 `OPENAI_BASE_URL` 也应正常工作

1
website/i18n/zh-Hans/docusaurus-plugin-content-docs/current/developer-guide/tools-runtime.md
View file

@ -213,7 +213,6 @@ registry.dispatch(name, args, **kwargs)
- singularity
- modal
- daytona
- vercel_sandbox
还支持:

1
website/i18n/zh-Hans/docusaurus-plugin-content-docs/current/getting-started/quickstart.md
View file

@ -124,7 +124,6 @@ hermes setup --portal
| **NVIDIA NIM** | 通过 build.nvidia.com 或本地 NIM 使用 Nemotron 模型 | 设置 `NVIDIA_API_KEY`(可选:`NVIDIA_BASE_URL` |
| **GitHub Copilot** | GitHub Copilot 订阅GPT-5.x、Claude、Gemini 等) | 通过 `hermes model` 进行 OAuth或设置 `COPILOT_GITHUB_TOKEN` / `GH_TOKEN` |
| **GitHub Copilot ACP** | Copilot ACP agent 后端(在本地启动 `copilot` CLI | `hermes model`(需要 `copilot` CLI + `copilot login` |
| **Vercel AI Gateway** | Vercel AI Gateway 路由 | 设置 `AI_GATEWAY_API_KEY` |
| **Custom Endpoint** | VLLM、SGLang、Ollama 或任何兼容 OpenAI 的 API | 设置 base URL + API key |
对于大多数初次使用的用户:选择一个 provider接受默认值除非你明确知道为何要修改。完整的 provider 目录及环境变量和配置步骤请参阅 [Providers](../integrations/providers.md) 页面。

3
website/i18n/zh-Hans/docusaurus-plugin-content-docs/current/integrations/providers.md
View file

@ -21,7 +21,6 @@ sidebar_position: 1
| **Anthropic** | `hermes model`Claude Max + 额外用量积分,通过 OAuth也支持 Anthropic API key 或手动 setup-token——见下方说明 |
| **OpenRouter** | `~/.hermes/.env` 中的 `OPENROUTER_API_KEY` |
| **NovitaAI** | `~/.hermes/.env` 中的 `NOVITA_API_KEY`provider: `novita`200+ 模型Model API、Agent Sandbox、GPU Cloud |
| **AI Gateway** | `~/.hermes/.env` 中的 `AI_GATEWAY_API_KEY`provider: `ai-gateway` |
| **z.ai / GLM** | `~/.hermes/.env` 中的 `GLM_API_KEY`provider: `zai` |
| **Kimi / Moonshot** | `~/.hermes/.env` 中的 `KIMI_API_KEY`provider: `kimi-coding` |
| **Kimi / Moonshot中国** | `~/.hermes/.env` 中的 `KIMI_CN_API_KEY`provider: `kimi-coding-cn`;别名:`kimi-cn``moonshot-cn` |
@ -1478,7 +1477,7 @@ fallback_model:
激活时,故障转移在不丢失对话的情况下中途切换模型和提供商。链按条目逐一尝试;每个会话激活一次。
支持的提供商:`openrouter``nous``openai-codex``copilot``copilot-acp``anthropic``gemini``google-gemini-cli``qwen-oauth``huggingface``zai``kimi-coding``kimi-coding-cn``minimax``minimax-cn``minimax-oauth``deepseek``nvidia``xai``xai-oauth``ollama-cloud``bedrock``ai-gateway`、`azure-foundry`、`opencode-zen``opencode-go``kilocode``xiaomi``arcee``gmi``stepfun``lmstudio``alibaba``alibaba-coding-plan``tencent-tokenhub``custom`
支持的提供商:`openrouter``nous``openai-codex``copilot``copilot-acp``anthropic``gemini``google-gemini-cli``qwen-oauth``huggingface``zai``kimi-coding``kimi-coding-cn``minimax``minimax-cn``minimax-oauth``deepseek``nvidia``xai``xai-oauth``ollama-cloud``bedrock``azure-foundry`、`opencode-zen``opencode-go``kilocode``xiaomi``arcee``gmi``stepfun``lmstudio``alibaba``alibaba-coding-plan``tencent-tokenhub``custom`
:::tip
故障转移仅通过 `config.yaml` 配置——或通过 `hermes fallback` 交互式配置。有关触发时机、链推进方式以及与辅助任务和委托的交互,参见[故障转移提供商](/user-guide/features/fallback-providers)。

2
website/i18n/zh-Hans/docusaurus-plugin-content-docs/current/reference/cli-commands.md
View file

@ -95,7 +95,7 @@ hermes chat [options]
| `-q`, `--query "..."` | 单次非交互式 prompt。 |
| `-m`, `--model <model>` | 覆盖本次运行的模型。 |
| `-t`, `--toolsets <csv>` | 启用逗号分隔的 toolset 集合。 |
| `--provider <provider>` | 强制指定 provider`auto``openrouter``nous``openai-codex``copilot-acp``copilot``anthropic``gemini``google-gemini-cli``huggingface``novita``zai``kimi-coding``kimi-coding-cn``minimax``minimax-cn``minimax-oauth``kilocode``xiaomi``arcee``gmi``alibaba``alibaba-coding-plan`(别名 `alibaba_coding`)、`deepseek``nvidia``ollama-cloud``xai`(别名 `grok`)、`xai-oauth`(别名 `grok-oauth`)、`qwen-oauth``bedrock``opencode-zen``opencode-go``ai-gateway`、`azure-foundry`、`lmstudio``stepfun``tencent-tokenhub`(别名 `tencent``tokenhub`)。 |
| `--provider <provider>` | 强制指定 provider`auto``openrouter``nous``openai-codex``copilot-acp``copilot``anthropic``gemini``google-gemini-cli``huggingface``novita``zai``kimi-coding``kimi-coding-cn``minimax``minimax-cn``minimax-oauth``kilocode``xiaomi``arcee``gmi``alibaba``alibaba-coding-plan`(别名 `alibaba_coding`)、`deepseek``nvidia``ollama-cloud``xai`(别名 `grok`)、`xai-oauth`(别名 `grok-oauth`)、`qwen-oauth``bedrock``opencode-zen``opencode-go``azure-foundry`、`lmstudio``stepfun``tencent-tokenhub`(别名 `tencent``tokenhub`)。 |
| `-s`, `--skills <name>` | 为会话预加载一个或多个 skill可重复或逗号分隔。 |
| `-v`, `--verbose` | 详细输出。 |
| `-Q`, `--quiet` | 程序化模式:抑制横幅/spinner/工具预览。 |

9
website/i18n/zh-Hans/docusaurus-plugin-content-docs/current/reference/environment-variables.md
View file

@ -18,8 +18,6 @@ description: "Hermes Agent 使用的所有环境变量完整参考"
| `HERMES_OPENROUTER_CACHE_TTL` | 缓存 TTL1-86400。覆盖 config.yaml 中的 `openrouter.response_cache_ttl`。 |
| `NOUS_BASE_URL` | 覆盖 Nous Portal base URL极少使用仅用于开发/测试) |
| `NOUS_INFERENCE_BASE_URL` | 直接覆盖 Nous 推理端点 |
| `AI_GATEWAY_API_KEY` | Vercel AI Gateway API 密钥([ai-gateway.vercel.sh](https://ai-gateway.vercel.sh) |
| `AI_GATEWAY_BASE_URL` | 覆盖 AI Gateway base URL默认`https://ai-gateway.vercel.sh/v1` |
| `OPENAI_API_KEY` | 自定义 OpenAI 兼容端点的 API 密钥(与 `OPENAI_BASE_URL` 配合使用) |
| `OPENAI_BASE_URL` | 自定义端点的 base URLVLLM、SGLang 等) |
| `COPILOT_GITHUB_TOKEN` | 用于 Copilot API 的 GitHub token——最高优先级OAuth `gho_*` 或细粒度 PAT `github_pat_*`;经典 PAT `ghp_*` **不支持** |
@ -156,10 +154,6 @@ description: "Hermes Agent 使用的所有环境变量完整参考"
| `HINDSIGHT_TIMEOUT` | Hindsight 内存提供商 API 调用超时(秒,默认:`60`)。如果 Hindsight 实例在 `/sync``on_session_switch` 期间响应缓慢并出现超时,请增大此值,并检查 `errors.log`。 |
| `SUPERMEMORY_API_KEY` | 支持 profile 召回和会话摄取的语义长期记忆([supermemory.ai](https://supermemory.ai) |
| `DAYTONA_API_KEY` | Daytona 云沙箱([daytona.io](https://daytona.io/) |
| `VERCEL_TOKEN` | Vercel Sandbox 访问 token[vercel.com](https://vercel.com/) |
| `VERCEL_PROJECT_ID` | Vercel 项目 ID`VERCEL_TOKEN` 配合使用) |
| `VERCEL_TEAM_ID` | Vercel 团队 ID`VERCEL_TOKEN` 配合使用) |
| `VERCEL_OIDC_TOKEN` | Vercel 短期 OIDC token仅用于开发的替代方案 |
### Langfuse 可观测性
@ -192,7 +186,7 @@ description: "Hermes Agent 使用的所有环境变量完整参考"
| 变量 | 描述 |
|----------|-------------|
| `TERMINAL_ENV` | 后端:`local``docker``ssh``singularity``modal``daytona``vercel_sandbox` |
| `TERMINAL_ENV` | 后端:`local``docker``ssh``singularity``modal``daytona` |
| `HERMES_DOCKER_BINARY` | 覆盖 Hermes 调用的容器二进制(例如 `podman``/usr/local/bin/docker`。未设置时Hermes 自动在 `PATH` 上发现 `docker``podman`。当两者都已安装且需要非默认选项,或二进制不在 `PATH` 中时使用。 |
| `TERMINAL_DOCKER_IMAGE` | Docker 镜像(默认:`nikolaik/python-nodejs:python3.11-nodejs20` |
| `TERMINAL_DOCKER_FORWARD_ENV` | 显式转发到 Docker 终端会话的环境变量名 JSON 数组。注意:技能声明的 `required_environment_variables` 会自动转发——仅对未被任何技能声明的变量使用此项。 |
@ -201,7 +195,6 @@ description: "Hermes Agent 使用的所有环境变量完整参考"
| `TERMINAL_SINGULARITY_IMAGE` | Singularity 镜像或 `.sif` 路径 |
| `TERMINAL_MODAL_IMAGE` | Modal 容器镜像 |
| `TERMINAL_DAYTONA_IMAGE` | Daytona 沙箱镜像 |
| `TERMINAL_VERCEL_RUNTIME` | Vercel Sandbox 运行时(`node24``node22``python3.13` |
| `TERMINAL_TIMEOUT` | 命令超时(秒) |
| `TERMINAL_LIFETIME_SECONDS` | 终端会话最大生命周期(秒) |
| `TERMINAL_CWD` | 终端会话的工作目录(仅 gateway/cronCLI 使用启动目录) |

52
website/i18n/zh-Hans/docusaurus-plugin-content-docs/current/user-guide/configuration.md
View file

@ -83,11 +83,11 @@ delegation:
## 终端后端配置
Hermes 支持种终端后端。每种后端决定 agent 的 shell 命令实际在哪里执行 —— 本地机器、Docker 容器、通过 SSH 的远程服务器、Modal 云沙箱(直接或通过 Nous 托管的 gateway、Daytona 工作区、Vercel Sandbox,或 Singularity/Apptainer 容器。
Hermes 支持种终端后端。每种后端决定 agent 的 shell 命令实际在哪里执行 —— 本地机器、Docker 容器、通过 SSH 的远程服务器、Modal 云沙箱(直接或通过 Nous 托管的 gateway、Daytona 工作区,或 Singularity/Apptainer 容器。
```yaml
terminal:
backend: local # local | docker | ssh | modal | daytona | vercel_sandbox | singularity
backend: local # local | docker | ssh | modal | daytona | singularity
cwd: "." # Gateway/cron 工作目录CLI 始终使用启动目录)
timeout: 180 # 每条命令的超时时间(秒)
env_passthrough: [] # 转发到沙箱执行的环境变量名terminal + execute_code
@ -96,7 +96,7 @@ terminal:
daytona_image: "nikolaik/python-nodejs:python3.11-nodejs20" # Daytona 后端的容器镜像
```
对于 Modal、Daytona 和 Vercel Sandbox 等云沙箱,`container_persistent: true` 表示 Hermes 将尝试在沙箱重建后保留文件系统状态。这并不保证相同的活跃沙箱、PID 空间或后台进程之后仍在运行。
对于 Modal 和 Daytona 等云沙箱,`container_persistent: true` 表示 Hermes 将尝试在沙箱重建后保留文件系统状态。这并不保证相同的活跃沙箱、PID 空间或后台进程之后仍在运行。
### 后端概览
@ -107,7 +107,6 @@ terminal:
| **ssh** | 通过 SSH 的远程服务器 | 网络边界 | 远程开发、强大硬件 |
| **modal** | Modal 云沙箱 | 完全(云 VM | 临时云计算、评估 |
| **daytona** | Daytona 工作区 | 完全(云容器) | 托管云开发环境 |
| **vercel_sandbox** | Vercel Sandbox | 完全(云 microVM | 带快照文件系统持久化的云执行 |
| **singularity** | Singularity/Apptainer 容器 | 命名空间(--containall | HPC 集群、共享机器 |
### Local 后端
@ -232,49 +231,6 @@ terminal:
**磁盘限制:** Daytona 强制执行 10 GiB 最大值。超过此值的请求将被截断并发出警告。
### Vercel Sandbox 后端
在 [Vercel Sandbox](https://vercel.com/docs/vercel-sandbox) 云 microVM 中运行命令。Hermes 使用普通的终端和文件工具接口;没有 Vercel 特定的面向模型的工具。
```yaml
terminal:
backend: vercel_sandbox
vercel_runtime: node24 # node24 | node22 | python3.13
cwd: /vercel/sandbox # 默认工作区根目录
container_persistent: true # 快照/恢复文件系统
container_disk: 51200 # 仅共享默认值;不支持自定义磁盘
```
**必需安装:** 安装可选 SDK 扩展:
```bash
pip install 'hermes-agent[vercel]'
```
**必需认证:** 使用 `VERCEL_TOKEN``VERCEL_PROJECT_ID``VERCEL_TEAM_ID` 三者全部配置访问令牌认证。这是在 Render、Railway、Docker 及类似宿主上部署和正常长期运行 Hermes 进程的受支持设置。
对于一次性本地开发Hermes 也接受短期 Vercel OIDC token
```bash
VERCEL_OIDC_TOKEN="$(vc project token <project-name>)" hermes chat
```
在已链接的 Vercel 项目目录中,可以省略项目名称:
```bash
VERCEL_OIDC_TOKEN="$(vc project token)" hermes chat
```
OIDC token 是短期的,不应作为文档化的部署路径使用。
**运行时:** `terminal.vercel_runtime` 支持 `node24``node22``python3.13`。未设置时Hermes 默认使用 `node24`
**持久化:** 当 `container_persistent: true`Hermes 在清理期间对沙箱文件系统进行快照,并从该快照为同一任务恢复后续沙箱。快照内容可以包括复制到沙箱中的 Hermes 同步凭据、技能和缓存文件。这仅保留文件系统状态不保留活跃沙箱身份、PID 空间、shell 状态或正在运行的后台进程。
**后台命令:** `terminal(background=true)` 使用 Hermes 的通用非本地后台进程流程。您可以在沙箱存活期间通过普通进程工具生成、轮询、等待、查看日志和终止进程。Hermes 不提供清理或重启后的原生 Vercel 分离进程恢复。
**磁盘大小:** Vercel Sandbox 目前不支持 Hermes 的 `container_disk` 资源旋钮。将 `container_disk` 保持未设置或使用共享默认值 `51200`;非默认值会导致诊断和后端创建失败,而不是被静默忽略。
### Singularity/Apptainer 后端
在 [Singularity/Apptainer](https://apptainer.org) 容器中运行命令。专为 Docker 不可用的 HPC 集群和共享机器设计。
@ -818,7 +774,7 @@ Hermes 中的每个模型槽位 —— 辅助任务、压缩、回退 —— 使
当设置 `base_url`Hermes 忽略 provider 并直接调用该端点(使用 `api_key``OPENAI_API_KEY` 进行认证)。当仅设置 `provider`Hermes 使用该 provider 的内置认证和基础 URL。
辅助任务的可用 providers`auto``main`,以及[provider 注册表](/reference/environment-variables)中的任何 provider —— `openrouter``nous``openai-codex``copilot``copilot-acp``anthropic``gemini``google-gemini-cli``qwen-oauth``zai``kimi-coding``kimi-coding-cn``minimax``minimax-cn``minimax-oauth``deepseek``nvidia``xai``xai-oauth``ollama-cloud``alibaba``bedrock``huggingface``arcee``xiaomi``kilocode``opencode-zen``opencode-go``ai-gateway`、`azure-foundry` —— 或您 `custom_providers` 列表中任何命名的自定义 provider例如 `provider: "beans"`)。
辅助任务的可用 providers`auto``main`,以及[provider 注册表](/reference/environment-variables)中的任何 provider —— `openrouter``nous``openai-codex``copilot``copilot-acp``anthropic``gemini``google-gemini-cli``qwen-oauth``zai``kimi-coding``kimi-coding-cn``minimax``minimax-cn``minimax-oauth``deepseek``nvidia``xai``xai-oauth``ollama-cloud``alibaba``bedrock``huggingface``arcee``xiaomi``kilocode``opencode-zen``opencode-go``azure-foundry` —— 或您 `custom_providers` 列表中任何命名的自定义 provider例如 `provider: "beans"`)。
:::tip MiniMax OAuth
`minimax-oauth` 通过浏览器 OAuth 登录(无需 API 密钥)。运行 `hermes model` 并选择 **MiniMax (OAuth)** 进行认证。辅助任务自动使用 `MiniMax-M2.7-highspeed`。参阅 [MiniMax OAuth 指南](../guides/minimax-oauth.md)。

1
website/i18n/zh-Hans/docusaurus-plugin-content-docs/current/user-guide/features/fallback-providers.md
View file

@ -47,7 +47,6 @@ fallback_model:
| 提供商 | 值 | 要求 |
|----------|-------|-------------|
| AI Gateway | `ai-gateway` | `AI_GATEWAY_API_KEY` |
| OpenRouter | `openrouter` | `OPENROUTER_API_KEY` |
| Nous Portal | `nous` | `hermes setup --portal`(全新安装)或 `hermes auth add nous`OAuth |
| OpenAI Codex | `openai-codex` | `hermes model`ChatGPT OAuth |

33
website/i18n/zh-Hans/docusaurus-plugin-content-docs/current/user-guide/features/tools.md
View file

@ -65,14 +65,13 @@ hermes tools
| `singularity` | HPC 容器 | 集群计算、无 root 权限 |
| `modal` | 云端执行 | 无服务器、弹性扩展 |
| `daytona` | 云端沙箱工作区 | 持久化远程开发环境 |
| `vercel_sandbox` | Vercel Sandbox 云微虚拟机 | 带快照文件系统持久化的云端执行 |
### 配置
```yaml
# 在 ~/.hermes/config.yaml 中
terminal:
backend: local # 或docker, ssh, singularity, modal, daytona, vercel_sandbox
backend: local # 或docker, ssh, singularity, modal, daytona
cwd: "." # 工作目录
timeout: 180 # 命令超时时间(秒)
```
@ -123,41 +122,13 @@ modal setup
hermes config set terminal.backend modal
```
### Vercel Sandbox
```bash
pip install 'hermes-agent[vercel]'
hermes config set terminal.backend vercel_sandbox
hermes config set terminal.vercel_runtime node24
```
需同时配置 `VERCEL_TOKEN``VERCEL_PROJECT_ID``VERCEL_TEAM_ID` 三个凭据。此访问令牌配置方式是在 Render、Railway、Docker 及类似平台上进行部署和正常长期运行 Hermes 进程的推荐路径。支持的运行时为 `node24``node22``python3.13`Hermes 默认使用 `/vercel/sandbox` 作为远程工作区根目录。
对于本地一次性开发Hermes 也接受短期 Vercel OIDC token
```bash
VERCEL_OIDC_TOKEN="$(vc project token <project-name>)" hermes chat
```
在已关联的 Vercel 项目目录中:
```bash
VERCEL_OIDC_TOKEN="$(vc project token)" hermes chat
```
启用 `container_persistent: true`Hermes 使用 Vercel 快照在同一任务的沙箱重建时保留文件系统状态,其中可包含沙箱内 Hermes 同步的凭据、技能和缓存文件。快照不保留活跃进程、PID 空间或相同的活跃沙箱标识。
后台终端命令使用 Hermes 通用的非本地进程流程在沙箱存活期间spawn、poll、wait、log 和 kill 均通过标准 process 工具运行,但 Hermes 不提供清理或重启后的原生 Vercel 后台进程恢复能力。
`container_disk` 保持未设置或使用共享默认值 `51200`Vercel Sandbox 不支持自定义磁盘大小,设置后将导致诊断/后端创建失败。
### 容器资源
为所有容器后端配置 CPU、内存、磁盘和持久化
```yaml
terminal:
backend: docker # 或 singularity, modal, daytona, vercel_sandbox
backend: docker # 或 singularity, modal, daytona
container_cpu: 1 # CPU 核心数默认1
container_memory: 5120 # 内存MB默认5GB
container_disk: 51200 # 磁盘MB默认50GB

5
website/i18n/zh-Hans/docusaurus-plugin-content-docs/current/user-guide/security.md
View file

@ -144,7 +144,7 @@ approvals:
| `gateway run` 配合 `&`/`disown`/`nohup`/`setsid` | 防止在服务管理器外启动 gateway |
:::info
**容器绕过**:在 `docker``singularity``modal``daytona``vercel_sandbox` 后端运行时,危险命令检查会被**跳过**,因为容器本身就是安全边界。容器内的破坏性命令不会危害宿主机。
**容器绕过**:在 `docker``singularity``modal``daytona` 后端运行时,危险命令检查会被**跳过**,因为容器本身就是安全边界。容器内的破坏性命令不会危害宿主机。
:::
### 审批流程CLI
@ -340,7 +340,7 @@ terminal:
- **临时模式**`container_persistent: false`):工作区使用 tmpfs——清理后所有内容丢失
:::tip
对于生产 gateway 部署,使用 `docker``modal``daytona``vercel_sandbox` 后端,将 Agent 命令与宿主机系统隔离。这样可以完全消除危险命令审批的需要。
对于生产 gateway 部署,使用 `docker``modal``daytona` 后端,将 Agent 命令与宿主机系统隔离。这样可以完全消除危险命令审批的需要。
:::
:::warning
@ -357,7 +357,6 @@ terminal:
| **singularity** | 容器 | ❌ 跳过 | HPC 环境 |
| **modal** | 云沙箱 | ❌ 跳过 | 可扩展的云隔离 |
| **daytona** | 云沙箱 | ❌ 跳过 | 持久化云工作区 |
| **vercel_sandbox** | 云微虚拟机 | ❌ 跳过 | 带快照持久化的云执行 |
## 环境变量透传 {#environment-variable-passthrough}

3
website/i18n/zh-Hans/docusaurus-plugin-content-docs/current/user-guide/skills/bundled/autonomous-ai-agents/autonomous-ai-agents-hermes-agent.md
View file

@ -401,7 +401,6 @@ Profiles 使用 `~/.hermes/profiles/<name>/`,布局相同。
| Alibaba / DashScope | API key | `DASHSCOPE_API_KEY` |
| Xiaomi MiMo | API key | `XIAOMI_API_KEY` |
| Kilo Code | API key | `KILOCODE_API_KEY` |
| AI Gateway (Vercel) | API key | `AI_GATEWAY_API_KEY` |
| OpenCode Zen | API key | `OPENCODE_ZEN_API_KEY` |
| OpenCode Go | API key | `OPENCODE_GO_API_KEY` |
| Qwen OAuth | OAuth | `hermes auth add qwen-oauth` |
@ -922,7 +921,7 @@ monkeypatch.setattr(platform, "release", lambda: "6.8.0-generic")
关于宿主 OS、用户 home、cwd、终端后端和 shellWindows 上的 bash vs PowerShell的事实性指导从 `agent/prompt_builder.py::build_environment_hints()` 输出。WSL 提示和每个后端的探测逻辑也在此处。约定:
- **本地终端后端** → 输出宿主信息OS、`$HOME`、cwd+ Windows 特有说明hostname ≠ username`terminal` 使用 bash 而非 PowerShell
- **远程终端后端**`_REMOTE_TERMINAL_BACKENDS` 中的任何内容:`docker, singularity, modal, daytona, ssh, vercel_sandbox, managed_modal`)→ **完全抑制**宿主信息,仅描述后端。通过 `tools.environments.get_environment(...).execute(...)` 在后端内运行实时 `uname`/`whoami`/`pwd` 探测,每进程缓存在 `_BACKEND_PROBE_CACHE` 中,探测超时时使用静态回退。
- **远程终端后端**`_REMOTE_TERMINAL_BACKENDS` 中的任何内容:`docker, singularity, modal, daytona, ssh, managed_modal`)→ **完全抑制**宿主信息,仅描述后端。通过 `tools.environments.get_environment(...).execute(...)` 在后端内运行实时 `uname`/`whoami`/`pwd` 探测,每进程缓存在 `_BACKEND_PROBE_CACHE` 中,探测超时时使用静态回退。
- **prompt 编写的关键事实:**`TERMINAL_ENV != "local"` 时,*每个*文件工具(`read_file``write_file``patch``search_files`)都在后端容器内运行,而非宿主上。在这种情况下,系统 prompt 绝不能描述宿主——agent 无法访问它。
完整设计说明、确切输出字符串和测试陷阱:`references/prompt-builder-environment-hints.md`