mirrors/hermes-agent
1
0
Fork 0
mirror of https://github.com/NousResearch/hermes-agent.git synced 2026-04-25 00:51:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
hermes-agent/website/docs/user-guide/features
History
Teknium 745859babb
feat: env var passthrough for skills and user config (#2807) 
* feat: env var passthrough for skills and user config

Skills that declare required_environment_variables now have those vars
passed through to sandboxed execution environments (execute_code and
terminal).  Previously, execute_code stripped all vars containing KEY,
TOKEN, SECRET, etc. and the terminal blocklist removed Hermes
infrastructure vars — both blocked skill-declared env vars.

Two passthrough sources:

1. Skill-scoped (automatic): when a skill is loaded via skill_view and
   declares required_environment_variables, vars that are present in
   the environment are registered in a session-scoped passthrough set.

2. Config-based (manual): terminal.env_passthrough in config.yaml lets
   users explicitly allowlist vars for non-skill use cases.

Changes:
- New module: tools/env_passthrough.py — shared passthrough registry
- hermes_cli/config.py: add terminal.env_passthrough to DEFAULT_CONFIG
- tools/skills_tool.py: register available skill env vars on load
- tools/code_execution_tool.py: check passthrough before filtering
- tools/environments/local.py: check passthrough in _sanitize_subprocess_env
  and _make_run_env
- 19 new tests covering all layers

* docs: add environment variable passthrough documentation

Document the env var passthrough feature across four docs pages:

- security.md: new 'Environment Variable Passthrough' section with
  full explanation, comparison table, and security considerations
- code-execution.md: update security section, add passthrough subsection,
  fix comparison table
- creating-skills.md: add tip about automatic sandbox passthrough
- skills.md: add note about passthrough after secure setup docs

Live-tested: launched interactive CLI, loaded a skill with
required_environment_variables, verified TEST_SKILL_SECRET_KEY was
accessible inside execute_code sandbox (value: passthrough-test-value-42).
2026-03-24 08:19:34 -07:00
..
_category_.json feat: add documentation website (Docusaurus) 2026-03-05 05:24:55 -08:00
acp.md docs: add ACP and internal systems implementation guides 2026-03-14 00:29:48 -07:00
api-server.md fix(security): block untrusted browser access to api server (#2451) 2026-03-22 04:08:48 -07:00
batch-processing.md docs: stabilize website diagrams 2026-03-14 22:49:57 -07:00
browser.md docs: comprehensive documentation update for recent features 2026-03-17 03:42:02 -07:00
checkpoints.md docs: update checkpoint/rollback docs for new features 2026-03-16 04:56:22 -07:00
code-execution.md feat: env var passthrough for skills and user config (#2807) 2026-03-24 08:19:34 -07:00
context-files.md docs: fix stale and incorrect documentation across 18 files 2026-03-24 07:53:07 -07:00
cron.md docs: clarify gateway service scopes (#1378) 2026-03-14 21:17:41 -07:00
delegation.md docs: fix stale and incorrect documentation across 18 files 2026-03-24 07:53:07 -07:00
fallback-providers.md feat(compression): add summary_base_url + move compression config to YAML-only 2026-03-17 04:46:15 -07:00
honcho.md docs(honcho): add self-hosted / Docker configuration section 2026-03-22 05:03:17 -07:00
hooks.md docs: stabilize website diagrams 2026-03-14 22:49:57 -07:00
image-generation.md docs: add 11 new pages + expand 4 existing pages (26 → 37 total) 2026-03-05 07:28:41 -08:00
mcp.md docs: fix MCP install commands — use uv, not bare pip 2026-03-18 03:14:58 -07:00
memory.md docs(honcho): rewrite Honcho Memory docs as full feature documentation 2026-03-10 16:49:14 -04:00
personality.md docs: document SOUL.md as primary agent identity (#1927) 2026-03-18 04:18:08 -07:00
plugins.md feat(plugins): add slash command registration for plugins (#2359) 2026-03-21 16:00:30 -07:00
provider-routing.md docs: fallback providers + /background command documentation 2026-03-15 06:24:28 -07:00
rl-training.md docs: fix stale and incorrect documentation across 18 files 2026-03-24 07:53:07 -07:00
skills.md feat: env var passthrough for skills and user config (#2807) 2026-03-24 08:19:34 -07:00
skins.md docs: expand Docusaurus coverage across CLI, tools, skills, and skins (#1232) 2026-03-13 21:34:41 -07:00
tools.md fix(docker): add explicit env allowlist for container credentials (#1436) 2026-03-17 02:34:35 -07:00
tts.md docs: fix stale and incorrect documentation across 18 files 2026-03-24 07:53:07 -07:00
vision.md docs: add Vision & Image Paste guide with platform compatibility 2026-03-05 23:51:46 -08:00
voice-mode.md feat(tools): add base_url support to OpenAI TTS provider 2026-03-19 23:55:13 +08:00