Skip to main content
hc
Submit
toolsSource-backedReview first Safety Privacy

Hermes Agent

Nous Research AI agent with terminal UI, messaging gateway, skills, memory, MCP integration, scheduled automations, subagents, terminal backends, OpenClaw migration, model switching, and persistent cross-session workflows.

by Nous Research·added 2026-06-18·
CodexCLI
HarnessCodexCLI
Review first review before installing

Open the source and read safety notes before installing.

Safety notes

  • Hermes Agent can run tools, shell commands, terminal sessions, scheduled jobs, subagents, skills, MCP servers, messaging gateways, and remote backends; review permissions before using it on sensitive systems.
  • The README documents one-line shell installers for some platforms. Inspect installer scripts and prefer isolated package installs or disposable environments when evaluating the agent.
  • OpenClaw migration can import settings, memories, skills, command allowlists, messaging settings, API keys, audio assets, and workspace instructions; use dry-run and non-secret presets before migrating real profiles.
  • Scheduled automations and messaging gateways can run unattended and deliver results to external chat systems, so restrict allowed users, home directories, credentials, and write-capable tools.
  • Terminal backends such as local shell, Docker, SSH, Singularity, Modal, and Daytona can touch local files, containers, remote hosts, cloud sandboxes, and GPU infrastructure.

Privacy notes

  • Conversation history, memory files, user profiles, skill outputs, session search indexes, tool arguments, tool results, model responses, gateway messages, audio transcripts, and logs may contain sensitive data.
  • Model providers, messaging platforms, search/image/TTS/browser tool gateways, MCP servers, and remote terminal backends may receive prompts, files, commands, account identifiers, or generated outputs depending on configuration.
  • OpenClaw migration may copy memories, persona files, skills, API keys, messaging settings, command allowlists, TTS assets, and workspace instructions into the Hermes profile.
  • Keep provider keys, bot tokens, OAuth grants, migrated secrets, workspace paths, generated summaries, and session search data out of public prompts, screenshots, issues, and examples.

Prerequisites

  • Python 3.11 through 3.13 for the packaged Python project.
  • uv, pipx, or another isolated Python application installer.
  • Model provider credentials for Nous Portal, OpenRouter, NovitaAI, NVIDIA NIM, OpenAI-compatible endpoints, or another configured provider.
  • A clear tool and terminal-backend policy before enabling local shell, Docker, SSH, Singularity, Modal, Daytona, browser, search, messaging, or MCP features.
  • Messaging platform bot tokens, workspace credentials, and allowed-user lists if Telegram, Discord, Slack, WhatsApp, Signal, Email, Home Assistant, or other gateway routes are enabled.

Schema details

Install type
cli
Troubleshooting
No
Source repository stats
Scope
Source repo
Collection metadata
Estimated setup
20 minutes
Difficulty
advanced
Tool listing metadata
Pricing
freemium
Disclosure
editorial
Application category
DeveloperApplication
Operating system
Cross-platform
Full copyable content
uv tool install hermes-agent
hermes

About this resource

Overview

Hermes Agent is a Nous Research agent for persistent, cross-session AI workflows. It combines a terminal UI, model switching, skills, memory, conversation search, scheduled automations, subagents, messaging gateways, MCP integration, and multiple terminal backends. It is positioned for users who want an agent that can keep working outside a single laptop session, including from chat platforms and cloud or remote execution environments.

This entry is especially relevant for Hermes Agent, Nous Research Hermes Agent, Hermes Agent MCP, Hermes Agent skills, Hermes Agent memory, OpenClaw migration, Claude Code agent skills, Codex agent memory, and self-improving AI agent searches.

Install

The Python package exposes hermes, hermes-agent, and hermes-acp console scripts. A conservative isolated install path is:

uv tool install hermes-agent
hermes

The upstream README also documents platform-specific quick installers and a managed checkout layout. Review installer behavior, created directories, bundled dependencies, and shell integration before using those paths on a primary workstation.

Core Capabilities

Area Hermes Agent Coverage
Agent UI Terminal UI with multiline editing, slash-command autocomplete, history, interrupts, and streaming tool output
Models Provider switching across Nous Portal, OpenRouter, NovitaAI, NVIDIA NIM, Xiaomi MiMo, z.ai, Kimi/Moonshot, MiniMax, Hugging Face, OpenAI, and custom endpoints
Skills Agent-created and user-managed skills, self-improvement during use, Skills Hub compatibility, and OpenClaw skill migration
Memory Persistent memory, session search, user profile modeling, summaries, and cross-session recall
MCP MCP integration for connecting external servers and optional MCP package extra in the Python project
Messaging Gateway process for Telegram, Discord, Slack, WhatsApp, Signal, Email, Home Assistant, and other platform routes documented upstream
Scheduling Natural-language cron jobs and scheduled automations delivered through configured platforms
Execution Local, Docker, SSH, Singularity, Modal, and Daytona terminal backends
Migration hermes claw migrate workflow for importing OpenClaw settings, skills, memories, allowlists, messaging settings, and selected secrets

MCP, Skills, and OpenClaw Fit

Hermes sits directly in the MCP, skills, and agent-harness cluster. It can use MCP servers as part of its tool surface, create and improve reusable skills, and migrate OpenClaw profiles for users moving between agent systems. That makes it useful content for people comparing Claude Code, Codex, OpenClaw, Gemini CLI, and Hermes-style persistent agents.

The operational concern is that Hermes is not a passive chat interface. Once tools, gateways, scheduled tasks, terminal backends, and MCP servers are enabled, it can execute real actions across local systems, remote hosts, chat platforms, model providers, and cloud sandboxes.

Use Cases

  • Run an AI agent from a terminal UI with persistent conversation state.
  • Move agent workflows from OpenClaw into a Hermes profile with dry-run migration first.
  • Use skills and memory to preserve procedures and user preferences across sessions.
  • Connect MCP servers to extend the agent's tool surface.
  • Schedule recurring reports, audits, backups, or review jobs.
  • Talk to the same agent through Telegram, Discord, Slack, WhatsApp, Signal, or Email.
  • Run work in local shell, Docker, SSH, Singularity, Modal, or Daytona environments.
  • Compare persistent agent systems against Claude Code, Codex, OpenClaw, Qwen-Agent, CAMEL-AI, AG2, and mcp-agent workflows.

Source Review

Verified on 2026-06-18:

  • GitHub reports NousResearch/hermes-agent as an MIT-licensed repository with active development, 196,000+ stars, and latest release v2026.6.5.
  • The README describes Hermes Agent as a self-improving AI agent with skills created from experience, skill improvement during use, memory, session search, user modeling, scheduled automations, subagents, and terminal backends.
  • The README lists model-provider options, a terminal UI, messaging gateways, skills, memory, scheduled automations, subagents, local/Docker/SSH/Singularity /Modal/Daytona terminal backends, MCP integration, and OpenClaw migration.
  • pyproject.toml declares the hermes-agent Python package at version 0.16.0, Python >=3.11,<3.14, MIT license, console scripts for hermes, hermes-agent, and hermes-acp, and optional extras for MCP, messaging, model/tool backends, dashboard, voice, Honcho, and other integrations.
  • PyPI reports hermes-agent version 0.16.0 with wheel and source distribution uploaded on 2026-06-06.
  • package.json documents the JavaScript workspace side of the project, including web, TUI, and desktop workspaces and Node.js 20+.

Safety and Privacy

Hermes can become a long-running personal or team agent, so treat its profile as an operational environment rather than a disposable chat history. Review tool enablement, command allowlists, terminal backend choice, messaging platform permissions, scheduled jobs, model-provider routing, MCP server access, and migration inputs before putting real accounts or private repos behind it.

Memory and session search are useful because they preserve context, but that also means sensitive data can persist across conversations. Define retention, export, deletion, backup, and profile-separation rules before using Hermes with customer data, source code, credentials, private chat messages, or production systems.

Duplicate Check

Checked current content/tools/, content/mcp/, content/agents/, content/skills/, guides, collections, README output, open pull requests, and repository-wide content for NousResearch/hermes-agent, Hermes Agent, Nous Research Hermes Agent, Hermes Agent MCP, Hermes Agent skills, Hermes Agent memory, Hermes Agent OpenClaw migration, hermes-agent PyPI package, Claude Code agent skills, Codex agent memory, and OpenClaw alternative. No dedicated Hermes Agent tools entry, exact source URL duplicate, target file, or open duplicate PR was found.

#hermes-agent#nous-research#ai-agents#agent-skills#memory#mcp#openclaw#claude-code#codex#messaging-gateway

Source citations

Add this badge to your README

Show that Hermes Agent is listed on HeyClaude. Paste this Markdown into your README — it renders the badge and links back to this page.

Listed on HeyClaude
[![Listed on HeyClaude](https://heyclau.de/badge/tools/hermes-agent.svg)](https://heyclau.de/entry/tools/hermes-agent)

How it compares

Hermes Agent side by side with 3 alternatives on trust, install, platform support, and disclosed safety notes — all from reviewed registry metadata.

FieldHermes Agent

Nous Research AI agent with terminal UI, messaging gateway, skills, memory, MCP integration, scheduled automations, subagents, terminal backends, OpenClaw migration, model switching, and persistent cross-session workflows.

Open dossier 		Skills CLI

MIT-licensed `skills` CLI from Vercel Labs for installing, using, finding, listing, updating, removing, and initializing Agent Skills across Claude Code, Codex, Cursor, OpenCode, OpenClaw, Gemini CLI, GitHub Copilot, Windsurf, Zed, and dozens of other agent hosts.

Open dossier 		Skillshare

MIT-licensed Go CLI for syncing AI agent skills, agents, rules, commands, prompts, and other file-based resources across Codex, Claude Code, OpenClaw, Cursor, Windsurf, Gemini-style targets, and dozens of other AI CLI tools.

Open dossier 		Browser Harness

MIT-licensed CDP browser-control harness from Browser Use that lets Claude Code, Codex, and other coding agents connect to a real or cloud Chrome browser, use screenshots and coordinate clicks, edit task-specific helpers, and optionally learn reusable domain skills for web automation workflows.

Open dossier
Trust
Install riskReview firstReview firstReview firstReview first
Notes Safety Privacy Safety Privacy Safety Privacy Safety Privacy
Categorytoolstoolstoolstools
Sourcesource-backedsource-backedsource-backedsource-backed
AuthorNous ResearchVercel LabsrunkidsBrowser Use
Added2026-06-182026-06-182026-06-182026-06-18
Platforms
CodexCLI
CursorCodexCLI
CursorCodexCLI
CodexCLI
Source repo
Safety notesHermes Agent can run tools, shell commands, terminal sessions, scheduled jobs, subagents, skills, MCP servers, messaging gateways, and remote backends; review permissions before using it on sensitive systems. The README documents one-line shell installers for some platforms. Inspect installer scripts and prefer isolated package installs or disposable environments when evaluating the agent. OpenClaw migration can import settings, memories, skills, command allowlists, messaging settings, API keys, audio assets, and workspace instructions; use dry-run and non-secret presets before migrating real profiles. Scheduled automations and messaging gateways can run unattended and deliver results to external chat systems, so restrict allowed users, home directories, credentials, and write-capable tools. Terminal backends such as local shell, Docker, SSH, Singularity, Modal, and Daytona can touch local files, containers, remote hosts, cloud sandboxes, and GPU infrastructure.Agent Skills are executable instructions for coding agents. Inspect `SKILL.md` and supporting files before installing or using skills from unknown repositories. `skills add`, `skills update`, `skills remove`, and `experimental_sync` can write, replace, symlink, copy, or remove skill folders across many local agent directories. Review `--agent`, `--skill`, `--all`, `--global`, and `--yes` flags before running broad operations. `skills use` can materialize a skill into a temporary directory and print the generated prompt, or start a supported agent interactively with that prompt. Treat untrusted skill text as prompt-bearing code. Symlink install mode keeps a canonical copy and links agent directories to it. Copy mode creates independent copies. Choose deliberately when working across shared repos, Windows environments, containers, or synchronized directories. The CLI includes explicit warnings for OpenClaw community skills in `skills use`; do not bypass those warnings unless you understand the trust model for the selected source. The security audit lookup is best-effort and never blocks installation. A missing or safe-looking audit result is not a substitute for reviewing the skill source.Skillshare writes into multiple agent skill directories. A bad sync can propagate unsafe, stale, or target-incompatible instructions across every configured AI CLI. Run `skillshare sync --dry-run` before the first sync, after target changes, and before `--force`, especially when local skills already exist in target directories. The README documents shell and PowerShell installers that download and execute release artifacts from GitHub. Inspect installer scripts or use a pinned release/Homebrew path when supply-chain control matters. The Unix installer may use `sudo` when installing to `/usr/local/bin`; review `INSTALL_DIR` and PATH behavior before running in managed environments. The audit engine is a useful gate for prompt injection, hidden Unicode, credential access, data exfiltration, destructive commands, hardcoded secrets, and tamper checks, but it is pattern-based and does not prove a skill is safe. Avoid `--force` and broad include patterns until target filters, `.skillignore`, copy/symlink behavior, and backups have been reviewed.Browser Harness can connect agents to a real logged-in Chrome profile. Remote debugging may expose active sessions, extensions, bookmarks, history, page content, downloads, uploads, and account actions to the agent. The documented Way 1 setup uses the user's everyday Chrome profile through `chrome://inspect/#remote-debugging`; require explicit user consent before attaching to sensitive accounts. The documented Way 2 setup launches Chrome with a non-default `--user-data-dir` and remote debugging port; keep that isolated profile separate from everyday browser data. Remote Browser Use Cloud sessions require `BROWSER_USE_API_KEY`, may use proxies, can persist profile state, and can continue billing until timeout or shutdown. Agents using Browser Harness can edit `agent-workspace/agent_helpers.py` and optional domain-skill files; review generated helper code and public skill contributions before reuse. Browser automation can submit forms, send messages, purchase items, scrape websites, change account settings, and upload files. Keep destructive or account-writing tasks behind confirmation.
Privacy notesConversation history, memory files, user profiles, skill outputs, session search indexes, tool arguments, tool results, model responses, gateway messages, audio transcripts, and logs may contain sensitive data. Model providers, messaging platforms, search/image/TTS/browser tool gateways, MCP servers, and remote terminal backends may receive prompts, files, commands, account identifiers, or generated outputs depending on configuration. OpenClaw migration may copy memories, persona files, skills, API keys, messaging settings, command allowlists, TTS assets, and workspace instructions into the Hermes profile. Keep provider keys, bot tokens, OAuth grants, migrated secrets, workspace paths, generated summaries, and session search data out of public prompts, screenshots, issues, and examples.By default, the CLI can send telemetry to `add-skill.vercel.sh` unless `DISABLE_TELEMETRY` or `DO_NOT_TRACK` is set. Telemetry fields in source include CLI version, CI flag, detected agent name, event type, source, selected skills, selected agents, global flag, source type, update counts, find query, and result counts. Security-audit lookup requests can send the skill source and selected skill slugs to the audit endpoint. Local project and global installs can persist source names, selected skills, agent targets, canonical paths, lock data, symlinks, and copied skill contents on disk. Skill contents used through `skills use` are embedded into the generated prompt and may be sent to the downstream model provider or interactive agent process.Skillshare can read, copy, symlink, collect, audit, back up, commit, push, and pull local skill, agent, rule, command, prompt, and extra files. Skills can contain prompts, workflow instructions, local paths, target-specific rules, credentials by mistake, internal URLs, repository conventions, customer context, or model-provider guidance. Audit reports, backups, UI views, logs, git commits, and synced target directories can reveal the contents of private skills and agent instructions. Remote installs from GitHub, GitLab, Bitbucket, Azure DevOps, or self-hosted Git expose repository URLs and may fetch untrusted content into the local source directory before sync. The README describes Skillshare as local, lightweight, offline-capable, and without telemetry; still treat any configured remotes, git pushes, setup actions, and hosted documentation links as external data flows.Browser Harness workflows can expose page screenshots, DOM text, URLs, cookies-backed login state, account data, downloads, uploads, form inputs, and extracted website data to the agent and configured model providers. Profile sync for Browser Use Cloud is documented as cookies-only, but it still moves browser authentication material into a remote browser environment. Cloud browser live URLs, proxy settings, profile identifiers, daemon logs, `/tmp` socket or pid files, and copied support artifacts may reveal browsing activity or account context. Public domain-skill PRs should not include secrets, private selectors tied to confidential apps, customer data, screenshots, credentials, tokens, or personal browsing history.
Prerequisites
  • Python 3.11 through 3.13 for the packaged Python project.
  • uv, pipx, or another isolated Python application installer.
  • Model provider credentials for Nous Portal, OpenRouter, NovitaAI, NVIDIA NIM, OpenAI-compatible endpoints, or another configured provider.
  • A clear tool and terminal-backend policy before enabling local shell, Docker, SSH, Singularity, Modal, Daytona, browser, search, messaging, or MCP features.
  • Node.js 18 or newer for the published `skills` npm package.
  • At least one supported agent host installed if using auto-detected targets, such as Claude Code, Codex, Cursor, OpenCode, OpenClaw, Gemini CLI, GitHub Copilot, Windsurf, Zed, or another supported agent.
  • A reviewed skill source from GitHub, GitLab, a git URL, a local path, a direct skill folder, or another supported provider.
  • A decision between project-scoped skills that live under the current repository and global skills that live under the user's home/config directories.
  • A supported install path: Homebrew, GitHub release archive, shell installer, PowerShell installer, or GitHub Actions setup action.
  • One or more local AI CLI tools with skill directories, such as Codex, Claude Code, OpenClaw, Cursor, OpenCode, Windsurf, Qwen, Goose, or a custom target.
  • A source directory for reviewed skills, agents, and extras, or a project-level `.skillshare/` configuration for repo-local skills.
  • A policy for symlink, copy, or merge mode per target, especially on Windows or tools that cannot follow symlinks.
  • Python 3.11 or newer, uv, git, and a durable local checkout for editable installation.
  • A Chrome or Chromium-based browser that can be attached through Chrome remote debugging, or a Browser Use Cloud API key for cloud browsers.
  • Codex, Claude Code, or another agent host that can read the Browser Harness `SKILL.md` instructions.
  • A clear boundary for which browser profile, logged-in sites, cloud browser sessions, downloads, uploads, and account actions the agent may access.
Install
uv tool install hermes-agent
npm install -g skills
brew install skillshare
git clone https://github.com/browser-use/browser-harness && cd browser-harness && uv tool install -e .
Config
{
  "projectInstall": "npx skills add vercel-labs/agent-skills --skill frontend-design -a claude-code",
  "globalInstall": "npx skills add vercel-labs/agent-skills --skill frontend-design -g -a claude-code -y",
  "temporaryUse": "npx skills use vercel-labs/agent-skills@web-design-guidelines | claude",
  "disableTelemetry": "DISABLE_TELEMETRY=1 npx skills list"
}
source: ~/.config/skillshare/skills
mode: merge
targets:
  claude:
    path: ~/.claude/skills
  codex:
    path: ~/.codex/skills
    mode: symlink
  openclaw:
    path: ~/.openclaw/skills
  cursor:
    path: ~/.cursor/skills
    mode: copy
ignore:
  - "**/.git/**"
  - "**/node_modules/**"
Citations
ClaimUnclaimedUnclaimedUnclaimedUnclaimed

Signals

Loading live community signals…

More like this, weekly

A short, calm digest of reviewed Claude resources. Unsubscribe any time.