Hermes LoopHermes Loop
Hermes runtime · parity

Hermes Agent feature parityWhat ships today, what's partial, what's on the roadmap.

Hermes Agent (Nous Research) is the autonomous runtime. Agent Hermes Loop is the operator + governance layer around Hermes-powered workflows. This board is the source of truth on which engine features are actually wired up here. Hermes Loop is not trying to replace Hermes Agent; it's the control room around it.

Hermes Agent docs ↗
Total
42
8 categories
Shipped
22
52%
Partial
14
33%
Missing
6
14%

Runtime + model

4 features
Hermes chat completions
SHIPPED
What exists today
hermesChat() calls /chat/completions with retries, exponential backoff, and Retry-After honouring.
Gap / next step
Live provider health
SHIPPED
What exists today
GET /api/hermes/health probes /models, caches for 30s, surfaced as a green/red badge in the nav.
Gap / next step
Live per-model cost tracking
SHIPPED
What exists today
Live per-model rates fetched from /models, cached 1h, recorded on every receipt with priceSource.
Gap / next step
Multi-model routing
PARTIAL
What exists today
Agent specs can request default / fast / strong / judge / vision roles. The Hermes client resolves HERMES_MODEL_* env vars and records model/modelRole/modelFallback on AgentRunStep.
Gap / next step
No automatic quality-based escalation chain yet; unconfigured roles fall back to default and are marked as fallbackUsed.

Memory + skills

4 features
Persistent memory
SHIPPED
What exists today
MemoryItem table with scope, source, confidence, pinned, archived; selected per mission and recorded in MemoryUsage.
Gap / next step
Memory governance / diff / hygiene
SHIPPED
What exists today
/memory/diff and /memory/hygiene catch duplicates, conflicts, stale, low-confidence items.
Gap / next step
Auto-generated skills
PARTIAL
What exists today
MemorySuggestion infers learnings from completed missions; operator approves/rejects.
Gap / next step
No autonomous skill creation — agent cannot define a new skill at run time and persist it without approval.
Skill marketplace / registry
PARTIAL
What exists today
Skill + HermesSkill tables with install/enable/version events; UI at /hermes/skills.
Gap / next step
Local registry only. No remote marketplace fetch, no signed-skill verification.

Scheduling + jobs

4 features
Scheduled missions
SHIPPED
What exists today
ScheduledMission with ONCE / DAILY / WEEKDAYS / WEEKLY / MONTHLY cadences and timezone-aware nextRunAt.
Gap / next step
Persistent job queue
SHIPPED
What exists today
AgentJob with TRIAGE_INBOX / RUN_MISSION / RUN_SCHEDULE / RESUME_AFTER_APPROVAL types, retries, optimistic-lock pickup.
Gap / next step
Worker process
SHIPPED
What exists today
scripts/worker.ts: serial ticks, graceful SIGINT/SIGTERM, structured JSON logs. `npm run worker` for Railway.
Gap / next step
Natural-language cron
SHIPPED
What exists today
/schedules has a Hermes-backed parser for phrases like every weekday at 9am London time and first day of every month at 10am, then shows editable structured fields before save.
Gap / next step
Limited to the existing ONCE / DAILY / WEEKDAYS / WEEKLY / MONTHLY schedule schema.

Agents + delegation

5 features
Crew templates
SHIPPED
What exists today
Three built-in crews (Bug Hunter, Paper Trading Desk, Life Admin), 18 specialist subagents total, each with system prompts and Zod output schemas.
Gap / next step
Custom crew builder
SHIPPED
What exists today
/crews/new lets you compose ordered subagents with roles, prompts, and allowed tools. Persisted as CrewTemplate.
Gap / next step
Logical subagents
SHIPPED
What exists today
Each crew agent runs as its own AgentRunStep with its own prompt, raw response, parsed output, tools, and validation.
Gap / next step
Python RPC scripts
SHIPPED
What exists today
python_rpc routes through the same backend selector as terminal_exec. With RUNTIME_BACKEND=docker + Docker available, scripts run inside an ephemeral container (workspace ro, --network=none, --read-only root, --cap-drop=ALL). Otherwise falls back to host execution. Approval-gated, secrets stripped, static block-list, output cap.
Gap / next step
No long-lived RPC channel between agents (still single-shot). Modal backend not implemented.
Isolated subagents with separate terminals
PARTIAL
What exists today
terminal_exec tool runs server-side per agent: workspace-locked cwd, timeouts, output truncation, allow/risky/block policy, approval gating, audit + receipt rollup.
Gap / next step
Single host Node process — no per-agent container or namespace isolation. Container backends still on roadmap.

Tools + sandbox

8 features
Tool execution layer
SHIPPED
What exists today
Registry + executor with SSRF guards, per-run audit, approval-gated tools, Zod-validated I/O.
Gap / next step
Browser automation (Playwright QA)
SHIPPED
What exists today
browser_qa_audit: real Chromium crawl with screenshots, accessibility checks, console capture.
Gap / next step
Read-only. No clicks, no typing, no form submission.
Web search
PARTIAL
What exists today
web_search is wired through Tavily, Brave, or SerpAPI when a provider key exists. /media/web-search lets operators test the same tool agents call.
Gap / next step
Needs TAVILY_API_KEY, BRAVE_SEARCH_API_KEY, or SERPAPI_API_KEY. Without one, it returns a setup error instead of fake results.
Terminal tool
PARTIAL
What exists today
terminal_exec: workspace-scoped, timeout 30s (cap 120s), 8KB output cap, allow/risky/block policy, approval gating, secrets stripped from child env. Available to crews via toolsAllowed.
Gap / next step
Defense-in-depth only — runs in the host Node process. No container backend.
Docker sandbox backend
PARTIAL
What exists today
RUNTIME_BACKEND=docker spawns terminal_exec AND python_rpc inside ephemeral containers (workspace ro mount, --network=none, --read-only root, --cap-drop=ALL, no-new-privileges, CPU/memory limits, --stop-timeout). Auto-falls-back to local with `fallback:true` when `docker version` is unavailable. Receipts and trust ledger break out docker vs local counts.
Gap / next step
Active backend depends on the host. Modal/SSH/Singularity remain roadmap.
SSH sandbox backend
MISSING
What exists today
Not wired.
Gap / next step
Remote-host execution for missions that touch a target box.
Singularity backend
MISSING
What exists today
Not wired.
Gap / next step
HPC / scientific-computing sandbox. Niche but listed by Hermes Agent.
Modal backend
MISSING
What exists today
Not wired.
Gap / next step
Serverless GPU/CPU execution for heavy missions.

Channels

9 features
Web app UI
SHIPPED
What exists today
Next.js operator surface — every page is a database view.
Gap / next step
Generic inbound webhook
SHIPPED
What exists today
POST /api/integrations/webhook accepts channel/sender/text, verifies INTEGRATIONS_WEBHOOK_SECRET when configured, creates InboxItem, and queues triage.
Gap / next step
Only the generic webhook is shipped; branded Slack/Discord/Telegram bots still need platform-specific auth.
CLI
PARTIAL
What exists today
`npm run foundry -- <cmd>` ships: health · jobs run-due · jobs list · receipts list · mission create · evals (mission|tools). All commands hit the local Prisma + tool runtime — no global install needed.
Gap / next step
No global `foundry` binary on PATH; no streaming `jobs tail` / `missions watch` yet.
Discord
PARTIAL
What exists today
Inbound: POST /api/integrations/discord with optional DISCORD_WEBHOOK_SECRET HMAC creates InboxItem + queued triage. Outbound: DISCORD_WEBHOOK_URL or DISCORD_BOT_TOKEN+DISCORD_CHANNEL_ID posts approval decisions as embeds.
Gap / next step
No long-lived gateway connection — inbound is webhook-shaped, not slash-command-driven.
Slack
PARTIAL
What exists today
POST /api/integrations/slack accepts Slack slash-command POSTs (form-encoded) and JSON test calls. Verifies X-Slack-Signature (HMAC of v0:<ts>:<body>) when SLACK_SIGNING_SECRET is set. /foundry → InboxItem + queued triage + ephemeral ack.
Gap / next step
No outbound DMs for approvals yet (use Discord webhook for that today).
Email
PARTIAL
What exists today
POST /api/integrations/email accepts SendGrid Inbound Parse (form-data), Mailgun Routes (form-data), Postmark Inbound (JSON), or generic JSON. Normalizes from/to/subject/text/html, drops InboxItem, queues triage. Optional EMAIL_WEBHOOK_SECRET HMAC.
Gap / next step
Outbound SMTP for approved drafts still roadmap. Direct IMAP polling roadmap.
Telegram
MISSING
What exists today
Not wired.
Gap / next step
Inbound webhook → InboxItem; outbound notify on approval.
WhatsApp
MISSING
What exists today
Not wired.
Gap / next step
WhatsApp Business API integration.
Signal
MISSING
What exists today
Not wired.
Gap / next step
Signal-cli bridge.

Media

3 features
Vision
PARTIAL
What exists today
vision_analyze sends image URLs to a configured multimodal Hermes model via chat-completions. Test UI exists at /media/vision.
Gap / next step
Needs VISION_MODEL or HERMES_MODEL_VISION. Upload storage is not built yet; URL input is supported.
Image generation
PARTIAL
What exists today
image_generate detects FAL_KEY first (Fal queue API), then REPLICATE_API_TOKEN (Replicate predictions w/ polling), else IMAGE_API_BASE/KEY/MODEL (OpenAI-compatible). Approval-gated.
Gap / next step
No bundled provider key. Set FAL_KEY or REPLICATE_API_TOKEN to light it up.
Text-to-speech
PARTIAL
What exists today
text_to_speech detects ELEVENLABS_API_KEY first (real ElevenLabs API call), else TTS_API_BASE/KEY/MODEL (OpenAI-compatible /audio/speech). Returns base64 audio.
Gap / next step
No bundled provider key.

Governance + proof (Hermes Loop's contribution)

5 features
Approval inbox
SHIPPED
What exists today
ApprovalItem rows for EMAIL_DRAFT / TRADE_SIMULATION / REPORT_EXPORT / FOLLOW_UP / FORM_ACTION / TOOL_CALL.
Gap / next step
Workflow receipts
SHIPPED
What exists today
WorkflowReceipt with deterministic integrity hash, timeline, real cost, risk level. Markdown + JSON export.
Gap / next step
Trust ledger
SHIPPED
What exists today
Aggregate reliability across missions/crews/tools/memory/approvals; reads from receipts.
Gap / next step
Eval harness
SHIPPED
What exists today
lib/evals + scripts/run-evals.ts — real Hermes runs, real Playwright, exit code = failed cases.
Gap / next step
Audit log
SHIPPED
What exists today
Every prompt, response, tool call, schema correction, and approval is an AuditEvent row.
Gap / next step
Honesty note

The model layer only provides inference. It does not provide memory, channels, sandboxing, or any of the engine-side Hermes Agent features. Anything tagged MISSING on this board is genuinely missing in this codebase — it is not provided implicitly by the model layer.

Most valuable next engine gaps
  1. 1
    Slack / GitHub / Gmail integration

    Two-way channels: inbound triggers a mission, outbound notifies on approvals.

  2. 2
    Docker / Modal sandbox backends

    Hard per-mission isolation beyond the current policy-gated local runtime.

  3. 3
    Platform-native channel bots

    Slack slash command, Discord bot, Telegram bot, Gmail/SMTP inbox and outbound approval notices.

  4. 4
    Vision uploads + artifact storage

    Operator file upload, stored media records, and durable generated audio/image artifacts.

  5. 5
    Autonomous model escalation

    Judge-triggered retry on a stronger model when schema repair or quality checks fail.