Agent session HOME points to wrong path — tools look in hermes profile instead of user's actual home

[aoife-brennan-bf]

Agent session HOME points to wrong path — tools look in hermes profile instead of user's actual home

Problem

When Hermes Agent starts a session, the HOME environment variable is set to the hermes profile directory (e.g. ~/.hermes/profiles/<profile>/home). Many tools and CLIs resolve ~ to $HOME at runtime, causing them to look for user credentials, configs, and state in the wrong directory.

This results in:

• Azure CLI: ~/.azure/ is empty in the session, real credentials at ~/.azure/ are ignored. Every az command fails with "run az login" even when the user is authenticated in their normal shell.
• Git credentials: ~/.gitconfig and SSH keys at ~/.ssh/ are invisible to git operations running in the session.
• Python packages: Installed to the wrong site-packages path.
• npm/node: Global packages installed in the wrong node_modules location.
• Any tool that stores state under ~: Looks in the hermes profile instead of the user's actual home.

Concrete example

What	Session sees (wrong)	User's actual home (correct)
HOME	~/.hermes/profiles/<profile>/home	/Users/<user>/
Azure credentials	~/.hermes/profiles/<profile>/home/.azure/	/Users/<user>/.azure/
Git config	~/.hermes/profiles/<profile>/home/.gitconfig	/Users/<user>/.gitconfig
SSH keys	~/.hermes/profiles/<profile>/home/.ssh/	/Users/<user>/.ssh/

Root cause

The session's HOME is the hermes profile dir. The user's actual home is not available as $HOME or any other env var — it must be hardcoded as an absolute path. This breaks the standard pattern of ~/.configfile which most CLI tools use.

Impact

• Every CLI tool that stores user credentials or config under ~ needs special handling.
• The agent repeatedly forgets this and tries to use ~/.azure/ etc, finds empty files, and reports "not logged in" even when the user is authenticated.
• The user has to repeat authentication in every new session because the tokens aren't written to the session's HOME.

Proposed solutions

Option A: Symlink the session HOME to the real home

Create ~/.hermes/profiles/<profile>/home as a symlink to the user's real home directory.

Pros: Zero changes to tool invocations. Everything just works.
Cons: May expose the user's full home directory tree to the agent's working environment.

Option B: Set an explicit env var for the real home

Set REAL_HOME=<actual-user-home> in the session environment.

Pros: Clear separation.
Cons: Requires the agent to remember to use ${REAL_HOME} instead of ~. Easy to forget.

Option C: Override HOME via environment in tool wrappers

Pass HOME=<actual-user-home> when spawning tools, while keeping the agent's own HOME at the profile dir.

Pros: Tool behavior corrects without changing agent behavior.
Cons: Agent itself still uses wrong home internally.

Recommendation

Option A (symlink) — simplest and most correct.

Notes

• This issue has appeared in multiple contexts: Azure CLI auth, git credentials, npm global packages, and Python tooling.
• The user has confirmed this is a recurring pattern of confusion in sessions.
• The fix should be implemented at the session/environment bootstrap level, not per-tool.

[alt-glitch]

Likely duplicate of #25114 — same root cause: HOME env set to profile-relative path inside Hermes profile sessions, breaking Path.home() and all HOME-dependent tooling. #25114 notes it's in the same cluster as #18060 and #18594. See also PR #25151 (HERMES_REAL_HOME fix).

[thinkyhead]

This is a massive, massive problem. #29015 is another one.

Many issues are caused by Hermes abusing the sacred $HOME environment variable. This is a major blocker for effectively all users of shells on all operating systems. I just discovered this problem exists, and in spite of being gung-ho for Hermes I simply cannot trust it to work properly if it is going to be messing with $HOME in the background.