Fix Docker backend on macOS and subagent auth for Nous Portal#46
Merged
Conversation
Three issues prevented the Docker terminal backend from working: 1. `effective_image` was referenced but never defined — only the Modal backend sets this variable. Use `image` directly instead. 2. `--storage-opt size=N` is unsupported on Docker Desktop for Mac (requires overlay2 with xfs backing). Skip the flag on Darwin. 3. Docker requires absolute paths for `-w` (working directory) but the default cwd was `~`, which Docker does not expand. Default to `/root` and translate any `~` passed in from callers. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
When using Nous Portal (or any non-OpenRouter provider), child agents spawned by delegate_task failed with "No pricing available" or "Unknown model" errors because they had no valid API key. The delegate tool passed base_url but not api_key to child AIAgent instances. Without an explicit key, children fell back to the empty OPENROUTER_API_KEY env var, causing auth failures. Extract the parent's API key from _client_kwargs and pass it through. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
… context files The security scanner (skills_guard.py) was only wired into the hub install path. All other write paths to persistent state — skills created by the agent, memory entries, cron prompts, and context files — bypassed it entirely. This closes those gaps: - file_operations: deny-list blocks writes to ~/.ssh, ~/.aws, ~/.hermes/.env, etc. - code_execution_tool: filter secret env vars from sandbox child process - skill_manager_tool: wire scan_skill() into create/edit/patch/write_file with rollback - skills_guard: add "agent-created" trust level (same policy as community) - memory_tool: scan content for injection/exfil before system prompt injection - prompt_builder: scan AGENTS.md, .cursorrules, SOUL.md for prompt injection - cronjob_tools: scan cron prompts for critical threats before scheduling Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Contributor
|
LGTM |
sudo-yf
pushed a commit
to sudo-yf/hermes-agent
that referenced
this pull request
Apr 5, 2026
…efault-home fix: Profile system polish — 10 post-Sprint-23 fixes (v0.26)
malaiwah
pushed a commit
to malaiwah/hermes-agent
that referenced
this pull request
Apr 5, 2026
Previous run NousResearch#46 failed due to transient network issue. This is a no-op commit to re-trigger the build pipeline. Related: feat: Add gnupg package for GPG email signing
malaiwah
pushed a commit
to malaiwah/hermes-agent
that referenced
this pull request
Apr 11, 2026
Previous run NousResearch#46 failed due to transient network issue. This is a no-op commit to re-trigger the build pipeline. Related: feat: Add gnupg package for GPG email signing
kshitijk4poor
added a commit
that referenced
this pull request
Apr 21, 2026
…metry references Add 6 new reference files with generic reusable patterns: - glsl.md: uniforms, built-in functions, shader templates, Bayer dither - postfx.md: bloom, CRT scanlines, chromatic aberration, feedback glow - layout-compositor.md: layoutTOP, overTOP grids, panel dividers - operator-tips.md: wireframe rendering, feedback TOP setup - geometry-comp.md: instancing, POP vs SOP rendering, shape morphing - audio-reactive.md: band extraction (audiofilterCHOP), beat detection, MIDI Expand SKILL.md with: - TD 2025 API quirks (connection syntax, GLSL TOP rules, expression gotchas) - Trimmed param name table (8 known LLM traps, defers to td_get_par_info) - Slider-to-shader wiring (td_execute_python + ParMode.EXPRESSION) - Frame capture with run()/delayFrames (TOP.save() timing fix) - TD 099 POP vs SOP rendering rules - Incremental build strategy for large scripts - Remote TD setup (PC over Ethernet) - Audio synthesis via CHOPs (LFO-driven envelope pattern) Expand pitfalls.md (#46-63): - Connection syntax, moviefileoutTOP bug, batch frame capture - TOP.save() time advancement, feedback masking, incremental builds - MCP reconnection after project.load(), TOX reverse-engineering - sliderCOMP naming, create() suffix requirement - COMP reparenting (copyOPs), expressionCHOP crash All content is generic — no session-specific paths, hardware, aesthetics, or param-name-only entries (those belong in td_get_par_info). Bumps version 1.0.0 → 2.0.0.
teknium1
pushed a commit
that referenced
this pull request
Apr 27, 2026
…metry references (#13664) Add 6 new reference files with generic reusable patterns: - glsl.md: uniforms, built-in functions, shader templates, Bayer dither - postfx.md: bloom, CRT scanlines, chromatic aberration, feedback glow - layout-compositor.md: layoutTOP, overTOP grids, panel dividers - operator-tips.md: wireframe rendering, feedback TOP setup - geometry-comp.md: instancing, POP vs SOP rendering, shape morphing - audio-reactive.md: band extraction (audiofilterCHOP), beat detection, MIDI Expand pitfalls.md (#46-63): - Connection syntax, moviefileoutTOP bug, batch frame capture - TOP.save() time advancement, feedback masking, incremental builds - MCP reconnection after project.load(), TOX reverse-engineering - sliderCOMP naming, create() suffix requirement - COMP reparenting (copyOPs), expressionCHOP crash - Strip session-specific names in earlier pitfalls (promo_ -> my_) - Audio device CHOP at FPS=0: active=False is the fix, not volume=0 All content is generic — no session-specific paths, hardware, aesthetics, or param-name-only entries (those belong in td_get_par_info). Bumps version 1.0.0 -> 1.1.0. Salvaged from @kshitijk4poor's original PR #13664; dropped setup.sh and troubleshooting.md changes that reverted subsequent HERMES_HOME and pgrep fixes already on main, and preserved original author frontmatter.
angelburgosrosado
pushed a commit
to angelburgosrosado/hermes-agent
that referenced
this pull request
Apr 27, 2026
Fix Docker backend on macOS and subagent auth for Nous Portal
cluricaun28
referenced
this pull request
in cluricaun28/Logos
Apr 28, 2026
…metry references (#13664) Add 6 new reference files with generic reusable patterns: - glsl.md: uniforms, built-in functions, shader templates, Bayer dither - postfx.md: bloom, CRT scanlines, chromatic aberration, feedback glow - layout-compositor.md: layoutTOP, overTOP grids, panel dividers - operator-tips.md: wireframe rendering, feedback TOP setup - geometry-comp.md: instancing, POP vs SOP rendering, shape morphing - audio-reactive.md: band extraction (audiofilterCHOP), beat detection, MIDI Expand pitfalls.md (#46-63): - Connection syntax, moviefileoutTOP bug, batch frame capture - TOP.save() time advancement, feedback masking, incremental builds - MCP reconnection after project.load(), TOX reverse-engineering - sliderCOMP naming, create() suffix requirement - COMP reparenting (copyOPs), expressionCHOP crash - Strip session-specific names in earlier pitfalls (promo_ -> my_) - Audio device CHOP at FPS=0: active=False is the fix, not volume=0 All content is generic — no session-specific paths, hardware, aesthetics, or param-name-only entries (those belong in td_get_par_info). Bumps version 1.0.0 -> 1.1.0. Salvaged from @kshitijk4poor's original PR #13664; dropped setup.sh and troubleshooting.md changes that reverted subsequent HERMES_HOME and pgrep fixes already on main, and preserved original author frontmatter.
ulasbilgen
pushed a commit
to ulasbilgen/hermes-adhd-agent
that referenced
this pull request
May 1, 2026
…metry references (NousResearch#13664) Add 6 new reference files with generic reusable patterns: - glsl.md: uniforms, built-in functions, shader templates, Bayer dither - postfx.md: bloom, CRT scanlines, chromatic aberration, feedback glow - layout-compositor.md: layoutTOP, overTOP grids, panel dividers - operator-tips.md: wireframe rendering, feedback TOP setup - geometry-comp.md: instancing, POP vs SOP rendering, shape morphing - audio-reactive.md: band extraction (audiofilterCHOP), beat detection, MIDI Expand pitfalls.md (NousResearch#46-63): - Connection syntax, moviefileoutTOP bug, batch frame capture - TOP.save() time advancement, feedback masking, incremental builds - MCP reconnection after project.load(), TOX reverse-engineering - sliderCOMP naming, create() suffix requirement - COMP reparenting (copyOPs), expressionCHOP crash - Strip session-specific names in earlier pitfalls (promo_ -> my_) - Audio device CHOP at FPS=0: active=False is the fix, not volume=0 All content is generic — no session-specific paths, hardware, aesthetics, or param-name-only entries (those belong in td_get_par_info). Bumps version 1.0.0 -> 1.1.0. Salvaged from @kshitijk4poor's original PR NousResearch#13664; dropped setup.sh and troubleshooting.md changes that reverted subsequent HERMES_HOME and pgrep fixes already on main, and preserved original author frontmatter.
donald131
pushed a commit
to donald131/hermes-agent
that referenced
this pull request
May 2, 2026
…metry references (NousResearch#13664) Add 6 new reference files with generic reusable patterns: - glsl.md: uniforms, built-in functions, shader templates, Bayer dither - postfx.md: bloom, CRT scanlines, chromatic aberration, feedback glow - layout-compositor.md: layoutTOP, overTOP grids, panel dividers - operator-tips.md: wireframe rendering, feedback TOP setup - geometry-comp.md: instancing, POP vs SOP rendering, shape morphing - audio-reactive.md: band extraction (audiofilterCHOP), beat detection, MIDI Expand pitfalls.md (NousResearch#46-63): - Connection syntax, moviefileoutTOP bug, batch frame capture - TOP.save() time advancement, feedback masking, incremental builds - MCP reconnection after project.load(), TOX reverse-engineering - sliderCOMP naming, create() suffix requirement - COMP reparenting (copyOPs), expressionCHOP crash - Strip session-specific names in earlier pitfalls (promo_ -> my_) - Audio device CHOP at FPS=0: active=False is the fix, not volume=0 All content is generic — no session-specific paths, hardware, aesthetics, or param-name-only entries (those belong in td_get_par_info). Bumps version 1.0.0 -> 1.1.0. Salvaged from @kshitijk4poor's original PR NousResearch#13664; dropped setup.sh and troubleshooting.md changes that reverted subsequent HERMES_HOME and pgrep fixes already on main, and preserved original author frontmatter.
02356abc
pushed a commit
to 02356abc/hermes-agent
that referenced
this pull request
May 14, 2026
…metry references (NousResearch#13664) Add 6 new reference files with generic reusable patterns: - glsl.md: uniforms, built-in functions, shader templates, Bayer dither - postfx.md: bloom, CRT scanlines, chromatic aberration, feedback glow - layout-compositor.md: layoutTOP, overTOP grids, panel dividers - operator-tips.md: wireframe rendering, feedback TOP setup - geometry-comp.md: instancing, POP vs SOP rendering, shape morphing - audio-reactive.md: band extraction (audiofilterCHOP), beat detection, MIDI Expand pitfalls.md (NousResearch#46-63): - Connection syntax, moviefileoutTOP bug, batch frame capture - TOP.save() time advancement, feedback masking, incremental builds - MCP reconnection after project.load(), TOX reverse-engineering - sliderCOMP naming, create() suffix requirement - COMP reparenting (copyOPs), expressionCHOP crash - Strip session-specific names in earlier pitfalls (promo_ -> my_) - Audio device CHOP at FPS=0: active=False is the fix, not volume=0 All content is generic — no session-specific paths, hardware, aesthetics, or param-name-only entries (those belong in td_get_par_info). Bumps version 1.0.0 -> 1.1.0. Salvaged from @kshitijk4poor's original PR NousResearch#13664; dropped setup.sh and troubleshooting.md changes that reverted subsequent HERMES_HOME and pgrep fixes already on main, and preserved original author frontmatter.
olympus-terminal
pushed a commit
to olympus-terminal/hermes-agent
that referenced
this pull request
May 16, 2026
Fix Docker backend on macOS and subagent auth for Nous Portal
dannyJ848
pushed a commit
to dannyJ848/hermes-agent
that referenced
this pull request
May 17, 2026
…metry references (NousResearch#13664) Add 6 new reference files with generic reusable patterns: - glsl.md: uniforms, built-in functions, shader templates, Bayer dither - postfx.md: bloom, CRT scanlines, chromatic aberration, feedback glow - layout-compositor.md: layoutTOP, overTOP grids, panel dividers - operator-tips.md: wireframe rendering, feedback TOP setup - geometry-comp.md: instancing, POP vs SOP rendering, shape morphing - audio-reactive.md: band extraction (audiofilterCHOP), beat detection, MIDI Expand pitfalls.md (NousResearch#46-63): - Connection syntax, moviefileoutTOP bug, batch frame capture - TOP.save() time advancement, feedback masking, incremental builds - MCP reconnection after project.load(), TOX reverse-engineering - sliderCOMP naming, create() suffix requirement - COMP reparenting (copyOPs), expressionCHOP crash - Strip session-specific names in earlier pitfalls (promo_ -> my_) - Audio device CHOP at FPS=0: active=False is the fix, not volume=0 All content is generic — no session-specific paths, hardware, aesthetics, or param-name-only entries (those belong in td_get_par_info). Bumps version 1.0.0 -> 1.1.0. Salvaged from @kshitijk4poor's original PR NousResearch#13664; dropped setup.sh and troubleshooting.md changes that reverted subsequent HERMES_HOME and pgrep fixes already on main, and preserved original author frontmatter.
3 tasks
gweeteve
pushed a commit
to gweeteve/hermes-agent
that referenced
this pull request
Jun 2, 2026
…metry references (NousResearch#13664) Add 6 new reference files with generic reusable patterns: - glsl.md: uniforms, built-in functions, shader templates, Bayer dither - postfx.md: bloom, CRT scanlines, chromatic aberration, feedback glow - layout-compositor.md: layoutTOP, overTOP grids, panel dividers - operator-tips.md: wireframe rendering, feedback TOP setup - geometry-comp.md: instancing, POP vs SOP rendering, shape morphing - audio-reactive.md: band extraction (audiofilterCHOP), beat detection, MIDI Expand pitfalls.md (NousResearch#46-63): - Connection syntax, moviefileoutTOP bug, batch frame capture - TOP.save() time advancement, feedback masking, incremental builds - MCP reconnection after project.load(), TOX reverse-engineering - sliderCOMP naming, create() suffix requirement - COMP reparenting (copyOPs), expressionCHOP crash - Strip session-specific names in earlier pitfalls (promo_ -> my_) - Audio device CHOP at FPS=0: active=False is the fix, not volume=0 All content is generic — no session-specific paths, hardware, aesthetics, or param-name-only entries (those belong in td_get_par_info). Bumps version 1.0.0 -> 1.1.0. Salvaged from @kshitijk4poor's original PR NousResearch#13664; dropped setup.sh and troubleshooting.md changes that reverted subsequent HERMES_HOME and pgrep fixes already on main, and preserved original author frontmatter.
Egavasyug
pushed a commit
to Egavasyug/hermes-agent
that referenced
this pull request
Jun 10, 2026
Fix Docker backend on macOS and subagent auth for Nous Portal
Egavasyug
pushed a commit
to Egavasyug/hermes-agent
that referenced
this pull request
Jun 10, 2026
…metry references (NousResearch#13664) Add 6 new reference files with generic reusable patterns: - glsl.md: uniforms, built-in functions, shader templates, Bayer dither - postfx.md: bloom, CRT scanlines, chromatic aberration, feedback glow - layout-compositor.md: layoutTOP, overTOP grids, panel dividers - operator-tips.md: wireframe rendering, feedback TOP setup - geometry-comp.md: instancing, POP vs SOP rendering, shape morphing - audio-reactive.md: band extraction (audiofilterCHOP), beat detection, MIDI Expand pitfalls.md (NousResearch#46-63): - Connection syntax, moviefileoutTOP bug, batch frame capture - TOP.save() time advancement, feedback masking, incremental builds - MCP reconnection after project.load(), TOX reverse-engineering - sliderCOMP naming, create() suffix requirement - COMP reparenting (copyOPs), expressionCHOP crash - Strip session-specific names in earlier pitfalls (promo_ -> my_) - Audio device CHOP at FPS=0: active=False is the fix, not volume=0 All content is generic — no session-specific paths, hardware, aesthetics, or param-name-only entries (those belong in td_get_par_info). Bumps version 1.0.0 -> 1.1.0. Salvaged from @kshitijk4poor's original PR NousResearch#13664; dropped setup.sh and troubleshooting.md changes that reverted subsequent HERMES_HOME and pgrep fixes already on main, and preserved original author frontmatter.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Docker backend fixes (macOS)
effective_imagevariable in Docker backend — only the Modal backend defines this; useimagedirectly--storage-opt size=Non macOS — Docker Desktop doesn't support this flag (requires overlay2 with xfs backing)~— Docker requires absolute paths for-w; default to/rootand translate~from callersSubagent auth fix (Nous Portal)
delegate_task— without this, subagents fall back to the emptyOPENROUTER_API_KEYenv var when using Nous Portal, causing "No pricing available" / "Unknown model" errors on every delegationTest plan
hermeswithterminal.backend: dockerworks on macOS (Docker Desktop)--storage-optis supported)🤖 Generated with Claude Code