feat: secure skill env setup on load (core #688)#723
Closed
kshitijk4poor wants to merge 6 commits into
Closed
Conversation
…dependencies Skills can now declare runtime prerequisites (env vars, CLI binaries) via YAML frontmatter. Skills with unmet prerequisites are excluded from the system prompt so the agent never claims capabilities it can't deliver, and skill_view() warns the agent about what's missing. Three layers of defense: - build_skills_system_prompt() filters out unavailable skills - _find_all_skills() flags unmet prerequisites in metadata - skill_view() returns prerequisites_warning with actionable details Tagged 12 bundled skills that have hard runtime dependencies: gif-search (TENOR_API_KEY), notion (NOTION_API_KEY), himalaya, imessage, apple-notes, apple-reminders, openhue, duckduckgo-search, codebase-inspection, blogwatcher, songsee, mcporter. Closes NousResearch#658 Fixes NousResearch#630
…ills This update introduces a new `required_environment_variables` field in skill frontmatter, allowing skills to declare necessary environment variables for secure setup. Skills with missing required variables remain discoverable and trigger a secure prompt during loading, enabling users to input secrets without exposing them to the model. The implementation ensures that platform compatibility is the only hard gating rule for skill visibility. Changes include: - Updated `AGENTS.md`, `CONTRIBUTING.md`, and `cli.py` to reflect new setup requirements. - Modified `tools/skills_tool.py` and `agent/prompt_builder.py` to handle the new metadata and maintain backward compatibility with legacy prerequisites. - Added tests to verify the behavior of skills with missing environment variables and their handling during skill loading. Closes #XXX (replace with relevant issue number if applicable).
Drop the implementation plan document from this branch so the PR only carries the actual feature changes. Made-with: Cursor
Resolved conflicts in: - agent/prompt_builder.py: keep _parse_skill_file (replaces old helpers) - cli.py: merge secret capture state + spinner_text field, keep secret methods - hermes_cli/config.py: keep both re+stat imports, merge save_env_value_secure + stat permissions - tests/hermes_cli/test_config.py: keep both TestSaveEnvValueSecure and TestSaveConfigAtomicity - tools/skills_tool.py: use specific exception handling with debug logging
teknium1
pushed a commit
that referenced
this pull request
Mar 13, 2026
When a skill declares required_environment_variables in its YAML frontmatter, missing env vars trigger a secure TUI prompt (identical to the sudo password widget) when the skill is loaded. Secrets flow directly to ~/.hermes/.env, never entering LLM context. Key changes: - New required_environment_variables frontmatter field for skills - Secure TUI widget (masked input, 120s timeout) - Gateway safety: messaging platforms show local setup guidance - Legacy prerequisites.env_vars normalized into new format - Remote backend handling: conservative setup_needed=True - Env var name validation, file permissions hardened to 0o600 - Redact patterns extended for secret-related JSON fields - 12 existing skills updated with prerequisites declarations - ~48 new tests covering skip, timeout, gateway, remote backends - Dynamic panel widget sizing (fixes hardcoded width from original PR) Cherry-picked from PR #723 by kshitijk4poor, rebased onto current main with conflict resolution. Fixes #688 Co-authored-by: kshitijk4poor <kshitijk4poor@users.noreply.github.com>
Contributor
|
Merged via PR #1153. Your commits were cherry-picked with authorship preserved and rebased onto current main (264 commits ahead, 7 conflicts resolved). Thank you for the excellent implementation — the secure skill env setup feature is now live! 🎉 Minor improvement made on top: the secret display widget now uses dynamic panel sizing ( |
angelburgosrosado
pushed a commit
to angelburgosrosado/hermes-agent
that referenced
this pull request
Apr 27, 2026
When a skill declares required_environment_variables in its YAML frontmatter, missing env vars trigger a secure TUI prompt (identical to the sudo password widget) when the skill is loaded. Secrets flow directly to ~/.hermes/.env, never entering LLM context. Key changes: - New required_environment_variables frontmatter field for skills - Secure TUI widget (masked input, 120s timeout) - Gateway safety: messaging platforms show local setup guidance - Legacy prerequisites.env_vars normalized into new format - Remote backend handling: conservative setup_needed=True - Env var name validation, file permissions hardened to 0o600 - Redact patterns extended for secret-related JSON fields - 12 existing skills updated with prerequisites declarations - ~48 new tests covering skip, timeout, gateway, remote backends - Dynamic panel widget sizing (fixes hardcoded width from original PR) Cherry-picked from PR NousResearch#723 by kshitijk4poor, rebased onto current main with conflict resolution. Fixes NousResearch#688 Co-authored-by: kshitijk4poor <kshitijk4poor@users.noreply.github.com>
02356abc
pushed a commit
to 02356abc/hermes-agent
that referenced
this pull request
May 14, 2026
When a skill declares required_environment_variables in its YAML frontmatter, missing env vars trigger a secure TUI prompt (identical to the sudo password widget) when the skill is loaded. Secrets flow directly to ~/.hermes/.env, never entering LLM context. Key changes: - New required_environment_variables frontmatter field for skills - Secure TUI widget (masked input, 120s timeout) - Gateway safety: messaging platforms show local setup guidance - Legacy prerequisites.env_vars normalized into new format - Remote backend handling: conservative setup_needed=True - Env var name validation, file permissions hardened to 0o600 - Redact patterns extended for secret-related JSON fields - 12 existing skills updated with prerequisites declarations - ~48 new tests covering skip, timeout, gateway, remote backends - Dynamic panel widget sizing (fixes hardcoded width from original PR) Cherry-picked from PR NousResearch#723 by kshitijk4poor, rebased onto current main with conflict resolution. Fixes NousResearch#688 Co-authored-by: kshitijk4poor <kshitijk4poor@users.noreply.github.com>
olympus-terminal
pushed a commit
to olympus-terminal/hermes-agent
that referenced
this pull request
May 16, 2026
When a skill declares required_environment_variables in its YAML frontmatter, missing env vars trigger a secure TUI prompt (identical to the sudo password widget) when the skill is loaded. Secrets flow directly to ~/.hermes/.env, never entering LLM context. Key changes: - New required_environment_variables frontmatter field for skills - Secure TUI widget (masked input, 120s timeout) - Gateway safety: messaging platforms show local setup guidance - Legacy prerequisites.env_vars normalized into new format - Remote backend handling: conservative setup_needed=True - Env var name validation, file permissions hardened to 0o600 - Redact patterns extended for secret-related JSON fields - 12 existing skills updated with prerequisites declarations - ~48 new tests covering skip, timeout, gateway, remote backends - Dynamic panel widget sizing (fixes hardcoded width from original PR) Cherry-picked from PR NousResearch#723 by kshitijk4poor, rebased onto current main with conflict resolution. Fixes NousResearch#688 Co-authored-by: kshitijk4poor <kshitijk4poor@users.noreply.github.com>
Egavasyug
pushed a commit
to Egavasyug/hermes-agent
that referenced
this pull request
Jun 10, 2026
When a skill declares required_environment_variables in its YAML frontmatter, missing env vars trigger a secure TUI prompt (identical to the sudo password widget) when the skill is loaded. Secrets flow directly to ~/.hermes/.env, never entering LLM context. Key changes: - New required_environment_variables frontmatter field for skills - Secure TUI widget (masked input, 120s timeout) - Gateway safety: messaging platforms show local setup guidance - Legacy prerequisites.env_vars normalized into new format - Remote backend handling: conservative setup_needed=True - Env var name validation, file permissions hardened to 0o600 - Redact patterns extended for secret-related JSON fields - 12 existing skills updated with prerequisites declarations - ~48 new tests covering skip, timeout, gateway, remote backends - Dynamic panel widget sizing (fixes hardcoded width from original PR) Cherry-picked from PR NousResearch#723 by kshitijk4poor, rebased onto current main with conflict resolution. Fixes NousResearch#688 Co-authored-by: kshitijk4poor <kshitijk4poor@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
required_environment_variables+ secure setup-on-load via CLI callbackshermes setupguidance) and remote-backend safety (setup_neededremains true when requirements are only local)Follow-up PR
feat/skill-prerequisites-followupTest plan
python -m pytest tests/tools/test_skills_tool.py tests/agent/test_skill_commands.py tests/test_cli_secret_capture.py tests/agent/test_prompt_builder.py -qpython -m pytest tests/hermes_cli/test_config.py tests/test_run_agent.py tests/tools/test_registry.py -qpython -m pytest tests/ -qAll commands pass on this branch.