Use layered safeguards before giving Hermes Agent shell access

An with shell access may eventually attempt a command that is difficult or impossible to undo. Examples include deleting a home folder, erasing local work history, changes, or deleting a database table. Public reports have described Claude Code and other agents removing home directories or gigabytes of files without confirmation.

A warning inside AGENTS.md or another instruction file cannot physically stop a command from running. Safety therefore needs four overlapping layers rather than one supposedly complete tool. The first layer is a placed in front of the agent's shell tool.

It checks each command and rejects dangerous ones before the shell receives them; it is fast and inexpensive, but it cannot cover every failure by itself.

Key points

  • Place a in front of the shell used by .
  • Do not rely on AGENTS.md alone to prevent destructive actions.
  • Block commands that delete files, erase local history, force-push changes, or remove .
  • Use several safeguards because no single tool catches every dangerous action.
  • Keep isolation and backups for mistakes that pass through the .
Read original