Hermes Agent v0.7.0

The Resilience Release

168

Pull Requests

Issues Resolved

Major Features

∞

Stability Gains

NousResearch · Released April 3, 2026 · v2026.4.3

What's New?

Pluggable Architecture, Anti-Detection Browsing, and Production Hardening

🛡️ The resilience release — pluggable memory providers, credential pool rotation, Camofox anti-detection browser, inline diff previews, gateway hardening across race conditions and approval routing, and deep security fixes.

🧩 Pluggable Memory

Memory is now an extensible plugin system. Third-party backends (Honcho, vector stores, custom DBs) implement a simple provider ABC.

🔑 Credential Pools

Configure multiple API keys for the same provider with automatic rotation. Thread-safe least_used strategy distributes load.

🦊 Camofox Browser

New local browser backend using Camoufox for stealth browsing. Persistent sessions with VNC URL discovery for visual debugging.

📝 Inline Diffs

File write and patch operations now show inline diffs in the tool activity feed, giving visual confirmation of changes.

Pluggable Memory Providers

Extensible Plugin System for Custom Memory Backends

🔌 Provider Interface

ABC-based plugin system
Profile-scoped host/peer resolution
Built-in memory as default provider
Simple registration via plugin system

🎯 Honcho Integration

Full parity restored as reference plugin
Profile-scoped host and peer resolution
Memory flush state persisted
Sequential execution path routing

💡 Use Case: Integrate vector stores, custom databases, or third-party memory services without touching core code.

Same-Provider Credential Pools

Automatic Load Distribution and Failover

∞

Keys Per Provider

Auto

Rotation Strategy

401

Failover Trigger

⚖️ Load Distribution

Thread-safe least_used strategy distributes requests across keys. Pool state survives fallback provider switches.

🔄 Automatic Failover

401 failures trigger automatic rotation to the next credential. Per-turn primary runtime restoration after fallback.

✅ Setup: Configure via setup wizard or credential_pool config. Defers eager fallback on 429 errors.

Camofox Anti-Detection Browser

Stealth Browsing with Visual Debugging

🕵️ Stealth Features

Anti-detection fingerprinting
Persistent sessions across runs
VNC URL discovery for debugging
Auto-install via hermes tools

🔧 Configuration

Configurable SSRF bypass for local backends
Skip SSRF check for Camofox/headless Chromium
browser.allow_private_urls config option
CAMOFOX_PORT=9377 in Docker

🎯 Use Case: Scraping sites with bot detection, testing web apps with realistic browser fingerprints, visual debugging of browser automation.

Gateway Hardening

Production-Ready Stability Fixes

🏁 Race Conditions

Photo media loss fixed
Flood control hardened
Stuck sessions resolved
STT config issues fixed

✅ Approval Routing

/approve and /deny route correctly
Resume agent after approval
Tool result no longer lost
Discord button-based UI

🌀 Death Spiral Fix

Compression death spiral prevented
API disconnect handling
Context pressure warnings silenced
Compressed context persisted

🛡️ Result: The gateway is substantially more reliable in production. Major stability pass across 168 PRs.

Security Hardening

Secret Exfiltration Blocking and Credential Protection

🔒 Exfiltration Blocking

Browser URLs scanned for secret patterns
LLM responses scanned for secrets
URL encoding, base64, prompt injection blocked
Execute_code sandbox output redacted

🛡️ Credential Protection

.docker, .azure, .config/gh protected
GitHub OAuth token patterns added
Path traversal rejection in credential files
Zip-slip attacks blocked in profile imports

⚠️ Critical: auth.json and .env excluded from profile exports. Telegram DoH fallback rejects private/loopback IPs.

API Server & ACP Improvements

Session Continuity and Editor Integration

🔄 Session Continuity

X-Hermes-Session-Id headers for persistent sessions
Sessions persist to shared SessionDB
Tool progress events stream in real-time
Token usage persisted for non-CLI sessions

🔌 Client-Provided MCP

Editor integrations register their own MCP servers
VS Code, Zed, JetBrains support
Editor's MCP ecosystem flows into agent
Additional agent tools from editor

🎯 Open WebUI: Full integration with tool streaming and persistent sessions across requests.

CLI & User Experience

New Commands and Interactive Improvements

⚡ New Commands

/yolo — toggle dangerous approvals
/btw — ephemeral side questions
/profile — show active profile

📊 TUI Improvements

Inline diff previews in tool feed
TUI pinned to bottom on startup
Cache tokens shown in /insights
Dragged file paths detected

🎨 Accessibility

NO_COLOR env var respected
TERM=dumb support
Voice mode in WSL with PulseAudio
Zero exit code on quiet mode success

Platform Updates

Discord, Telegram, Slack, WhatsApp, Matrix

Platform	New Feature	Status
Discord	Button-based approval UI with /approve and /deny slash commands	✓ Live
Telegram	32-char command limit, 50 command cap, priority order enforced	✓ Live
Slack	reply_in_thread config option for threaded responses	✓ Live
WhatsApp	Enforce require_mention in group chats	✓ Live
Matrix	E2EE decryption hardening, auto-trust devices, retry buffered events	✓ Live

🎯 Gateway: Skill-aware slash commands dynamically registered from installed skills with paginated /commands list.

Model & Provider Support

New Models and Provider Improvements

🆕 New Models

Claude Sonnet 4.6 (OpenRouter, Nous)
Qwen 3.6 Plus Preview
MiniMax M2.7
GPT-5 and Codex (developer role)

🔧 Provider Fixes

Anthropic long-context tier 429 handling
URL-based auth for third-party Anthropic endpoints
Fireworks context length detection
Alibaba DashScope international endpoint

⚙️ Config: config.yaml is now single source of truth for endpoint URLs. Auto-detect models from server probe in custom endpoint setup.

Tool System Updates

File Operations, Browser, MCP, Skills

📝 File Operations

Inline diff previews on write/patch
Stale file detection warns on external edits
Size guard, dedup, device blocking on read
Staleness timestamp refreshed after writes

🔧 MCP Stability

Reload timeout fixes
Shutdown cleanup improved
Event loop handler hardened
OAuth non-blocking

🎯 Skills: research-paper-writing (full pipeline), ascii-video (text readability), youtube-transcript (v1.x update).

Notable Bug Fixes

46 Issues Resolved from Community

Gateway approval blocked agent thread (#4542)
Compression death spiral from API disconnects (#2153)
Anthropic thinking blocks lost across tool-use turns
Profile model config ignored with -p flag (#4486)
CLI blank space between response and input (#4398)
Dragged file paths treated as slash commands
Orphaned tags leaking into user-facing responses (#4285)
OpenAI SDK is_closed false positive (#4377)
MCP OAuth server blocking Hermes startup (#4462)
MCP event loop closed on shutdown (#2537)
Alibaba provider hardcoded to wrong endpoint (#3912)
Slack reply_in_thread missing config option (#2662)
Quiet mode exit code nonzero on success (#4601)
Mobile sidebar backdrop-filter issue in docs

Contributors

Community-Driven Development

135

Core Commits (teknium1)

40+

Community Contributors

168

Total Pull Requests

🏆 Top Contributors

kshitijk4poor — 13 commits (preserve allowed_users)
erosika — 12 commits (Honcho integration)
pefontana — 9 commits (Telegram E2E tests)
bcross — 5 commits (Docker optimization)
SHL0MS — 4 commits (accessibility, skills)

🎯 Issue Reporters

hypotyposis (#2153 — compression death spiral)
Mark-Lok (#4542 — approval routing)
kazamak (#4178 — matrix install failures)
patp (#2662 — Slack threading)
devorun (#4601 — quiet mode exit code)

What's Next?

Roadmap and Future Improvements

🔮 Upcoming Features

More memory provider plugins
Enhanced browser automation
Additional platform integrations
Performance optimizations

🎯 Focus Areas

Continued stability improvements
Security hardening
Developer experience
Community-driven features

🚀 Get Started: hermes update to upgrade to v0.7.0 · Full changelog at github.com/NousResearch/hermes-agent