Public, reusable building blocks for Hermes Agent users: validated skills, the
validator custom /personality preset, public validation scripts, and
documented operating patterns. inventory/public-manifest.json is the source
of truth for what is published; the documentation and installer are tested
against it.
Repository: https://github.com/srinitude/hermes-toolbox/
Compatible Hermes release: hermes-agent 0.18.2 (release v2026.7.7.2).
- Skills: 3
- Plugin packages: 0
- Profile packages: 0
- Personality presets: 1
Skills under skills/:
hermes-agent/hermes-config-auditshermes-agent/honcho-memory-providerresearch/first-party-integration-audits
Personality presets under primitives/personalities/:
validator— a validation-focused/personalityoverlay, installed as a config snippet and never activated implicitly.
Publication is fail-closed. A package is published only while its current
source passes every provenance, privacy, completeness, real-runtime, and
structural gate; a newer-but-failing candidate never replaces a
last-known-good public package. The previously published tutorial plugin
suite and tutorial profile package failed the hardened completeness gates
themselves, so they were unpublished rather than patched in place, and no
current plugin or profile candidate has passed every gate yet. Rejected
candidates stay local-only and are not named here. The --plugin and
--profile installer flags become usable again as soon as the manifest
lists packages.
The installer is manifest-driven and dry-run by default: without --apply it
prints the exact proposed destinations and writes nothing, and with no
selection it lists the installable packages and exits.
git clone https://github.com/srinitude/hermes-toolbox.git "$HOME/hermes-toolbox"
cd "$HOME/hermes-toolbox"
./scripts/install-toolbox.shInstall skills explicitly — a repeatable --skill <category/name> flag, or
--all-skills for every manifest-listed skill:
./scripts/install-toolbox.sh --apply --all-skills --target "${HERMES_HOME:-$HOME/.hermes}"
./scripts/install-toolbox.sh --apply --skill hermes-agent/hermes-config-auditsInstall the validator personality preset without activating it, then use it per session:
./scripts/install-toolbox.sh --apply --personalities --target "${HERMES_HOME:-$HOME/.hermes}"/personality validator
Activation is a separate, explicit step. --activate-validator (which
implies --personalities) also persists the overlay as the active default:
./scripts/install-toolbox.sh --apply --personalities --activate-validator --target "${HERMES_HOME:-$HOME/.hermes}"--plugin <name> and --profile <name> are repeatable flags that accept only
manifest-listed packages; profiles install through the real
hermes profile install. Both inventories are currently empty, so the
installer rejects any plugin or profile selection. There is no broad
plugin flag and no enable-everything step.
See docs/install.md for the full flag reference.
Give this prompt to a Hermes Agent instance to install the toolbox for you:
Install the public Hermes Toolbox from https://github.com/srinitude/hermes-toolbox/
into `${HERMES_HOME:-$HOME/.hermes}` unless I name a different target.
1. Clone or update the repository under `$HOME/hermes-toolbox`.
2. Run `python3 scripts/validate-public-safety.py`,
`python3 scripts/validate-identity-neutrality.py`, and
`python3 scripts/validate-package-completeness.py`; stop on any failure.
3. Run `./scripts/install-toolbox.sh --apply --all-skills --personalities
--target "${HERMES_HOME:-$HOME/.hermes}"`. Do not pass any plugin or
profile selection unless `inventory/public-manifest.json` lists packages,
and do not activate the validator personality unless I ask.
4. Prove the result with `hermes skills list --source local` and
`hermes config check`; report commands run and any blockers.
Never read or copy credentials, memories, sessions, logs, caches, state
databases, pairing state, or runtime files.- Start each session with
/personality validator. - Use
/hermes-config-auditsfor public-safe Hermes configuration audits. - Use
/honcho-memory-providerfor current Honcho memory-provider guidance. - Use
/first-party-integration-auditswhen integration claims need first-party verification. - Validate every result against explicit source-of-truth checks before handoff.
- Candidates are selected only through explicit, repeatable exporter flags or
local untracked allowlists under
.git/info/; there is no default sweep. - Exports are transactional per package: a candidate is staged, sanitized, and fully validated before it atomically replaces its destination, so a failing candidate leaves the current public package byte-for-byte unchanged.
- The publisher fails closed on a dirty checkout, stages only accepted paths, and exits silently with no output when there is nothing to publish.
Before publishing or installing from a checkout, run the full packet:
PYTHONDONTWRITEBYTECODE=1 python3 -m unittest discover -s tests -v
python3 scripts/validate-public-safety.py
python3 scripts/validate-identity-neutrality.py
python3 scripts/validate-package-completeness.py
python3 scripts/validate-tutorial-suite.py
python3 scripts/verify-python-structure.py scripts tests plugins
bash -n scripts/install-toolbox.sh scripts/publish-public-candidates.shThis repository is intentionally public. It must not contain credentials, raw memory, sessions, logs, state databases, private profile content, private plugin state, runtime caches, pairing data, or user-specific paths. Profile and plugin packages are shareable only after sanitization, completeness, and manifest checks.
See:
docs/install.mddocs/recommended-hermes-workflow.mddocs/public-safety-policy.mddocs/identity-neutrality.mddocs/deterministic-workflow-primitives.mddocs/publishing-criteria.mddocs/customization-inventory.md