PROMPT CLOAK/DOCS/SETUP HERMES

Connect Your Hermes Agent

Chat with your Hermes Agent from your iPhone or iPad (a Mac version of PromptCloak is coming soon). Messages go directly from your device to your server — no Telegram, Discord, or third-party messaging platform in the path.

VIEW SOURCE ON GITHUB →

WHY AGENTZERO FOR HERMES?

01Zero intermediaries. Messages route directly from your device to your Hermes server. No Telegram, Discord, or Slack in the data path.
02No account required. PromptCloak uses anonymous cryptographic identity. No email, no phone number, no username.
03PII scrubbing. Enable Strict Mode to automatically scrub personal names, organizations, and places before they leave your device.
04Native experience. Rich markdown, SSE streaming, conversation management — purpose-built for AI chat, not shoehorned into a messaging app.

Step-by-Step Guide

Install Hermes Agent

If you haven't already, install Hermes Agent:

curl -fsSL https://hermes-agent.nousresearch.com/install | bash

Run hermes setup to configure your provider and model. See the Hermes docs for details.

If you already have Hermes running, skip to step 2.

Clone the Bridge

The bridge wraps your Hermes Agent as an OpenAI-compatible API:

git clone https://github.com/m1insights/hermes-bridge.gitcd hermes-bridge

You can inspect the source on GitHub before running it — straightforward Python, MIT licensed.

Install Dependencies

Install FastAPI and Uvicorn into Hermes's Python environment using uv (included with Hermes):

Basic (chat only):

uv pip install --python ~/.hermes/hermes-agent/venv/bin/python3 fastapi uvicorn

Full operator support:

uv pip install --python ~/.hermes/hermes-agent/venv/bin/python3 fastapi uvicorn httpx

Adding httpx enables the Hermes Operator features — approval inbox, memory browser, and skills list. The bridge auto-detects dependencies; if httpx is missing, it runs in basic chat mode.

The bridge must run inside Hermes's Python environment so it can import the agent directly. Using pip install won't work on modern macOS — use uv as shown above.

Start the Bridge

~/.hermes/hermes-agent/venv/bin/python3 bridge.py

The bridge will print a URL and an API token:

========================================================
  Hermes Agent Bridge
========================================================

  URL:    http://127.0.0.1:8642/v1
  Token:  <your-auto-generated-token>

  Paste these into PromptCloak > Settings > Providers
  to connect via BYOK (OpenAI-compatible).

========================================================

Keep this terminal window open while you want to use Hermes from your phone.

Enable HTTPS for Mobile (Tailscale Serve)

iOS requires HTTPS for all connections. The simplest solution is Tailscale Serve — it gives your machine a real HTTPS URL with a valid certificate.

Install Tailscale on your computer and your phone (free for personal use)
In a second terminal, run:
tailscale serve 8642
It prints a URL like https://my-mac.tail1234.ts.net — this is your Bridge URL

Works over WiFi and cellular — no port forwarding needed. Using a Mac? You can use 127.0.0.1 directly instead. Tailscale Serve is only needed for phone/tablet.

Enter Your Bridge Details

In PromptCloak, go to Settings > Providers > Hermes Agent:

Bridge URL — Paste your .ts.net hostname (e.g., my-mac.tail1234.ts.net). PromptCloak handles the rest.
Bridge Token — Paste the token printed in the terminal.

Tap “Verify & Save”. PromptCloak will test the connection.

Start Chatting

Open the model selector and choose “Hermes Agent”. Your messages now flow directly from your device to your Hermes instance — with full memory, skills, and tool support.

Device → Tailscale Serve (HTTPS) → Your Machine (hermes-bridge) → Hermes Agent

Using Hermes Operator

Hermes Operator is a mobile command center for your agent, included with PromptCloak Pro ($7.99/mo). When your Hermes Agent is about to take a risky action — run a shell command, edit a file, drive a browser, call an MCP tool — it pauses and sends an approval request to your phone. You tap Approve or Deny from the lock screen, and Hermes continues.

You also get a read-only browser for your agent's memory and skills, plus live connection status for any MCP servers Hermes is using.

REQUIREMENTS

•PromptCloak Pro subscription
•httpx installed on the bridge (see Step 3 — Full operator support)
•Hermes provider configured and verified in Settings (Steps 4–6)

If httpx is missing, the bridge still serves chat normally — operator features are simply unavailable until you install it and restart.

Opening the Operator

Once Hermes is connected, a > HERMES button appears in the PromptCloak sidebar. Tap it to open the Operator sheet. A count badge next to the button (e.g. [2]) shows pending approvals waiting for you.

The header shows live MCP server status:

•MCP: [CONNECTED] — bridge is reachable and Hermes's MCP servers are up
•MCP: [DISCONNECTED] (red) — the bridge is unreachable, or Hermes can't talk to its configured MCP servers. Regular chat still works; MCP tools won't.

Don't see the button? Complete Step 6 and tap Verify & Save — the sidebar entry only appears after a valid bridge URL and token are stored.

The Approval Inbox

The first tab is APPROVALS. Each pending request shows up as a card with:

•Risk badge — [LOW], [MEDIUM], or [HIGH] (red)
•Action type — shell command, file edit, browser action, MCP tool call, or delegation to another agent
•Reason — what Hermes wants to do and why
•Command preview — the exact command, file path, URL, or tool arguments in a monospace box
•Timeout — how long until the request expires and Hermes gives up

Choosing a scope

Before approving, pick a scope for how broadly your decision applies:

•ONCE — approve this single action only. Default and safest.
•SESSION — approve similar actions for the rest of this Hermes session
•ALWAYS — approve similar actions permanently. Use with caution.

Deny is always scoped to the single request. Pull down on the inbox to refresh manually; new approvals also stream in live over SSE while the sheet is open.

Lock-Screen Approvals (iOS / iPadOS)

The first time you open the Operator on a new device, PromptCloak asks for notification permission and registers your device with the bridge. After that, every new approval Hermes raises fires a push notification with two quick actions:

•Approve — requires Face ID / Touch ID / passcode
•Deny — requires Face ID / Touch ID / passcode

Tapping the notification body (instead of an action) deep-links into the Operator inbox so you can read the full reason and command before deciding.

Not getting notifications? Check that (1) you granted notification permission on first Operator launch, (2) httpx is installed on the bridge, and (3) the bridge is running. Even without push, approvals still appear live in the in-app inbox over SSE whenever the Operator sheet is open.

Memory & Skills Tabs

The Operator has three tabs. Beyond APPROVALS, you also get:

•MEMORY — read-only view of Hermes's MEMORY.md and USER.md. Useful for checking what your agent remembers from your phone without SSHing into the host.
•SKILLS — browse every installed Hermes skill by name, category, version, and description.

Both tabs are read-only. To edit memory or install new skills, use Hermes directly on the host machine.

FAQ

Common Questions

Do my messages go through any third-party servers?

No. The data path is: your device → Tailscale (encrypted tunnel) → your machine running hermes-bridge → Hermes Agent. No PromptCloak servers, no Telegram, no Discord — just you and your Hermes instance.

Does this work over cellular, or only on WiFi?

With Tailscale Serve (step 5), it works everywhere — WiFi, cellular, even different countries. Tailscale creates an encrypted private tunnel between your devices.

What if I close the terminal?

The bridge stops and PromptCloak won’t be able to reach Hermes. Just run the bridge command again to restart it. Tailscale Serve (if started with “tailscale serve --bg 8642”) runs in the background and survives terminal closes.

PromptCloak says “Could not connect to the server”

Check three things: (1) Is the bridge running? You should see “Uvicorn running on http://0.0.0.0:8642” in the terminal. (2) Is Tailscale Serve running? Run “tailscale serve status” — if it says “No serve config”, run “tailscale serve 8642” again. (3) Is Tailscale connected on both devices? Check the Tailscale app on your phone.

PromptCloak says “A TLS error caused the secure connection to fail”

You’re probably using an IP address (like 100.x.x.x) instead of your .ts.net hostname. iOS requires HTTPS with a valid certificate. Use your Tailscale Serve hostname (e.g. my-mac.tail1234.ts.net) instead.

The bridge connects but Hermes returns an error

Make sure “hermes” works in your terminal first. If Hermes is using the wrong provider, run “hermes setup” to reconfigure. Then restart the bridge — it reads the Hermes config on startup.

Does Hermes remember conversations from PromptCloak?

Yes. Hermes Agent manages its own memory and skills. When you chat through PromptCloak, Hermes processes each message through its full agent loop — including memory retrieval, skill activation, and tool use.

What about images and files?

The bridge currently supports text chat. Image and file support may be added in a future update.

Do I need to run these commands every time?

The bridge needs a terminal running — restart it after a reboot. Tailscale Serve persists in the background if started with “tailscale serve --bg 8642”. Your .ts.net hostname and bridge token stay the same across restarts.

I don’t see the > HERMES button in my sidebar

The Hermes Operator entry only appears after Steps 4–6 are complete — the bridge running, a bridge URL and token saved in PromptCloak, and the connection verified. Open Settings > Providers > Hermes Agent and re-tap “Verify & Save”. You also need an active PromptCloak Pro subscription.

Push notifications for approvals never arrive

Three things to check: (1) Did you grant notification permission the first time you opened the Operator? iOS Settings > Notifications > PromptCloak. (2) Is httpx installed on the bridge? Re-run the Step 3 command with httpx included, then restart the bridge. (3) Is the bridge process actually running? Approvals still show up live in the in-app inbox over SSE — push notifications are the lock-screen convenience layer on top.

What exactly triggers an approval request?

Hermes itself decides. Typical triggers: running a shell command, writing or deleting files, performing a browser action, calling an MCP tool, or delegating to another agent. The bridge just forwards whatever Hermes raises — the policy lives in your Hermes config and skill definitions on the host machine.

Can I use the Operator from my Mac?

Not yet. The Operator currently ships on iPhone and iPad only. A Mac version of PromptCloak is in development and will arrive shortly after launch — when it does, the Operator will work there too (with in-app approvals instead of lock-screen push notifications).

The Operator header shows MCP: [DISCONNECTED] in red

That means either the bridge is unreachable, or Hermes can’t talk to the MCP servers it’s configured to use. Regular chat still works — Hermes will just fail any tool call that depends on MCP. Check that the bridge is still running, then verify your MCP servers are up on the host machine.

Also available: Claude and OpenAI API Keys

PromptCloak also supports BYOK with Anthropic and OpenAI. Add your own API keys for direct device-to-provider chat. See the Claude setup guide for details.