Blog Releases Issues Docs Download Status Looking Glass Contact Sales
Network Resilience Recovery Security Pricing
Developers
Developer overviewCLI, SDKs, webhooks InfrastructureDocker, K8s, Terraform, CI/CD. AI AgentsClaude Code, Codex, Cursor, Hermes, OpenClaw. MSP ToolsDatto, NinjaOne, ConnectWise, N-able. Browser extensionAutofill, device-based login, generator Mobile appsNative iOS and Android Claude CodeScoped tokens CodexOpenAI integration CursorAgent mode Hermes AgentHermes Agent by Nous Research OpenClawAgent resolver ImportFrom any password manager
Resources
Blog Releases Issues Docs Download Status Looking Glass Contact Sales
Solutions
Consumer SMB Enterprise MSP
Language
🇺🇸 English 🇮🇩 Bahasa Indonesia 🇩🇰 Dansk 🇩🇪 Deutsch 🇪🇸 Español 🇫🇷 Français 🇮🇹 Italiano 🇳🇱 Nederlands 🇳🇴 Norsk 🇵🇱 Polski 🇧🇷 Português 🇫🇮 Suomi 🇸🇪 Svenska 🇻🇳 Tiếng Việt 🇹🇷 Türkçe 🇷🇺 Русский 🇺🇦 Українська 🇮🇳 हिन्दी 🇹🇭 ไทย 🇨🇳 中文 🇯🇵 日本語 🇰🇷 한국어
Sign in Na zawsze za darmo Get started

Integration Guide

clavitor + Hermes Agent

Nous Research's open-source autonomous agent runs on your server, remembers what it learns, and gets more capable the longer it runs. Pair it with Clavitor so every credential it touches is scoped, audited, and revocable.

What Hermes sees

Shared fields

Hermes reads these via the CLI skill to navigate, deploy, and authenticate.

  • API keys (OpenRouter, model providers, GitHub, AWS, Stripe...)
  • SSH host credentials
  • Database connection strings
  • TOTP seeds — live 2FA codes on demand
  • Service account passwords

What Hermes never sees

Personal fields

Encrypted client-side with your fingerprint, face, or security key. The server stores ciphertext. No key, no access.

  • Credit card numbers & CVV
  • Passport & government IDs
  • Recovery codes & seed phrases
  • Social security numbers
  • Bank account details

Hermes runs on your server. So does the CLI.

Hermes installs with one curl on Linux, macOS, or WSL2. It runs continuously, holds curated memory across sessions, and auto-creates skills. Drop the Clavitor CLI on the same host and any skill that needs a credential calls it.

1. Create an agent token

Open your vault → AgentsCreate. Name it "Hermes" and choose which entries it can access. Copy the setup token.

Each agent gets its own scope, rate limits, and audit lineage. Hermes runs as one agent identity; the audit log tags every access as cli:hermes.

2. Initialize the CLI on the Hermes host

$ echo "$CLAVITOR_TOKEN" | clavitor-cli init

3. Resolve credentials inside a skill

Any Hermes skill (Python, Bash, anything it shells out to) reads credentials at the moment it needs them. The secret never lives in Hermes's memory or in its skill source code:

# Inside a Hermes skill
import subprocess
key = subprocess.check_output(
    ["clavitor-cli", "get", "OpenRouter", "--field", "key"]
).decode().strip()
# Use key, scrub it after the call

Gateways — Telegram, Discord, Slack, WhatsApp, Signal

Hermes connects to messaging platforms through a single gateway process. Store the platform tokens in Clavitor instead of in Hermes config files. Render the gateway config at startup:

{
  "telegram": { "token": "clavitor://Hermes Gateway/telegram_bot_token" },
  "discord":  { "token": "clavitor://Hermes Gateway/discord_bot_token" },
  "slack":    { "token": "clavitor://Hermes Gateway/slack_bot_token" }
}
$ clavitor-cli render hermes-gateway.json | hermes-agent start --config -

The committed template carries clavitor:// references; the resolved JSON lives only in the pipe between render and hermes-agent. Secrets never touch disk.

Browser automation with the proxy

Hermes can drive a real browser — navigate, click, type, screenshot. When a workflow signs into an external API, point Hermes at the Clavitor proxy and write the credential as a reference in the request header. The agent and the browser never see the secret:

$ export HTTPS_PROXY=http://localhost:1983
$ hermes-agent task "post a status update to our CMS"
# Hermes's HTTP calls go through the proxy.
# The CMS auth header is set to clavitor://Client CMS/api_key;
# the proxy resolves it on the wire.

Hermes Memory + Clavitor Memory

Hermes has its own curated long-term memory. Use Clavitor's encrypted Memory entries for anything Hermes shouldn't keep in its own store — recovery procedures, customer-specific runbooks, anything that should survive a fresh Hermes install:

# From any Hermes skill
$ clavitor-cli memory put --title "Deploy runbook" \
    --content "$(cat deploy-runbook.md)"

# Later — recall by semantic similarity, not keyword
$ clavitor-cli memory search "how do we roll back the API gateway?"

Clavitor Memory is end-to-end encrypted, syncs across devices, and the vault searches by vector without ever decrypting the text. Hermes adds the embedding when it writes; Hermes sends an embedding when it queries.

Every access is logged

The audit log records which agent accessed which credential, when, and from where. Hermes activity is distinguishable from human activity on every line.

# TIME                 ACTION  ENTRY                  ACTOR
2026-03-08 10:23:14  read    openrouter             cli:hermes
2026-03-08 10:23:15  read    telegram-bot           cli:hermes
2026-03-08 11:45:02  read    aws-production         cli:deploy-agent
2026-03-08 14:12:33  render  -                      cli:hermes

Get started

Start freeSee plans