Nous ResearchHermes Agent
Deploy Now

Hermes Tirith — Security Approval Workflow

Set up Tirith approval workflows so Hermes asks permission before running dangerous or sensitive commands.

Tirith is Hermes's approval system — when enabled, dangerous commands like file deletion, shell execution, or API calls with side effects require your explicit approval before running. It's the difference between a powerful agent and an unsupervised one.

Skip the setup → Deploy in 60 seconds

Before you start:

  • Hermes Agent installed
  • A messaging channel configured (Telegram recommended for mobile approvals)
  • 'tirith: enabled: true' in config.yaml

Steps

  1. 1

    Enable Tirith

    Set tirith: enabled: true in config.yaml to activate the approval system

  2. 2

    Configure approval rules

    Define which commands need approval: shell execution, file deletion, API calls with side effects

  3. 3

    Set approval channel

    Choose where approval requests appear — Telegram, Discord, or CLI

  4. 4

    Approve or deny

    When Hermes needs approval, tap Approve or Deny on the inline button or reply /approve

  5. 5

    Configure auto-approve rules

    Set safe patterns that auto-approve: read-only commands, specific directories, trusted tools

Pro Tips

  • 💡Set up Tirith approvals on Telegram so you can approve commands from your phone wherever you are — tap Approve or Deny on the inline buttons
  • 💡Use auto-approve rules for safe read-only operations — 'ls', 'cat', and 'grep' don't need human approval
  • 💡Set a timeout for pending approvals (e.g. 5 minutes) — Hermes will deny and report back if you don't respond in time

Troubleshooting

Approval buttons not appearing in Telegram

Check that your Telegram bot has inline keyboard permissions. The bot token in config.yaml must match the bot you're messaging. Try /start in the bot chat to reinitialize.

Hermes runs commands without asking for approval

Check that 'tirith: enabled: true' is at the top level of config.yaml, not nested under another key. Run 'hermes config show | grep tirith' to verify it's being read.

Auto-approve rules are too permissive

Review your auto-approve patterns for overly broad matches. Prefer allowlisting specific safe commands over pattern wildcards.

Related Guides

how to secure hermes serverhow to install hermes agent