From 0b11ce168165e0a3e9c2dd75ed7c194b45432f0d Mon Sep 17 00:00:00 2001 From: Stephen Chin Date: Sat, 9 May 2026 11:50:57 -0700 Subject: [PATCH] fix(hermesagent): add external script warning and remove redundant check Adds third-party script warning with user confirmation before running the upstream installer (install) and updater (update), matching the kasm/pihole pattern. Removes redundant binary existence check per reviewer feedback. Adds corresponding JSON warning note. --- ct/hermesagent.sh | 13 ++++++++++++- install/hermesagent-install.sh | 16 +++++++++++----- json/hermesagent.json | 4 ++++ 3 files changed, 27 insertions(+), 6 deletions(-) diff --git a/ct/hermesagent.sh b/ct/hermesagent.sh index 8c3ce1e9..3312d343 100644 --- a/ct/hermesagent.sh +++ b/ct/hermesagent.sh @@ -29,6 +29,17 @@ function update_script() { exit fi + msg_warn "WARNING: This script will run an external installer from a third-party source (https://hermes-agent.nousresearch.com/)." + msg_warn "The following code is NOT maintained or audited by our repository." + msg_warn "If you have any doubts or concerns, please review the installer code before proceeding:" + msg_custom "${TAB3}${GATEWAY}${BGN}${CL}" "\e[1;34m" "→ hermes update (https://hermes-agent.nousresearch.com/)" + echo + read -r -p "${TAB3}Do you want to continue? [y/N]: " CONFIRM + if [[ ! "$CONFIRM" =~ ^([yY][eE][sS]|[yY])$ ]]; then + msg_error "Aborted by user. No changes have been made." + exit 10 + fi + msg_info "Stopping Services" systemctl stop hermes-dashboard msg_ok "Stopped Services" @@ -52,7 +63,7 @@ start build_container description -msg_ok "Completed Successfully!\n" +msg_ok "Completed successfully!\n" echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}" echo -e "${INFO}${YW} Connect via SSH and configure your LLM provider:${CL}" echo -e "${TAB}${GATEWAY}${BGN}ssh root@${IP}${CL}" diff --git a/install/hermesagent-install.sh b/install/hermesagent-install.sh index 7a6484a6..2ccb0f6b 100644 --- a/install/hermesagent-install.sh +++ b/install/hermesagent-install.sh @@ -24,17 +24,23 @@ useradd -m -s /bin/bash hermes loginctl enable-linger hermes msg_ok "Created Hermes User" +msg_warn "WARNING: This script will run an external installer from a third-party source (https://hermes-agent.nousresearch.com/)." +msg_warn "The following code is NOT maintained or audited by our repository." +msg_warn "If you have any doubts or concerns, please review the installer code before proceeding:" +msg_custom "${TAB3}${GATEWAY}${BGN}${CL}" "\e[1;34m" "→ https://hermes-agent.nousresearch.com/install.sh" +echo +read -r -p "${TAB3}Do you want to continue? [y/N]: " CONFIRM +if [[ ! "$CONFIRM" =~ ^([yY][eE][sS]|[yY])$ ]]; then + msg_error "Aborted by user. No changes have been made." + exit 10 +fi + msg_info "Installing Hermes Agent" $STD setsid --wait env \ HOME=/home/hermes \ PATH=/home/hermes/.local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \ bash <(curl -fsSL https://hermes-agent.nousresearch.com/install.sh) --skip-setup --hermes-home /home/hermes/.hermes --dir /home/hermes/.hermes/hermes-agent -if [[ ! -x /home/hermes/.local/bin/hermes ]]; then - msg_error "Hermes binary not found after installation" - exit 1 -fi - chown -R hermes:hermes /home/hermes git config --system --add safe.directory /home/hermes/.hermes/hermes-agent 2>/dev/null || true msg_ok "Installed Hermes Agent" diff --git a/json/hermesagent.json b/json/hermesagent.json index 8e4ece5e..061293ea 100644 --- a/json/hermesagent.json +++ b/json/hermesagent.json @@ -32,6 +32,10 @@ "password": null }, "notes": [ + { + "text": "WARNING: Installation sources scripts outside of Community Scripts repo. Please check the source before installing.", + "type": "warning" + }, { "text": "Warning: Hermes can execute terminal commands. The agent runs as a dedicated 'hermes' service user for isolation.", "type": "warning"