AI-OS (Second-Brain)
myos/hermes/INBOUND-peer-session-teardown-2026-07-04.md
INBOUND — Hermes-agent code teardown (parallel session, UNVERIFIED)
Provenance: relayed into this session by a different Claude session running a forked deep-read of the
hermes-agentcodebase on 2026-07-04. Landed as peeragent-messages, not authored or verified by this session. Treat as leads to confirm, not ground truth. My ownhermes-learnerpass (HERMES-ARCHITECTURE-DEEP.md) is the primary; reconcile the two before trusting either.Why kept: directly overlaps the AIOS Hermes track; too costly to re-derive; captured so it survives context compaction.
Coverage (files the peer claims to have read)
hermes_cli/providers.py(770) +hermes_cli/runtime_provider.py(2058) — provider resolutionagent/credential_pool.py(2372) +agent/credential_sources.py(443) — credential pools / OAuthagent/anthropic_adapter.py(2787) — Anthropic pathagent/bedrock_adapter.py,vertex_adapter.py,gemini_native_adapter.py,codex_responses_adapter.py,azure_identity_adapter.py— other adaptersagent/context_engine.py,context_breakdown.py,context_compressor.py(3018) — context managementagent/conversation_loop.py,agent_init.py,run_agent.py,chat_completion_helpers.py,tool_dispatch_helpers.py,tool_executor.py— core loop
Headline claims worth flagging for AIOS (verify before relying)
- Provider system is 100+ (models.dev catalog) + ~33 Hermes overlays, not "18 providers". Single resolver
resolve_runtime_provider()(runtime_provider.py:1509) with ~12 sequential special-cased auth branches. - Credential pool = same-provider multi-credential failover (rotation on 429/auth-fail), NOT cross-provider fallback (that's
try_activate_fallback(), configfallback_providers:). Strategies: fill_first (default), round_robin, random, least_used. - ⚠️ Claude Pro/Max OAuth path makes Hermes masquerade as the Claude Code CLI — injects Claude Code identity,
mcp_tool-name rewrite,claude-cliUser-Agent (anthropic_adapter.py:2128). ToS/compliance-adjacent — flag for any Claude-based AIOS build. - Anthropic SDK pinned EXACT
anthropic==0.87.0for two named CVEs (CVE-2026-34450/34452). Upgrade-risk note. - Prompt caching =
system_and_3strategy, 4 breakpoints (system + last 3 msgs), ~75% multi-turn input savings (prompt_caching.py; conversation_loop.py:884). Policy inagent_runtime_helpers.py:anthropic_prompt_cache_policy(). - Context compression = pluggable
ContextEngineABC, defaultContextCompressor(configcontext.engine). 5-phase compress: prune old tool results → protect head/tail by token budget → LLM structured summary (aux model) → iterative re-summary → reassemble with anti-injection markers. Anti-thrash guard, summary-failure cooldown. - Every adapter normalizes to an OpenAI-shaped
SimpleNamespaceso the core loop stays single-shape. No shared tool-call translator — each adapter hand-rolls its own. - Bedrock is dual-path: Claude-on-Bedrock → AnthropicBedrock SDK (full caching/thinking parity); non-Claude → boto3 Converse.
Peer's own open questions (files NOT read)
hermes_cli/auth.py— definesPROVIDER_REGISTRY,resolve_provider(), all OAuth-flow impls. Most important unread file per the peer.agent/error_classifier.py— error/retry classification.agent/codex_runtime.py— true Responses-API call site.- Possible duplicate Gemini thinking-config logic (chat_completions.py vs gemini_native_adapter.py).
Full verbatim peer reports available in this session's transcript if deeper detail needed. This is the distilled index.