Chowmes

logs/2026-07-10-hermes-resource-security-inventory-gate.md

Hermes Resource Security And Inventory Gate

Status

Phase 1 of the Hermes resource adoption plan is complete as of 2026-07-10.

This is one phase out of seven complete.

What Was Implemented

The first layer creates a security and inventory gate before any external Hermes resource is installed, enabled, or allowed to affect Athena, Argus, memory, gateway behavior, Telegram behavior, skills, MCP, or generated artifacts.

Implemented in the Chowmes repo:

  • docs/plan/hermes-external-resource-ledger.md
  • docs/plan/hermes-resource-threat-model.md
  • docs/plan/hermes-skill-intake-checklist.md
  • scripts/hermes-resource-scan
  • scripts/hermes-inventory-scan
  • tests/test_hermes_resource_intake.py
  • .gitignore updates for .artifacts/, .tools/, and .medusa/

Private local artifacts are written under:

  • .artifacts/hermes-resource-intake/

Local scanner installs are kept under:

  • .tools/

Tools Installed Locally

These are local operator tools only. They were not installed globally and were not deployed to the VPS.

  • Medusa v2026.7.0 installed in .tools/medusa-venv
  • Bumblebee v0.1.2 installed in .tools/bin/bumblebee

Bumblebee release checksum verification passed:

bumblebee_0.1.2_darwin_arm64.tar.gz: OK

Version evidence:

MEDUSA v2026.7.0
bumblebee v0.1.2
commit: cc57710eeaf685e7b89924a36c8583cad0a378fe
built:  2026-06-18T15:03:13Z
go:     go1.25.11

Gate Verification

Focused tests passed:

python3 -m pytest tests/test_hermes_resource_intake.py -q
5 passed in 0.43s

Python compile check passed:

python3 -m py_compile scripts/hermes-resource-scan scripts/hermes-inventory-scan tests/test_hermes_resource_intake.py

Bumblebee self-test passed:

selftest OK (5 findings in 5ms)

Medusa repo scan ran:

medusa_status=ran
exit_code=0

Bumblebee repo inventory scan ran:

bumblebee_status=ran
exit_code=0

Scan Findings

Medusa scanned the Chowmes repo and returned exit code 0. It reported one HIGH finding:

  • Scanner: AIContextScanner
  • Rule: AIC009
  • File: AGENTS.md
  • Line: 81
  • Issue: Code execution - prefer dangerous functions

Manual inspection of AGENTS.md line 81 showed this appears to be a terminology false positive around "execution roles" in the MyOS role model, not actual code execution.

The exact line:

Do not create a C-suite inside each project workspace. C-level roles belong to Athena's ELT. Workspace teams use execution roles such as PM, architect, developer, QA, researcher, analyst, writer, designer, DevOps, sales enablement, and product marketing.

Medusa also reported optional coverage tools not installed:

  • bandit
  • eslint
  • htmlhint
  • gitleaks

These are not blockers for Phase 1 because the first layer required the Medusa/Bumblebee gate to exist and run. They are candidates for a future hardening pass.

Bumblebee inventory scan completed and emitted:

  • 19 package records
  • 0 findings
  • status: complete

The inventory included the local Medusa venv because .tools/ is under the repo root. That is acceptable for the current local operator baseline.

What Was Not Changed

No live Hermes runtime changes were made.

No changes were made to:

  • VPS config
  • Athena SOUL.md
  • Argus profile
  • Telegram gateway
  • model routing
  • memory provider config
  • MCP config
  • public ports
  • Obsidian sync paths

No external skillpack was installed.

Completion Decision

Phase 1 is complete.

Definition of done for Phase 1:

  • security scanner installed locally
  • inventory scanner installed locally
  • wrappers created
  • reports written privately
  • broad scans refused unless explicitly allowed
  • skill intake checklist written
  • threat model written
  • resource ledger written
  • tests written and passing
  • no live runtime changes made

All criteria above are satisfied.

Next Phase

Phase 2 should be Skill Governance And Selective Sentry Port.

Next work should review Sentry skills as pattern material, not install them wholesale. Candidate workflows:

  • skill scanner
  • security review
  • GitHub Actions security review
  • bug finder
  • AGENTS.md hygiene

Each candidate should pass the Phase 1 gate before being ported or installed.