search
Ctrlk

Hermes Hooks

Akto Guardrails for Hermes provides security validation for AI agent interactions. It intercepts prompts and tool calls before execution, validates against security policies, blocks risky behavior, and reports all events to your Akto dashboard.

hashtag
Key Features

  • MCP & Non-MCP Tool Support - Validates both MCP server tools and non-MCP built-in tools

  • Real-time Protection - Validates every prompt and tool call before execution

  • JSON-RPC Compliance - Full JSON-RPC 2.0 support for MCP protocol

  • Device ID Tracking - Multi-device management with unique device identifiers

  • Audit Trail - Complete audit logging to Akto dashboard

  • Configurable Behavior - Blocking or observation modes

  • Fail-Safe Design - Graceful degradation if Akto server unavailable

hashtag
How It Works

Hermes plugin hooks into four critical points in the AI agent lifecycle:

User Input

┌─────────────────────────────────────┐
│ pre_llm_call Hook                   │ ← Validate prompt, BLOCK if needed
│ (Runs BEFORE sending to Claude)     │
└────────────┬────────────────────────┘
             ↓ (if allowed)
        Claude LLM API

┌─────────────────────────────────────┐
│ post_llm_call Hook                  │ ← Log response for audit
│ (Runs AFTER LLM responds)           │
└────────────┬────────────────────────┘

       Tool Execution Request

┌─────────────────────────────────────┐
│ pre_tool_call Hook                  │ ← Validate tool, BLOCK if needed
│ (Runs BEFORE tool execution)        │
└────────────┬────────────────────────┘
             ↓ (if allowed)
       Tool Execution

┌──────────────────────────────────────┐
│ post_tool_call Hook                 │ ← Log result for audit
│ (Runs AFTER tool completes)         │
└──────────────────────────────────────┘

4 Hook Points:

  1. pre_llm_call - Validates user prompts before sending to Claude LLM

  2. post_llm_call - Logs Claude responses and audit trail

  3. pre_tool_call - Validates tool calls (MCP and non-MCP) before execution

  4. post_tool_call - Logs tool responses for audit trail

hashtag
File Structure

Key Files:

  • __init__.py: Main plugin that registers 4 hooks with Hermes

  • akto_client.py: Handles all API communication (validation + ingestion)

    • Validation calls: /api/http-proxy?guardrails=true

    • Ingestion calls: /api/http-proxy?ingest_data=true

  • validators.py: Prompt and tool validation logic against Akto policies

  • mcp_util.py: Detects MCP tools and converts to JSON-RPC 2.0 format

  • akto_machine_id.py: Generates unique device identifiers for multi-device tracking

  • plugin.yaml: Hermes plugin manifest — metadata for plugin discovery

hashtag
Setup Guide

hashtag
Prerequisites

  • Hermes Agent installed and functional

  • Python 3.6+ available

  • Akto instance with guardrails API endpoint

  • Network access to your Akto server

  • Akto Data Ingestion URL (provided by your Akto admin)

hashtag
Installation Steps

hashtag
Step 1: Obtain Plugin Files

Clone the Akto repository or download the plugin files:

Alternatively, download individual files from GitHub:

hashtag
Step 2: Copy Plugin to Hermes

Create the plugins directory and copy all files:

Verify installation:

hashtag
Step 3: Configure Akto Server URL ⚠️ CRITICAL STEP

Set your Akto instance URL as an environment variable:

Verify the URL is set:

circle-exclamation

This environment variable is REQUIRED. Without it, the plugin will run in fail-open mode (allows all execution but won't send data to Akto).

hashtag
Step 4: Configure Hermes Plugin (Optional)

Edit or create ~/.hermes/config.yaml for additional plugin configuration:

What each setting means:

  • AKTO_SYNC_MODE: "true" - Block risky prompts/tools (recommended)

  • AKTO_SYNC_MODE: "false" - Logging only (no blocking)

  • LOG_LEVEL: "INFO" - Log important events only

  • LOG_LEVEL: "DEBUG" - Verbose logging with full payloads

  • AKTO_TIMEOUT: "5" - Wait max 5 seconds for Akto response

hashtag
Step 5: Configure MCP Servers (Optional)

If you use MCP servers with Hermes, add them to ~/.hermes/config.yaml:

The plugin will automatically detect MCP tools (format: server_tool) and route them to the /mcp endpoint with JSON-RPC 2.0 format.

hashtag
Step 6: Create Log Directory

Logs will be written to: ~/.config/hermes/akto/logs/hermes-guardrails.log

hashtag
Step 7: Start Hermes

Start or restart Hermes:

Verify plugin is loaded:

Expected output:

hashtag
Step 8: Verify Installation

Check all components are working:

hashtag
Configuration Reference

hashtag
Environment Variables

Set these to customize the plugin behavior:

hashtag
Hermes Plugin Settings

Edit ~/.hermes/config.yaml to customize (optional):

hashtag
Monitoring & Logs

hashtag
View Real-time Activity

hashtag
Log Format

Each log entry includes:

  • Timestamp: When the event occurred

  • Component: Which module generated the log (e.g., [HOOK: pre_llm_call])

  • Details: Relevant context (session ID, tool name, validation result)

hashtag
Enable Debug Logging

For verbose logging with full payloads:

hashtag
Troubleshooting

hashtag
Plugin Not Loading

Symptom: No logs appear in ~/.config/hermes/akto/logs/

Solution:

hashtag
Akto Server Unreachable

Symptom: Logs show "API CALL FAILED"

Solution:

hashtag
MCP Tools Not Detected

Symptom: MCP tool doesn't appear as server_tool format

Solution:

hashtag
Python Import Errors

Symptom: Errors in logs about missing modules

Solution:

hashtag
No Events in Dashboard

Symptom: Plugin runs but events don't appear in Akto dashboard

Solution:

hashtag
Quick Setup Summary

hashtag
Data Flow

hashtag
Prompt Validation & Logging

hashtag
Tool Execution - Non-MCP Tools (e.g., web_search, terminal)

hashtag
Tool Execution - MCP Tools (e.g., calculator_add, git_status)

hashtag
Resources

PreviousOpenCode HooksNextCodex CLI Hooks

Last updated