This guide assumes you have installed Hermes Agent and are deciding how to configure it. For the install process, see the Hermes installation guide. For a walkthrough of features and how to use them, see Hermes Agent tips for non-technical users. This page covers the security decisions that underpin both.
Run it on your own computer
The simplest and, for most individual users, the safest setup is running Hermes on your own machine — your laptop or desktop. It requires no additional configuration beyond the standard install. Your files, notes, and conversation history stay on your device. When you close the lid, Hermes stops running.
There is nothing technically wrong with this approach. The common objection — "but I want it to run overnight while I sleep" — is solved by simply leaving your computer on rather than moving to a cloud server. For most personal and small-business use cases, a machine left running in a home office is entirely adequate.
Docker: an optional safety layer
Docker is a piece of software that creates self-contained environments — called containers — on your computer. A container can run Hermes Agent with access only to the files and network resources you explicitly allow. Everything else on your machine is invisible to it.
Think of it this way: your computer is a house. Docker creates a locked room inside that house. Hermes lives in the room and can only use what you put in it. It cannot walk into the rest of the house.
Docker is not necessary for most individual setups, but it is worth considering if you are connecting Hermes to a large number of tools, or if you want a clear boundary between what the agent can see and the rest of your file system. The Docker Desktop application is the easiest starting point; it is free for personal use.
If you do use Docker, the key step is mounting only the folders you want Hermes to access — your notes folder, your project files — rather than giving it access to your entire home directory. A narrowly scoped container is significantly more contained than a broadly scoped one.
What to grant — and what to withhold
Hermes becomes more useful the more it can access, but not all access is equally low-risk. Here is a summary of the main permission categories and what level of caution each warrants:
| Permission type | Risk level | Recommendation |
|---|---|---|
| Read-only file access (notes, documents) | Low | Grant freely — Hermes can read but not modify |
| File write access (project folders) | Medium | Grant to specific folders only, not your whole drive |
| Email read + label + archive | Low | Safe for most uses; enables useful search and organisation |
| Email draft creation | Low–medium | Hermes writes drafts for your review; nothing sends without you |
| Email send | High | Only grant if you have a deliberate, specific use for it |
| Calendar read | Low | Useful for daily briefings and scheduling context |
| Calendar write | Medium | Can create or modify events; review implications before granting |
| Computer control | High | Allows Hermes to control your mouse and keyboard; only for specific automation tasks |
Keep your API keys safe
Hermes connects to model providers — OpenAI, MiniMax, Grok, and others — using API keys. An API key is a credential that authorises usage charged to your account. If someone obtains your API key, they can run requests billed to you.
Four steps that most users should take:
- Set spending limits. Every major API provider has a dashboard setting for maximum monthly spend. Set one that represents the upper bound of what you are willing to spend, not an unlimited cap.
- Use a private GitHub repository for backups. If you back up your Hermes folder to GitHub — which is recommended — make sure the repository is private. A public repository would expose your configuration files, which may include API keys.
- Do not share configuration files. If you are helping someone else set up Hermes and they ask you to share your config file, redact any API keys before doing so.
- Rotate keys if you suspect exposure. If your API key appears to have been used unexpectedly, log in to the provider's dashboard and revoke it immediately, then create a new one. Most providers let you do this in under a minute.
If you want to use a cloud server
Running Hermes on a VPS (virtual private server) — a cloud machine that runs 24 hours a day regardless of your own computer's state — is technically straightforward but requires security knowledge that goes beyond standard consumer software.
The key requirements for a reasonably secure VPS setup are:
- SSH-only access. Disable password login on the server; use SSH key authentication only.
- Firewall rules. Restrict inbound connections to the specific ports you need. The server should not be openly accessible from the public internet except through controlled entry points.
- Use a tunnel. Tools like Cloudflare Tunnel or Tailscale let you access your VPS without exposing ports directly to the internet. This is a meaningful step up in security over open port forwarding.
- Keep the OS up to date. Apply security updates promptly. An unpatched server is a significantly higher-risk target.
If you are not comfortable with Linux server administration, the VPS path is not the right starting point. The security complexity it introduces is disproportionate to the benefit for users who do not have a specific operational reason to run 24/7 in the cloud. Start locally, get familiar with the tool, and revisit this only if you hit a concrete limitation that local operation cannot solve.