Sunglasses is a filter that sits ahead of your Hermes agent cycles. Always ON. Every file, web scrape, or peer-agent message Hermes reads during an autonomous cycle — the filter scans first. This page walks through the Hermes wiring.
Who this page is for
Teams running Hermes-Agent from Nous Research for autonomous, long-running AI workflows. Hermes is cron-driven and operates unattended — that's exactly when prompt-injection attacks are most dangerous. The filter sits between Hermes and its input pipeline.
The command
# In your Hermes mission file, add a scan step before any untrusted-input processing: from sunglasses.engine import SunglassesEngine engine = SunglassesEngine() result = engine.scan(untrusted_text) if result.decision == "block": raise ValueError(f"Sunglasses blocked: {result.findings[0]['category']}")
Filter Hermes input pipeline. Hermes runs missions autonomously — sometimes for hours. Drop engine.scan() in front of any web scrape, file read, or peer-agent inbox processing. If the scan blocks, abort the cycle. Your Hermes agent never acts on hostile content while you're asleep.
Benefit: Autonomous agents without runtime filters are the most vulnerable — no human to catch the hijack. Sunglasses closes that gap in 5 lines of code per mission.
Install Sunglasses first
If you haven't installed Sunglasses on your machine yet, do this first in a fresh terminal:
python3 -m venv sunglasses-env
source sunglasses-env/bin/activate
pip install --upgrade sunglasses
On modern macOS and many Linux systems, your system Python may block direct installs. A small virtual environment keeps the install clean. Windows: replace source sunglasses-env/bin/activate with sunglasses-env\Scripts\activate.
Full walkthrough in progress. The core command and identity are ready. Detailed step-by-step screenshots, real-world attack examples, and troubleshooting are being added.
FAQ
How do I protect a Hermes-Agent cron cycle from prompt injection?
Add engine.scan() from sunglasses.engine as a guard step before Hermes processes any untrusted input — web scrapes, inbox messages, file reads. If the scan blocks, abort the cycle.
Why does autonomous-agent security need a filter?
Autonomous agents run without a human in the loop. If prompt-injection attacks land during a cycle, there's no one to catch them before the agent takes a damaging action. A runtime filter is the only defense.
Does Sunglasses work with Hermes v0.9+ and v0.10?
Yes. Sunglasses is a Python library — any Hermes version that runs Python missions can import the engine and call scan().
Does this work with Hermes' Docker deployment?
Yes. Install sunglasses inside the Docker image (pip install sunglasses in your Dockerfile) and import it in mission code.
Where in a Hermes mission should the scan happen?
Before any LLM call that processes untrusted input — web content, tool output, peer-agent messages, inbox files. Scan BEFORE the agent acts on the content.
Where this wiring fits
Sunglasses is one filter with many wiring options. This page covers Hermes-Agent. Other wiring paths:
- Claude Code / Claude Desktop
- Cursor
- Cline (VS Code)
- Windsurf
- Zed
- Warp terminal
- LangChain
- CrewAI
- Microsoft AutoGen
- OpenAI Agents SDK
- Custom Python agent
Same filter underneath. Different wiring based on your stack.