Hermes Agent, the self-improving AI agent from Nous Research, just shipped a meaningful quality-of-life update for anyone running it in a real environment: you can now pull secrets from multiple vaults simultaneously, and a new plugin API lets you wire in any secret manager you already use.

The plaintext .env problem

Hermes can pull API keys from external secret managers at process startup instead of storing them in ~/.hermes/.env. That matters because a flat .env file is a single point of failure. If a subprocess leaks it, or the file ends up in a repo, every credential you have is exposed at once. The vault integration moves the sensitive material out of the filesystem and into a manager that handles rotation, access control, and auditing for you.

The bootstrap token for the secret manager lives in .env; every other provider key (OpenAI, Anthropic, OpenRouter, etc.) can stay in the manager and rotate centrally. So you end up with exactly one secret on disk, and everything else is fetched fresh on each startup.

Two vaults in, one more on the way

Bitwarden Secrets Manager was already supported. This update adds 1Password as a second built-in source. Bitwarden uses the bws CLI (lazy-installed, free tier works), while 1Password uses op:// references via the official op CLI with service-account or desktop session auth.

You can enable more than one secret source at the same time, for example a team Bitwarden project alongside a personal vault plugin. When two sources disagree on the same variable, Hermes doesn't just silently pick one:

Alpha Signal

Don't miss what's next in AI

Join 300,000+ engineers and researchers who get the signal, not the noise.

  • Full access to in-depth AI research breakdowns
  • Be the first to know what's trending before it hits mainstream
  • Daily curated papers, repos, and industry moves