Permissions become honest.
Every tool has a minimum permission level, roots are explicit, and risky actions can be forced to prompt instead of silently inheriting host-wide freedom.
Status / Doctor Prototype
This is a first-pass runtime contract prototype for Hermes and OpenClaw. It turns abstract ideas like tool safety, permission modes, and operator health checks into concrete files: one tool registry, one permission policy, and one local status/doctor reader.
Not a live runtime replacement. Not a whole product port. A clean contract checkpoint.
Borrow the architecture, not the product.
Tool manifest + permission model first.
11 seeded tools with schema, roots, and permissions.
Default workspace-write, explicit prompts for risky actions.
Readable operator summary and audit output.
Where It Came From
The idea came from studying claw-code as a reference architecture.
The useful parts were its permission model, tool registry, and operator surfaces
like status and doctor.
The goal was not to adopt that whole Rust runtime. The rule became: copy the architecture, not the product. Start with the smallest contracts that improve safety and clarity.
The first two pieces were enough to unlock the rest: one shared tool manifest and one explicit permission policy. Once those exist, status and doctor have something real to read instead of guessing.
What Was Built
A first shared manifest for Hermes/OpenClaw terms like
execute-code, delegate-task, status,
doctor, providers.inspect, mcp.inspect,
and cron.inspect.
C:\Users\mikem\Desktop\hermes\docs\runtime-contracts\hermes-core-tool-manifest.json
A first policy with workspace-write as the runtime default, explicit
denied roots, prompt gates for risky tools, and a read-only override for the
claw-code reference workspace.
C:\Users\mikem\Desktop\hermes\docs\runtime-contracts\hermes-runtime-permission-policy.json
A local Python script that reads those files and renders a compact runtime summary or an audit report. It runs cleanly on the current seed: zero errors, zero warnings.
C:\Users\mikem\Desktop\hermes\scripts\runtime_status_doctor.py
Why Use It
Every tool has a minimum permission level, roots are explicit, and risky actions can be forced to prompt instead of silently inheriting host-wide freedom.
Once tools and policy are structured, status can report the active
posture and doctor can flag mismatches instead of hand-waving.
That matters if you want one model for tools, roots, prompts, and operator health across Mac Hermes, Mac OpenClaw, and bounded environments like VPS3 Herman.
If you were actually going to use this tomorrow
Use it as a bridge layer. Keep your live runtime, but make it read from one tool registry and one permission policy before you attempt deeper runtime rewrites.
Install / Run
Run the local prototype
python C:\Users\mikem\Desktop\hermes\scripts\runtime_status_doctor.py status
python C:\Users\mikem\Desktop\hermes\scripts\runtime_status_doctor.py doctor
python C:\Users\mikem\Desktop\hermes\scripts\runtime_status_doctor.py status --json
python C:\Users\mikem\Desktop\hermes\scripts\runtime_status_doctor.py doctor --json
Open this explainer locally
cd E:\Codex\projects\hermes-status-doctor-explainer
start index.html
Deploy this explainer to Vercel
cd E:\Codex\projects\hermes-status-doctor-explainer
vercel
vercel --prod
What to copy into a real runtime repo
docs/runtime-contracts/tool-manifest.schema.json
docs/runtime-contracts/permission-policy.schema.json
docs/runtime-contracts/hermes-core-tool-manifest.json
docs/runtime-contracts/hermes-runtime-permission-policy.json
scripts/runtime_status_doctor.py
Saved Location
Explainer project
E:\Codex\projects\hermes-status-doctor-explainer
What it contains
A Vercel-ready static site with the visual explanation, local open instructions, deployment instructions, and context for why the prototype exists.