Browser-native side panel for Hermes Agent — connect active web context to your local or remote Hermes runtime.
Created by Jon Komet (
@abundantbeing). Community extension for Hermes Agent by Nous Research.

Public alpha · Load unpacked · Local/remote Hermes API · Full Hermes runtime tools
Not on the Chrome Web Store yet.
Hermes Browser Extension is not a browser chatbot. It is a Chrome/Edge/Chromium side panel for the real Hermes Agent runtime. It talks to your Hermes Gateway/API server — local by default, remote when you configure a reachable URL — so it can use the models, tools, skills, sessions, memory, and MCP servers already configured in Hermes.
This repo is specifically for the Hermes Browser Extension: the Chrome/Edge/Chromium side-panel integration for Hermes Agent.
| Side panel | Theme settings | Local agents |
|---|---|---|
![]() |
![]() |
![]() |
| Browser behavior | Page-only context | Hermes compatibility |
![]() |
![]() |
![]() |
http://127.0.0.1:8642.Alt+H by default, customizable at chrome://extensions/shortcuts)./summarize, /explain, /rewrite, /tabs, and /action-items.[tool] markdown appended into answers.NoneType/int() traceback class.debugger, nativeMessaging, click/type/form-submit, cookies, history, bookmarks, downloads, or browser-control permissions in v0.1.| Surface | Supported in v0.1.9 | Fallback / note |
|---|---|---|
| Chrome / Edge / Chromium 114+ side panel | Yes | Primary public support target. |
| Brave / Comet / Chromium forks | Best-effort | Must expose the Chromium Side Panel API and extension clipboard permissions for Copy Diagnostics. |
| Firefox / Safari | Preview only | Diagnostics now report browser family, but cross-browser support is not shipped yet. |
| Local Hermes API server | Yes | Default path: http://127.0.0.1:8642. |
| Remote API server | Yes, explicit URL/token only | Use trusted LAN/Tailscale/VPN or HTTPS reverse proxy; do not expose Hermes naked to the internet. |
| Remote dashboard WebSocket | Best-effort | Chat/session/model path only; REST-only profile/skills/image-upload surfaces remain unavailable. |
| Browser Context Protocol | Yes | Extension emits hermes.browser.context.v1 payloads and keeps prompt-embedded fallback. |
| Companion plugin | Private prototype only | Optional fail-soft skeleton in companion-plugin/; not required for public v0.1.9. |
| Browser control / Runs UI / debugger / nativeMessaging | No | Deferred until supportability, action policy, approvals, and logs exist. |
git clone https://github.com/abundantbeing/hermes-browser-extension.git
cd hermes-browser-extension
npm install
npm run build
The loadable extension is generated at:
dist/
chrome://extensions or edge://extensions.dist/ folder — not the repo root and not extension/.After code updates, run npm run build again and click Reload on the Hermes Browser Extension card in the browser extensions page.
Local-only is the safest default. Put this in ~/.hermes/.env on the machine running Hermes:
API_SERVER_ENABLED=true
API_SERVER_HOST=127.0.0.1
API_SERVER_PORT=8642
API_SERVER_KEY=<your-api-server-key>
API_SERVER_CORS_ORIGINS=chrome-extension://<your-extension-id>
Start or restart the gateway:
hermes gateway run
Verify the API server:
HERMES_GATEWAY_URL=http://127.0.0.1:8642
HERMES_API_TOKEN='<your-api-server-key-or-browser-token>'
curl "$HERMES_GATEWAY_URL/health"
curl -H "Authorization: Bearer $HERMES_API_TOKEN" "$HERMES_GATEWAY_URL/v1/models"
Then in the extension side panel:
http://127.0.0.1:8642.API_SERVER_KEY.https:// page and ask: Summarize this page in one sentence.For a remote Hermes machine, bind the API server to a reachable trusted interface and keep CORS narrow:
API_SERVER_ENABLED=true
API_SERVER_HOST=0.0.0.0
API_SERVER_PORT=8642
API_SERVER_KEY=<your-api-server-key>
API_SERVER_CORS_ORIGINS=chrome-extension://<your-extension-id>
Use a private same-LAN/Tailscale/VPN host with HTTP, or put the API server behind a trusted HTTPS reverse proxy for public/proxied access. Do not expose the Hermes API server naked to the public internet. The Hermes API server can access the real Hermes runtime and tools.
Examples:
http://192.168.1.50:8642
http://hermes-desktop.local:8642
https://hermes.example.com
In the extension side panel:
http:// or https://.With a key present, Remote means Remote API server and does not force HTTPS. With the key blank, Remote means Remote dashboard WebSocket and requires an https:// dashboard URL.
If you run Hermes elsewhere and only expose the OAuth-gated dashboard, select Remote, enter the dashboard's https:// URL, and leave the API key blank. With no key, the extension connects over the dashboard's /api/ws socket instead of the REST API server.
Auth uses a single-use WebSocket ticket minted from a signed-in dashboard tab:
Limitations in this mode: image attachments are inline-only, and the skills/profiles lists are unavailable because those are REST-only and the dashboard's REST surface is not reachable cross-origin.
After connection, the side panel loads from the connected Hermes gateway:
/v1/models — all providers/models Hermes can enumerate, including provider-qualified IDs./api/sessions — recent Hermes sessions grouped by source./v1/skills — slash-command skill suggestions in the composer./v1/profiles — profile picker when the gateway exposes profile metadata./v1/capabilities — feature flags such as audio transcription and Browser upload support.The DOM/context chip should show a non-zero page-context count on normal readable pages. Browser internal pages such as chrome://extensions are intentionally restricted.
You can ask Hermes to help install it:
Install Hermes Browser Extension from https://github.com/abundantbeing/hermes-browser-extension. Clone it, run npm install, run npm run build, then use computer use to open chrome://extensions, enable Developer mode, load the dist folder unpacked, and help me connect it to my local or remote Hermes Gateway API server. Do not reveal, print, screenshot, or commit my API key.
Hermes Browser Extension is intentionally conservative in v0.1:
debugger, nativeMessaging, cookies, history, downloads, or bookmarks permissions.See SECURITY.md, PERMISSIONS.md, DATA-FLOW.md, and PRIVACY.md for details.
Make sure you loaded dist/, not the repo root. The selected folder must contain manifest.json directly.
The browser is still using an old unpacked folder or an unpacked extension card that was not reloaded. For v0.1.9, the source manifest, built dist/ manifest, and release archive should all contain manifest.json version 0.1.9.
Fix:
npm run build locally.chrome://extensions or edge://extensions.dist/ folder.Open Settings → Support diagnostics → Copy Diagnostics and paste the report into the GitHub issue or support thread.
The copied block includes version/build, browser family, gateway origin, connection state, runtime capability flags, selected model/provider, context mode, extractor mode, and last visible error. It intentionally excludes API keys, bearer tokens, cookies, page text, selected text, tab titles, and full tab URLs.
Check that Hermes Gateway/API server is running and reachable from the browser:
curl http://127.0.0.1:8642/health
# or, for remote mode:
curl http://<trusted-remote-host>:8642/health
If /v1/models fails, check `API_SERVER_KEY
$ claude mcp add hermes-browser-extension \
-- python -m otcore.mcp_server <graph>