<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:dc="http://purl.org/dc/elements/1.1/">
  <channel>
    <title>DEV Community: Moses Man</title>
    <description>The latest articles on DEV Community by Moses Man (@mosesman831).</description>
    <link>https://dev.to/mosesman831</link>
    <image>
      <url>https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F1385970%2Ff08940ab-8bb1-44a6-be2c-5db1a8d75e76.jpeg</url>
      <title>DEV Community: Moses Man</title>
      <link>https://dev.to/mosesman831</link>
    </image>
    <atom:link rel="self" type="application/rss+xml" href="https://dev.to/feed/mosesman831"/>
    <language>en</language>
    <item>
      <title>Self-Hosted Hermes Agent on iOS: Cloudflare Tunnel + Access Service Tokens + Hermex</title>
      <dc:creator>Moses Man</dc:creator>
      <pubDate>Wed, 24 Jun 2026 19:24:59 +0000</pubDate>
      <link>https://dev.to/mosesman831/self-hosted-hermes-agent-on-ios-cloudflare-tunnel-access-service-tokens-hermex-103e</link>
      <guid>https://dev.to/mosesman831/self-hosted-hermes-agent-on-ios-cloudflare-tunnel-access-service-tokens-hermex-103e</guid>
      <description>&lt;h1&gt;
  
  
  Self-Hosted Hermes Agent on iOS: Cloudflare Tunnel + Access Service Tokens + Hermex
&lt;/h1&gt;

&lt;p&gt;Get your Hermes Agent on your iPhone - without paying for a relay, without a VPN, with full Cloudflare edge protection.&lt;/p&gt;

&lt;h2&gt;
  
  
  The Problem
&lt;/h2&gt;

&lt;p&gt;You're running Hermes Agent self-hosted on a VPS. You want to chat with it from your iPhone. There are a few paths:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;HermesPilot P2P relay&lt;/strong&gt; - works great until it goes paid&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Tailscale VPN&lt;/strong&gt; - works but you need the VPN connected every time&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Cloudflare Tunnel + CF Access&lt;/strong&gt; - great for the browser, but iOS apps can't do OAuth redirects&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;The last option is the most interesting because it gives you Cloudflare's edge protection, your own domain, and no per-device VPN. The problem is that Cloudflare Access normally redirects to a browser login (Google, GitHub, etc.) - which doesn't work for a native app.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;The fix: Cloudflare Access Service Tokens + custom headers.&lt;/strong&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  The Architecture
&lt;/h2&gt;

&lt;p&gt;There are two common paths - both work with Service Tokens:&lt;/p&gt;

&lt;h3&gt;
  
  
  Path A: Cloudflare Tunnel → Nginx Proxy Manager (NPM)
&lt;/h3&gt;



&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;Hermex iOS App
│ Custom headers: CF-Access-Client-Id, CF-Access-Client-Secret
▼ HTTPS (orange cloud)
Cloudflare Edge - validates Service Token
▼
Cloudflare Tunnel (cloudflared) - connects to NPM
▼
Nginx Proxy Manager (origin certificate) - routes to backend
▼
Hermes API Server (:8642) or Hermes WebUI (:8787)
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;NPM handles SSL termination with origin certs and gives you a nice UI for managing proxy hosts.&lt;/p&gt;

&lt;h3&gt;
  
  
  Path B: Cloudflare Tunnel → Direct to Hermes
&lt;/h3&gt;



&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;Hermex iOS App
│ Custom headers
▼ HTTPS
Cloudflare Edge - validates Service Token
▼
Cloudflare Tunnel (cloudflared) - pointed at localhost:8642
▼
Hermes API Server
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Simpler, no reverse proxy. Cloudflare handles SSL at the edge.&lt;/p&gt;

&lt;h2&gt;
  
  
  Prerequisites
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;A domain on Cloudflare (orange-cloud proxied)&lt;/li&gt;
&lt;li&gt;Hermes Agent with the API Server enabled&lt;/li&gt;
&lt;li&gt;An iOS device and the &lt;strong&gt;Hermex&lt;/strong&gt; app from the App Store&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  Step 1: Enable the Hermes API Server
&lt;/h2&gt;

&lt;p&gt;In your ~/.hermes/.env:&lt;/p&gt;

&lt;p&gt;API_SERVER_ENABLED=true&lt;br&gt;
API_SERVER_KEY=generate-a-strong-random-key&lt;br&gt;
API_SERVER_HOST=127.0.0.1&lt;br&gt;
API_SERVER_PORT=8642&lt;/p&gt;

&lt;p&gt;Restart and verify:&lt;/p&gt;

&lt;p&gt;hermes gateway restart&lt;br&gt;
curl -s -o /dev/null -w "%{http_code}" &lt;a href="http://127.0.0.1:8642/health" rel="noopener noreferrer"&gt;http://127.0.0.1:8642/health&lt;/a&gt;&lt;/p&gt;

&lt;h1&gt;
  
  
  → 200
&lt;/h1&gt;

&lt;h2&gt;
  
  
  Step 2: Install and Configure Cloudflare Tunnel
&lt;/h2&gt;

&lt;h3&gt;
  
  
  2a. Install cloudflared
&lt;/h3&gt;

&lt;p&gt;curl -L &lt;a href="https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64" rel="noopener noreferrer"&gt;https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64&lt;/a&gt; -o /usr/local/bin/cloudflared&lt;br&gt;
chmod +x /usr/local/bin/cloudflared&lt;/p&gt;

&lt;h1&gt;
  
  
  Or on Debian/Ubuntu:
&lt;/h1&gt;

&lt;p&gt;sudo apt install cloudflared&lt;/p&gt;

&lt;h3&gt;
  
  
  2b. Authenticate and Create a Tunnel
&lt;/h3&gt;

&lt;p&gt;cloudflared tunnel login&lt;br&gt;
cloudflared tunnel create hermes-tunnel&lt;/p&gt;

&lt;h3&gt;
  
  
  2c. Route DNS
&lt;/h3&gt;

&lt;p&gt;cloudflared tunnel route dns hermes-tunnel hermes-api.yourdomain.com&lt;/p&gt;

&lt;h3&gt;
  
  
  2d. Configure the Tunnel
&lt;/h3&gt;

&lt;p&gt;Create ~/.cloudflared/config.yml:&lt;/p&gt;

&lt;p&gt;tunnel: &lt;br&gt;
credentials-file: /home/ubuntu/.cloudflared/.json&lt;/p&gt;

&lt;p&gt;ingress:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;hostname: hermes-api.yourdomain.com
service: &lt;a href="http://localhost:8642" rel="noopener noreferrer"&gt;http://localhost:8642&lt;/a&gt;
&lt;/li&gt;
&lt;li&gt;hostname: hermes-webui.yourdomain.com
service: &lt;a href="http://localhost:8787" rel="noopener noreferrer"&gt;http://localhost:8787&lt;/a&gt;
&lt;/li&gt;
&lt;li&gt;service: http_status:404&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Run it:&lt;/p&gt;

&lt;p&gt;cloudflared tunnel run hermes-tunnel&lt;/p&gt;

&lt;p&gt;Or install as a systemd service:&lt;/p&gt;

&lt;p&gt;sudo cloudflared service install&lt;/p&gt;

&lt;h3&gt;
  
  
  2e. Tunnel → Nginx Proxy Manager
&lt;/h3&gt;

&lt;p&gt;If using NPM, point the tunnel at localhost:80 instead:&lt;/p&gt;

&lt;p&gt;ingress:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;hostname: hermes-api.yourdomain.com
service: &lt;a href="http://localhost:80" rel="noopener noreferrer"&gt;http://localhost:80&lt;/a&gt;
&lt;/li&gt;
&lt;li&gt;service: http_status:404&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Then in NPM, add a proxy host:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Domain: hermes-api.yourdomain.com&lt;/li&gt;
&lt;li&gt;Forward to: &lt;a href="http://127.0.0.1:8642" rel="noopener noreferrer"&gt;http://127.0.0.1:8642&lt;/a&gt;
&lt;/li&gt;
&lt;li&gt;Enable Websockets&lt;/li&gt;
&lt;li&gt;SSL tab → Cloudflare Origin Certificate&lt;/li&gt;
&lt;li&gt;Cloudflare SSL/TLS → Full (strict)&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  Step 3: Cloudflare Access - Service Token
&lt;/h2&gt;

&lt;div class="table-wrapper-paragraph"&gt;&lt;table&gt;
&lt;thead&gt;
&lt;tr&gt;
&lt;th&gt;Mode&lt;/th&gt;
&lt;th&gt;How it works&lt;/th&gt;
&lt;th&gt;Use for&lt;/th&gt;
&lt;/tr&gt;
&lt;/thead&gt;
&lt;tbody&gt;
&lt;tr&gt;
&lt;td&gt;Allow&lt;/td&gt;
&lt;td&gt;Redirects to OAuth (Google, GitHub, etc.)&lt;/td&gt;
&lt;td&gt;Browser users&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Service Auth&lt;/td&gt;
&lt;td&gt;Validates static headers&lt;/td&gt;
&lt;td&gt;Apps, APIs, scripts&lt;/td&gt;
&lt;/tr&gt;
&lt;/tbody&gt;
&lt;/table&gt;&lt;/div&gt;

&lt;h3&gt;
  
  
  3a. Create the Service Token
&lt;/h3&gt;

&lt;p&gt;Cloudflare Zero Trust Dashboard → Access → Service Auth → Create Service Token&lt;br&gt;
Name it hermex-ios.&lt;br&gt;
Copy the Client ID and Client Secret immediately.&lt;/p&gt;

&lt;h3&gt;
  
  
  3b. Create the Access Application
&lt;/h3&gt;

&lt;p&gt;Access → Applications → Add an application → Self-hosted → set domain&lt;br&gt;
Add a policy with:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Action: Service Auth ← NOT "Allow"&lt;/li&gt;
&lt;li&gt;Select the hermex-ios service token&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Save. Cloudflare now accepts requests with the correct headers.&lt;/p&gt;

&lt;h2&gt;
  
  
  Step 4: Configure Hermex
&lt;/h2&gt;

&lt;p&gt;On your iPhone:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Instance URL: &lt;a href="https://hermes-api.yourdomain.com" rel="noopener noreferrer"&gt;https://hermes-api.yourdomain.com&lt;/a&gt;
&lt;/li&gt;
&lt;li&gt;Custom Header 1: CF-Access-Client-Id: &lt;/li&gt;
&lt;li&gt;Custom Header 2: CF-Access-Client-Secret: &lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Press connect.&lt;/p&gt;

&lt;h2&gt;
  
  
  Why This Works
&lt;/h2&gt;

&lt;p&gt;Service Tokens are designed for machine-to-machine auth. Cloudflare's edge reads CF-Access-Client-Id and CF-Access-Client-Secret headers on every request and validates before anything reaches your tunnel. The app never sees a login page. Same pattern as CI/CD pipelines and Terraform - just works for iOS too.&lt;/p&gt;

&lt;h2&gt;
  
  
  What About mTLS?
&lt;/h2&gt;

&lt;p&gt;mTLS would be ideal but iOS support is painful. No native NSURLSession support without painful workarounds, certificate distribution is a UX nightmare, renewal and revocation need custom code.&lt;/p&gt;

&lt;p&gt;Service Tokens give the same "pre-shared credential at the edge" model over HTTP headers instead of TLS handshakes.&lt;/p&gt;

&lt;h2&gt;
  
  
  Troubleshooting
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Cloudflare login page&lt;/strong&gt; → Policy set to Allow instead of Service Auth&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;401 Unauthorized&lt;/strong&gt; → Header spelling wrong (case-sensitive)&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;502 Bad Gateway&lt;/strong&gt; → tunnel/NPM can't reach the backend&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Connection timeout&lt;/strong&gt; → Tunnel not running or DNS not proxied&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Quick health check:&lt;br&gt;
systemctl status cloudflared&lt;br&gt;
curl localhost:8642/health&lt;br&gt;
dig hermes-api.yourdomain.com +short&lt;/p&gt;

&lt;h2&gt;
  
  
  Alternative: Tailscale
&lt;/h2&gt;

&lt;p&gt;curl -fsSL &lt;a href="https://tailscale.com/install.sh" rel="noopener noreferrer"&gt;https://tailscale.com/install.sh&lt;/a&gt; | sh&lt;br&gt;
sudo tailscale up&lt;br&gt;
hermeslink config set lanHost "100.x.x.x"&lt;/p&gt;

&lt;p&gt;Works over WireGuard. Downside: VPN needed every time.&lt;/p&gt;

&lt;h2&gt;
  
  
  Conclusion
&lt;/h2&gt;

&lt;p&gt;Cloudflare Access Service Tokens are the missing piece for authenticating native apps behind Cloudflare. With Hermex's custom header support, this takes about 10 minutes if you already have the tunnel running.&lt;/p&gt;

</description>
      <category>hermes</category>
      <category>ai</category>
      <category>cloudflare</category>
      <category>hermesagent</category>
    </item>
    <item>
      <title>I built multi-model orchestration as a Hermes skill - Polybrain</title>
      <dc:creator>Moses Man</dc:creator>
      <pubDate>Sat, 30 May 2026 00:26:56 +0000</pubDate>
      <link>https://dev.to/mosesman831/i-built-multi-model-orchestration-as-a-hermes-skill-3j6h</link>
      <guid>https://dev.to/mosesman831/i-built-multi-model-orchestration-as-a-hermes-skill-3j6h</guid>
      <description>&lt;p&gt;Most AI pipelines use one model for everything.&lt;/p&gt;

&lt;p&gt;One model plans the task, does the research, writes the answer, and checks its own work. That's like hiring one person to be your strategist, researcher, analyst, and auditor simultaneously. It doesn't scale - and more importantly, the model has no one to disagree with it.&lt;/p&gt;

&lt;p&gt;PolyBrain is my answer to that. It's an open-source multi-agent, multi-model orchestration skill for Hermes Agent. You give it an objective, it breaks the work into roles, runs them in parallel where it can, synthesizes the outputs, and verifies every claim against its cited sources before it reaches you.&lt;/p&gt;

&lt;p&gt;Here's what that looks like end to end.&lt;/p&gt;




&lt;h2&gt;
  
  
  The pipeline
&lt;/h2&gt;



&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;Objective -&amp;gt; Orchestrator -&amp;gt; [Researcher 1 + Researcher 2 + Builder] -&amp;gt; Synthesizer -&amp;gt; Verifier -&amp;gt; Final Answer
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Five distinct roles. Each one does exactly one thing:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Orchestrator&lt;/strong&gt; - reads the objective, decomposes it into a JSON task plan, assigns roles&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Researcher&lt;/strong&gt; - web search and citations - no uncited claims allowed&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Builder&lt;/strong&gt; - code, terminal, and file operations&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Synthesizer&lt;/strong&gt; - merges all outputs into a single coherent deliverable&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Verifier&lt;/strong&gt; - checks every claim against its source, returns PASS/FAIL per claim&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;The parallel phase is where the time savings come from. Researcher 1 and Researcher 2 run at the same time. The Synthesizer only fires once both are done. The Verifier runs last.&lt;/p&gt;




&lt;h2&gt;
  
  
  What makes it different
&lt;/h2&gt;

&lt;h3&gt;
  
  
  Different models per role
&lt;/h3&gt;

&lt;p&gt;This is the part most orchestration frameworks don't do.&lt;/p&gt;

&lt;p&gt;In &lt;code&gt;config.yaml&lt;/code&gt; you assign a different model and provider to each role. Researcher gets a cheaper, faster model. Verifier gets a stronger one. Orchestrator gets whatever you trust most for structured JSON output.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight yaml"&gt;&lt;code&gt;&lt;span class="na"&gt;models&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
  &lt;span class="na"&gt;orchestrator&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s2"&gt;"&lt;/span&gt;&lt;span class="s"&gt;your-model"&lt;/span&gt;
  &lt;span class="na"&gt;researcher&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s2"&gt;"&lt;/span&gt;&lt;span class="s"&gt;your-model"&lt;/span&gt;
  &lt;span class="na"&gt;builder&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s2"&gt;"&lt;/span&gt;&lt;span class="s"&gt;your-model"&lt;/span&gt;
  &lt;span class="na"&gt;synthesizer&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s2"&gt;"&lt;/span&gt;&lt;span class="s"&gt;your-model"&lt;/span&gt;
  &lt;span class="na"&gt;verifier&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s2"&gt;"&lt;/span&gt;&lt;span class="s"&gt;your-model"&lt;/span&gt;
  &lt;span class="na"&gt;fallback&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s2"&gt;"&lt;/span&gt;&lt;span class="s"&gt;your-model"&lt;/span&gt;

&lt;span class="na"&gt;settings&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
  &lt;span class="na"&gt;max_parallel&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="m"&gt;3&lt;/span&gt;
  &lt;span class="na"&gt;timeout_sec&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="m"&gt;300&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;You decide what goes where. PolyBrain doesn't prescribe it - because the right answer depends on what you're running, what you're paying, and what you actually trust.&lt;/p&gt;

&lt;h3&gt;
  
  
  Citation enforcement
&lt;/h3&gt;

&lt;p&gt;Researchers are required to include URLs. Uncited claims don't make it to the Synthesizer - they're dropped at the source. This isn't a soft suggestion in the prompt. It's structural: the Verifier checks each surviving claim against its cited source and returns a verdict.&lt;/p&gt;

&lt;p&gt;In the example run below, the Verifier caught a real data discrepancy in Azure revenue figures. That's the point - you want something that pushes back.&lt;/p&gt;

&lt;h3&gt;
  
  
  Artifact logging
&lt;/h3&gt;

&lt;p&gt;Every run saves a timestamped folder:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;.hermes/plans/polybrain/20260528_191548/
├── orchestrator.json
├── task_t1.md
├── task_t2.md
├── synthesis.md
└── verification.md
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;You can audit exactly what each role produced and why the final answer looks the way it does.&lt;/p&gt;




&lt;h2&gt;
  
  
  A real example
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;Objective:&lt;/strong&gt; "Create a market brief on Apple with three bullets on revenue trends and two competitors."&lt;/p&gt;

&lt;p&gt;The Orchestrator decomposes this into four tasks - two parallel researchers, a synthesizer, a verifier.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;t1 (Researcher)&lt;/strong&gt; - revenue trends - pulls from SEC filings and Apple Newsroom. Returns three years of top-line figures ($383.3B -&amp;gt; $391.0B - $416.2B) with a source URL for each.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;t2 (Researcher)&lt;/strong&gt; - competitor profiles - Samsung (hardware/smartphones) and Microsoft (cloud/AI). Revenue context and competitive positioning, all cited.&lt;/p&gt;

&lt;p&gt;Both run at the same time.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;t3 (Synthesizer)&lt;/strong&gt; - merges both outputs into a clean brief. Preserves inline citations. Drops anything uncited.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;t4 (Verifier)&lt;/strong&gt; - checks every claim against its source. Flags a mismatch in a competitor cloud revenue figure, provides the corrected bullet with evidence.&lt;/p&gt;

&lt;p&gt;Total runtime: ~4 minutes. Parallel research phase: ~2 minutes.&lt;/p&gt;




&lt;h2&gt;
  
  
  Getting started
&lt;/h2&gt;



&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;&lt;span class="c"&gt;# Clone into your Hermes skills folder&lt;/span&gt;
git clone &lt;span class="nt"&gt;--depth&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;1 https://github.com/mosesman831/PolyBrain.git /tmp/polybrain
&lt;span class="nb"&gt;cp&lt;/span&gt; &lt;span class="nt"&gt;-r&lt;/span&gt; /tmp/polybrain ~/.hermes/skills/research/polybrain

&lt;span class="c"&gt;# Edit config.yaml with your model aliases&lt;/span&gt;
&lt;span class="c"&gt;# Then validate it&lt;/span&gt;
python ~/.hermes/skills/research/polybrain/scripts/validate_config.py
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Then just tell Hermes what you want:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;Use PolyBrain to research Apple's latest earnings and competitors
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Hermes loads the skill. PolyBrain handles the rest.&lt;/p&gt;




&lt;h2&gt;
  
  
  What it doesn't do (yet)
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;No persistent state across runs - if it crashes mid-run, you restart from scratch. Hermes Kanban handles durable state natively but PolyBrain doesn't plug into it yet.&lt;/li&gt;
&lt;li&gt;Some models hang in subagent calls - test with &lt;code&gt;hermes chat -q "ping" -m your-model&lt;/code&gt; before committing a model to a role.&lt;/li&gt;
&lt;li&gt;Verifier can occasionally truncate numbers - PASS/FAIL verdicts are structurally correct but some models strip leading digits from dollar amounts in the report text.&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  Why I built it this way
&lt;/h2&gt;

&lt;p&gt;Single-model pipelines have a ceiling. The model can't critique itself meaningfully. There's no disagreement, no verification layer, no separation between "the thing that did the research" and "the thing that checks the research."&lt;/p&gt;

&lt;p&gt;PolyBrain is built around the idea that different roles benefit from different models - and that the value of an orchestration layer is precisely that it enforces structure the models themselves wouldn't maintain.&lt;/p&gt;

&lt;p&gt;It's a Hermes skill, it's config-driven, it's open source. If you're running Hermes Agent and want to try it:&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;GitHub:&lt;/strong&gt; &lt;a href="https://github.com/mosesman831/PolyBrain" rel="noopener noreferrer"&gt;github.com/mosesman831/PolyBrain&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Feedback welcome - especially if you find models that work well for specific roles.&lt;/p&gt;




&lt;p&gt;&lt;em&gt;This article was written with the help of AI, based on my own docs, config, and terminal output.&lt;/em&gt;&lt;/p&gt;




&lt;p&gt;Made with ❤️ by LatticeAG&lt;/p&gt;

</description>
      <category>ai</category>
      <category>agentskills</category>
      <category>agents</category>
      <category>hermes</category>
    </item>
  </channel>
</rss>
