Orchestration & Rules

Operational governance layer: multi-agent coordination, IDE conventions, repository context, task directives, and hardcoded safety gates.

AGENTS 🤖 Ego Playbook

Codebase architecture, multi-agent coordination rules, and mandatory boot/memory sequences.

Agent Types

Type	Role	Spawn Method	Autonomy
Primary	Main hermes-agent (this instance)	Gateway startup	Full
Subagent (leaf)	Isolated reasoning task	`delegate_task`	Task-scoped
Subagent (orchestrator)	Coordinates multiple leaves	`delegate_task(role='orchestrator')`	Workflow-scoped
Cron Agent	Scheduled autonomous run	`cronjob`	Prompt-scoped
Skill Agent	Skill-execution context	Skill invocation	Skill-scoped

Coordination Rules

1
2
3
4
5
6
coordination:
  max_concurrent_children: 3
  max_spawn_depth: 1  # No nested delegation
  orchestrator_enabled: false
  context_isolation: true  # Subagents know nothing of parent
  verification_required: true  # All external side-effects must return handles

Mandatory Boot Sequence

1
2
3
4
5
6
7
8
graph TD
    A[Gateway Start] --> B[Load config.yaml]
    B --> C[Source ~/.hermes/.env]
    C --> D[Load pinned skills]
    D --> E[Inject MEMORY]
    E --> F[Inject USER profile]
    F --> G[Verify IDENTITY_HASH]
    G --> H[Ready]

Memory Injection Protocol

Every agent turn receives:

MEMORY (semantic base) — full
USER profile — full
IDENTITY_HASH markers — full
Recent FEEDBACK-LOG — last 5 entries
Active PLAN — current goal state

CLAUDE 📜 Cascading Conventions

IDE/directory-scoped guidelines for build steps, testing, and linting (loads local > global).

Hierarchy

1
2
3
4
5
6
7
8
9
Global (~/.claude/CLAUDE.md)
    │
    ├─ Project (~/.hermes/hermes-agent/CLAUDE.md)
    │
    ├─ Project (~/hugo-llm-wiki/CLAUDE.md)
    │
    ├─ Project (~/svelte-flexiboards-dashboard/CLAUDE.md)
    │
    └─ Project (~/.hermes/plugins/omp-suite/CLAUDE.md)

Convention Categories

Category	Scope	Example
Build	Per-project	`hugo --minify`, `npm run build`, `cargo build --release`
Test	Per-project	`pytest -n 4`, `vitest run`, `cargo test`
Lint	Per-project	`ruff check`, `eslint .`, `cargo clippy`
Format	Per-project	`ruff format`, `prettier --write`, `cargo fmt`
Typecheck	Per-project	`pyright`, `tsc --noEmit`, `cargo check`

Loading Protocol

Search upward from working directory for CLAUDE.md
Merge: global → project → subdirectory (last wins)
Apply to all terminal/execute_code operations in that context

CONTEXT 🌐 Background Scope

General repository background and project scope discovered upward from working directory.

Discovery Process

1
2
# On session start or workdir change
find . -maxdepth 3 -name "README*" -o -name "AGENTS.md" -o -name "CLAUDE.md" -o -name ".cursorrules" | head -20

Context Package

Element	Source	Injected
Project type	package.json, Cargo.toml, go.mod, pyproject.toml	Yes
Architecture	ARCHITECTURE.md, docs/architecture/	Yes
Conventions	CLAUDE.md, .cursorrules, AGENTS.md	Yes
Scripts	package.json scripts, Makefile, justfile	Yes
Dependencies	lock files, requirements.txt	Summary only

guidelines ⚖️ Task Directives

Technical instructions nested in .junie/ defining exactly how the agent updates checklists.

Structure

1
2
3
4
5
.junie/
├── guidelines.md          # Master directives
├── checklist-updates.md   # How to modify tasks
├── verification.md        # Verification standards
└── handoff.md             # Subagent handoff protocol

Core Directives

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
# .junie/guidelines.md

## Checklist Updates
- Only ONE item `in_progress` at a time
- Mark `completed` IMMEDIATELY when done
- If failed → `cancelled` + add revised item
- Never batch-complete without verification

## Verification Standards
- External writes: return handle (URL, path, HTTP status)
- Verify handle before reporting success
- Internal state: read back to confirm

## Subagent Handoff
- Pass ALL context: paths, errors, constraints
- Specify language/tone if non-English
- Require verifiable handles in summary

OPS 🔧 Protocol Gates

Hardcoded operational boundaries, credentials, and safety validation checks for execution.

Hard Boundaries

Gate	Check	Action on Fail
Model Config	Valid provider/model in config.yaml	Fallback to owl-alpha
Env Sourcing	`source ~/.hermes/.env` in cron	Abort with error
Token Safety	No token-like strings in execute_code	Write file → python3 /tmp/x.py
Background Life	`notify_on_complete=true` for bounded bg	Warn, auto-convert
Cross-Profile	`cross_profile=true` required for other profiles	Block with warning
Skill Pinning	Pinned skills need `hermes curator unpin`	Refuse delete

Credential Handling

1
2
3
4
5
# NEVER in execute_code heredocs
# ALWAYS via Python env=dict
import os
env = {k: v for k, v in (line.split('=', 1) for line in open('.env'))}
subprocess.run(cmd, env={**os.environ, **env})

Safety Validation Checklist

No secrets in terminal output
Cron jobs source .env
Subagents verify external writes
Memory writes are declarative facts
Skill patches address root cause
Deploy verified via live URL check

Cross-References

Identity Anchors → SOUL constraints bind all AGENTS
Mutable Memory → SESSION_LOG feeds AGENTS boot
Capabilities → SKILL executes within OPS gates
Autonomic → BOOT runs AGENTS boot sequence
Spec-Driven → guidelines drive tasks execution

Orchestration & Rules is the constitutional layer — it governs HOW the system operates, not WHAT it knows.