feat: v1.0.0 — profiles, knowledge browser, MCP settings, skills hub, eslint

feat: add Knowledge, Profiles, MCP settings, and skills hub upgrades

Author: outsourc-e

.github/workflows/security.yml

@@ -68,4 +68,3 @@ jobs:
           fi
 
           echo "✅ No obvious secret patterns found"
-

.gitignore

@@ -136,3 +136,5 @@ __pycache__/
 
 .env.docker
 .env.bak
+.runtime/
+workspace-final-markdown-review.md

CONTRIBUTING.md

@@ -50,4 +50,3 @@ See `.env.example` for all options. Key ones:
 - **Describe what you changed** — clear PR title + description
 - **No secrets** — never commit API keys, tokens, or passwords
 - **Follow existing patterns** — match the code style you see
-

FEATURES-INVENTORY.md

@@ -1,4 +1,5 @@
 # FUTURE-FEATURES.md — Post-Roadmap Development
+
 _Added: 2026-03-09 | Source: Framework research (Anthropic Skills guide, OpenAI Agents SDK, Google ADK)_
 
 These features are NOT part of the initial roadmap. Build them AFTER the v4 mockup is 100% complete and verified.
@@ -8,44 +9,51 @@ These features are NOT part of the initial roadmap. Build them AFTER the v4 mock
 ## 🔴 High Priority (unlocks "App Factory" overnight runs)
 
 ### 1. Iterative Refinement Loop
+
 **What:** Verification doesn't stop at one tsc pass. Loop: run tsc → errors? → send back to agent → fix → re-run. Max 3 iterations before escalating to human review.
 **Why:** Anthropic explicitly identifies this as the pattern that makes agents reliable. Current single-pass fails silently.
 **Where:** `workspace-daemon/src/verification.ts` + `checkpoint-builder.ts`
 **Pattern source:** Anthropic Skills Guide — "Iterative Refinement" design pattern
 
 ### 2. Agent Handoffs (Context Passing Between Agents)
+
 **What:** When one agent finishes a wave, it passes structured context (git diff, error log, what it built, what it skipped) to the next agent. No more blind starts.
 **Why:** Current agents start each task cold. Handoffs are first-class in OpenAI Agents SDK — explicit control transfer with context. This is what keeps overnight runs coherent.
 **Where:** New `workspace-daemon/src/handoff.ts`, update adapter interfaces
 **Pattern source:** OpenAI Agents SDK — "Handoffs" primitive
 
 ### 3. Specialized Agent Roles
+
 **What:** Replace generic Codex adapter with role-specific agents:
+
 - **Researcher** — reads codebase, produces spec/context doc
 - **Planner** — takes spec, produces task breakdown with deps
 - **Builder** — executes tasks (Codex)
 - **Validator** — runs tsc, tests, reviews diff
 - **Deployer** — git ops, PR creation, notifications
-**Why:** The "App Factory" screenshot runs specialized roles. Generic agents miss domain context.
-**Where:** `workspace-daemon/src/adapters/` — one file per role
-**Pattern source:** Anthropic Skills — "Domain-specific intelligence" + App Factory pattern
+  **Why:** The "App Factory" screenshot runs specialized roles. Generic agents miss domain context.
+  **Where:** `workspace-daemon/src/adapters/` — one file per role
+  **Pattern source:** Anthropic Skills — "Domain-specific intelligence" + App Factory pattern
 
 ---
 
 ## 🟡 Medium Priority
 
 ### 4. Parallel Guardrails (tsc watcher during agent run)
+
 **What:** Run tsc in watch mode alongside Codex, not just after. Flag errors in real-time without waiting for checkpoint.
 **Why:** OpenAI SDK runs guardrails in parallel with the agent — catches issues without blocking the main flow.
 **Where:** New process spawned alongside agent in `agent-runner.ts`
 **Pattern source:** OpenAI Agents SDK — "Guardrails" primitive
 
 ### 5. Rollback on Checkpoint Rejection
+
 **What:** When a checkpoint is rejected, auto-revert to pre-task git state rather than leaving dirty code in tree.
 **Why:** Currently a rejection leaves broken code that the next agent inherits.
 **Where:** `workspace-daemon/src/git-ops.ts` — add `revertToCheckpoint()` method
 
 ### 6. Context-Aware Tool Selection
+
 **What:** Agent routing logic that picks different tools based on file size, task type, and context. Large refactors → Codex. Small surgical fixes → Claude ACP session. Research tasks → Claude with web search.
 **Pattern source:** Anthropic Skills — "Context-aware tool selection" pattern
 
@@ -54,30 +62,33 @@ These features are NOT part of the initial roadmap. Build them AFTER the v4 mock
 ## 🔵 Lower Priority (Enterprise / Scale)
 
 ### 7. Session Persistence Surfaced to Agents
+
 **What:** Pass previous run context (what worked, what failed, git history) to agent at start of each task. Agents currently start blind even when re-running.
 **Where:** Update adapter `buildPrompt()` to include run history from SQLite
 
 ### 8. Progressive Skill Loading for Agent Prompts
+
 **What:** Agent system prompts use Anthropic's 3-level progressive disclosure — minimal header always loaded, full instructions only when triggered, reference docs on demand.
 **Why:** Keeps context lean when running many agents in parallel.
 **Pattern source:** Anthropic Skills Guide — core architecture
 
 ### 9. Skills Marketplace / Agent Skill Definitions
+
 **What:** Define agent "skills" as portable SKILL.md-style files that can be shared, versioned, and swapped. A "React Builder" skill vs "Python API Builder" skill.
 **Pattern source:** Anthropic agentskills.io open standard
 
 ---
 
 ## Summary Table
 
-| Feature | Impact | Effort | Priority |
-|---------|--------|--------|----------|
-| Iterative refinement loop | 🔥 High | Low | Do first |
-| Agent handoffs | 🔥 High | Med | Do second |
-| Specialized agent roles | 🔥 High | High | Do third |
-| Parallel guardrails | Med | Med | After roles |
-| Rollback on rejection | Med | Low | After roles |
-| Context-aware tool selection | Med | High | Later |
-| Session persistence | Low | Low | Later |
-| Progressive skill loading | Low | Med | Later |
-| Skills marketplace | Low | High | Much later |
+| Feature                      | Impact  | Effort | Priority    |
+| ---------------------------- | ------- | ------ | ----------- |
+| Iterative refinement loop    | 🔥 High | Low    | Do first    |
+| Agent handoffs               | 🔥 High | Med    | Do second   |
+| Specialized agent roles      | 🔥 High | High   | Do third    |
+| Parallel guardrails          | Med     | Med    | After roles |
+| Rollback on rejection        | Med     | Low    | After roles |
+| Context-aware tool selection | Med     | High   | Later       |
+| Session persistence          | Low     | Low    | Later       |
+| Progressive skill loading    | Low     | Med    | Later       |
+| Skills marketplace           | Low     | High   | Much later  |

FUTURE-FEATURES.md

@@ -6,7 +6,7 @@
 
 **Your AI agent's command center — chat, files, memory, skills, and terminal in one place.**
 
-[![Version](https://img.shields.io/badge/version-0.1.0-6366F1.svg)](CHANGELOG.md)
+[![Version](https://img.shields.io/badge/version-1.0.0-6366F1.svg)](CHANGELOG.md)
 [![License](https://img.shields.io/badge/license-MIT-blue.svg)](LICENSE)
 [![Node](https://img.shields.io/badge/node-%3E%3D22.0.0-brightgreen.svg)](https://nodejs.org/)
 [![PRs Welcome](https://img.shields.io/badge/PRs-welcome-6366F1.svg)](CONTRIBUTING.md)
@@ -132,7 +132,7 @@ Route through the Hermes gateway for sessions, memory, skills, jobs, and tools:
 
 ```yaml
 provider: ollama
-model: qwen2.5:7b  # or any model you have pulled
+model: qwen2.5:7b # or any model you have pulled
 custom_providers:
   - name: ollama
     base_url: http://127.0.0.1:11434/v1

README.md

@@ -6,7 +6,7 @@ If you discover a security vulnerability in Hermes Workspace, please report it r
 
 **Do NOT open a public GitHub issue for security vulnerabilities.**
 
-Instead, email: **security@hermesworkspace.app**
+Instead, report via [GitHub Security Advisories](https://github.com/outsourc-e/hermes-workspace/security/advisories) or DM [@ericousodev on X](https://x.com/ericousodev).
 
 We will acknowledge your report within 48 hours and aim to provide a fix within 7 days for critical issues.
 
@@ -28,28 +28,33 @@ We will acknowledge your report within 48 hours and aim to provide a fix within
 ## Security Measures (v3.0.0+)
 
 **Authentication**
+
 - All API routes require authentication as of v3.0.0
 - Session tokens use timing-safe comparison to prevent timing attacks
 - httpOnly + SameSite=Strict cookies
 - Token revocation on logout
 
 **Network**
+
 - `Access-Control-Allow-Origin` restricted to localhost — no wildcard CORS
 - Browser proxy and screenshot endpoints locked to same-origin only
 - Rate limiting on high-risk endpoints (file access, debug, exec)
 
 **Data & File Access**
+
 - Path traversal prevention on all file and memory routes (`ensureWorkspacePath()`)
 - `.md`-only restriction on memory write routes
 - No API keys or secrets ever exposed to client-side code
 - Hermes tokens are server-side only
 - Diagnostic output scrubbed of sensitive data
 
 **Agent Safety**
+
 - Exec approval workflow — sensitive Hermes exec commands require explicit human approval via in-UI modal
 - Skills security scanning — every skill from the marketplace is scanned for suspicious patterns before install
 
 **Configuration**
+
 - Environment files are gitignored
 - Config endpoints redact credentials in responses
 - Example configs use placeholder keys only
@@ -69,9 +74,8 @@ We will acknowledge your report within 48 hours and aim to provide a fix within
 
 ## Supported Versions
 
-| Version | Supported |
-|---------|-----------|
-| v3.x (main) | ✅ Active |
-| v2.x | ⚠️ Security fixes only |
-| < v2.0 | ❌ Unsupported |
-
+| Version     | Supported              |
+| ----------- | ---------------------- |
+| v3.x (main) | ✅ Active              |
+| v2.x        | ⚠️ Security fixes only |
+| < v2.0      | ❌ Unsupported         |

SECURITY.md

@@ -12,4 +12,4 @@ RUN pip install --no-cache-dir -e .
 
 EXPOSE 8642
 
-CMD ["hermes", "--gateway"]
+CMD ["hermes", "gateway", "run"]

docker/agent/Dockerfile

@@ -37,7 +37,7 @@ We want to reverse that.
 This is the decision to lock in:
 
 > **Hermes Workspace must work standalone against any OpenAI-compatible backend.**
-> 
+>
 > Hermes-specific workspace features may enhance the experience when the full Hermes API is available, but the product must remain usable without those endpoints.
 
 Non-negotiable implication:
@@ -365,9 +365,9 @@ This is not the detailed task plan, but the engineering direction should be:
 Lock this in:
 
 > Hermes Workspace is a standalone frontend for OpenAI-compatible chat backends.
-> 
+>
 > Hermes-native APIs are an enhancement layer, not a requirement.
-> 
+>
 > Step 1 is portable compatibility now.
-> 
+>
 > Step 2 is upstreaming the enhanced Hermes APIs so no fork is needed ever again.

docs/hermes-openai-compat-spec.md

@@ -8,5 +8,3 @@ export default [
     ignores: ['eslint.config.js', 'prettier.config.js', 'vite.config.ts'],
   },
 ]
-
-