Hermes debug sharing needs a privacy check before uploads
The most broadly relevant fresh Hermes item is a diagnostics privacy risk. Issue #22016 says `hermes debug share` can create logs with prompt snippets, user names, tool outputs, and other personal data, then expose them through public paste URLs when users attach reports. PR #22139 responds by requiring an explicit `Upload debug report? [y/N]` confirmation before any data is sent, keeping automation available through `--yes` but making the default answer “No”.
Debug bundles are where agent systems quietly leak the most sensitive context: prompts, memory, usernames, file paths, tool output, and channel traces. A one-command public upload can turn a support workflow into a privacy incident, especially for always-on agents connected to personal or work channels.
- Hermes issue #22016 reports that `hermes debug share` logs contain prompt snippets, user information, and other personal data exposed through public URLs
- The report argues that debug data should be redacted by default or moved through a secure channel with clear warnings before generation and upload
- Hermes PR #22139 says the command currently prints a privacy notice but proceeds to upload without requiring explicit confirmation
- The PR adds an `Upload debug report? [y/N]` prompt, makes decline/EOF/KeyboardInterrupt abort, keeps `-y/--yes` for automation, and adds regression tests showing no upload when the user declines
- The fix is PR-stage at the time of aggregation, not yet a tagged Hermes release
- Even with an upload prompt, generated local logs may still contain sensitive content and should be reviewed before sharing
- Automation that uses `--yes` must add its own redaction and destination controls rather than treating the flag as safe by itself