Implements the bootstrap path for ADR-0013 — MCP-client allow-list for bundled agents.
Scope
In installer/agents/hermes.sh:
- Create
/var/lib/hal0/agents/hermes/workspace/ with correct perms (hal0:hal0, 0750).
- Write
/etc/hal0/agents/hermes.toml with:
hal0-admin + hal0-memory (builtin = true).- One external MCP wired by default — filesystem MCP scoped to the workspace — satisfies the v0.3 ships-when criterion "at least one MCP-client external source connectable from a bundled agent" (PLAN §1).
- Schema-version = 1, default
tools.allow / tools.gated populated per ADR §6.
In the Hermes bootstrap state machine (per hermes-bootstrap-plan-2026-05-23.md):
mcp_wire phase reads this file, registers connections with Hermes's MCP client, proceeds.- Failure to connect to a non-builtin MCP logs + continues (does NOT fail bootstrap).
Acceptance
installer/agents/hermes.sh is idempotent (re-run preserves user edits to TOML).- Hermes bootstrap on a fresh LXC results in a working filesystem MCP reachable from Hermes.
- δ harness row covers the install → MCP-reachable round-trip.
Depends on
Implements the bootstrap path for ADR-0013 — MCP-client allow-list for bundled agents.
Scope
In
installer/agents/hermes.sh:/var/lib/hal0/agents/hermes/workspace/with correct perms (hal0:hal0, 0750)./etc/hal0/agents/hermes.tomlwith:hal0-admin+hal0-memory(builtin = true).tools.allow/tools.gatedpopulated per ADR §6.In the Hermes bootstrap state machine (per
hermes-bootstrap-plan-2026-05-23.md):mcp_wirephase reads this file, registers connections with Hermes's MCP client, proceeds.Acceptance
installer/agents/hermes.shis idempotent (re-run preserves user edits to TOML).Depends on