lolcreds

Public credential defaults and exposure patterns for authorized security testing.

Hermes Agent

Nous Researchother6 credentials

Credentials6 documented
01

LLM Provider API Key

hermes-agent / provider-api-key

Hermes Agent can use API keys for OpenRouter, Anthropic, OpenAI, Google Gemini, Groq, DeepSeek, xAI, Hugging Face, MiniMax, Mistral, Fireworks, Together, and other model providers. These keys allow model inference and may grant billing access or access to provider-hosted resources.

user definedsecretAPI key

Looks like

example
example

OpenRouter API key used by Hermes when OPENROUTER_API_KEY is configured.

sk-or-v1-XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
example

Anthropic Console API key accepted by Hermes Anthropic providers.

sk-ant-api03-XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
example

Hugging Face token accepted by Hermes when HF_TOKEN is configured.

hf_XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
example

Groq API key accepted by Hermes when GROQ_API_KEY is configured.

gsk_XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
example

Google API key accepted by Hermes Gemini providers.

AIzaSyXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Location

environment
OPENROUTER_API_KEY, ANTHROPIC_API_KEY, OPENAI_API_KEY, GOOGLE_API_KEY, GEMINI_API_KEY, GROQ_API_KEY, DEEPSEEK_API_KEY, XAI_API_KEY, HF_TOKEN, MISTRAL_API_KEY, MINIMAX_API_KEY, MINIMAX_CN_API_KEY, DASHSCOPE_API_KEY, GLM_API_KEY, ZAI_API_KEY, Z_AI_API_KEY, KIMI_API_KEY, KIMI_CODING_API_KEY, KIMI_CN_API_KEY, FIREWORKS_API_KEY, TOGETHER_API_KEY, PERPLEXITY_API_KEY, NVIDIA_API_KEY, NOVITA_API_KEY, ARCEEAI_API_KEY, GMI_API_KEY, STEPFUN_API_KEY, TOKENHUB_API_KEY, KILOCODE_API_KEY, XIAOMI_API_KEY, UPSTAGE_API_KEY, AZURE_FOUNDRY_API_KEY, LM_API_KEY, OLLAMA_API_KEY, OPENCODE_ZEN_API_KEY, OPENCODE_GO_API_KEY
config file
~/.hermes/.env, ~/.hermes/config.yaml

Linux/macOS Hermes environment and configuration files containing provider API keys or provider-specific api_key values.

config file
%USERPROFILE%\.hermes\.env, %USERPROFILE%\.hermes\config.yaml

Windows Hermes environment and configuration files containing provider API keys or provider-specific api_key values.

config file
.env, config.yaml

Project-local Hermes or development configuration files; lower-confidence fallback scan targets.

secret store

Password managers, shell secret stores, CI/CD variables, and external vaults used to inject Hermes provider credentials.

logs
~/.hermes/logs, %USERPROFILE%\.hermes\logs

Hermes logs may accidentally capture provider configuration or failed authentication context.

Notes

Provider keys are not Hermes-specific formats; scanner confidence should combine known provider env var names, config keys, and provider-specific token shapes. Base URL and endpoint override variables are intentionally omitted from the environment location unless they contain credential material.

02

OAuth Credential Pool Token

hermes-agent / oauth-credential-pool

Hermes stores OAuth-based provider credentials and credential pools for providers such as Nous Portal, OpenAI Codex, Anthropic/Claude, Qwen OAuth, xAI/SuperGrok, and similar sign-in flows. The credential pool can allow model access without a raw API key.

generated on installuser definedsecrettoken

Looks like

example
example

GitHub OAuth token shape used by Copilot-related Hermes credential paths.

gho_XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
example

GitHub fine-grained personal access token accepted by Copilot-related Hermes credential paths.

github_pat_XXXXXXXXXXXXXXXXXXXX_XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Location

environment
ANTHROPIC_TOKEN, CLAUDE_CODE_OAUTH_TOKEN, COPILOT_GITHUB_TOKEN, GH_TOKEN, GITHUB_TOKEN
config file
~/.hermes/auth.json, ~/.hermes/.anthropic_oauth.json

Linux/macOS Hermes OAuth credential pool and Anthropic OAuth credential files. Per-profile Hermes homes can contain their own auth.json under ~/.hermes/profiles/<name>/.

config file
%USERPROFILE%\.hermes\auth.json, %USERPROFILE%\.hermes\.anthropic_oauth.json

Windows Hermes OAuth credential pool and Anthropic OAuth credential files. Per-profile Hermes homes can contain their own auth.json under %USERPROFILE%\.hermes\profiles\<name>\.

secret store

OS keychains, password managers, and external secret stores used for OAuth refresh tokens or provider access tokens.

logs
~/.hermes/logs, %USERPROFILE%\.hermes\logs

Authentication and provider errors may reveal credential identifiers or token handling context.

Notes

auth.json should be treated as a credential-bearing file even when individual token formats vary by provider. HERMES_OAUTH_FILE can override the OAuth credential storage path and is documented as a path override, not as token material itself.

03

Messaging Gateway Platform Token

hermes-agent / gateway-platform-token

Hermes Gateway connects Telegram, Discord, Slack, WhatsApp, Signal, Matrix, Email, SMS, Teams, Feishu, DingTalk, WeCom, and other messaging platforms. Bot tokens, app secrets, webhook URLs, API keys, and allowed-user settings may grant remote access to the agent surface or to the messaging platform account.

user definedsecrettoken

Looks like

example
example

Telegram bot token shape for TELEGRAM_BOT_TOKEN.

123456789:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
example

Slack bot/app/user token family used by Slack gateway configuration.

xoxb-XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
example

Meta/WhatsApp Cloud access-token prefix used by WHATSAPP_CLOUD_ACCESS_TOKEN.

EAAXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Location

environment
TELEGRAM_BOT_TOKEN, TELEGRAM_WEBHOOK_SECRET, DISCORD_BOT_TOKEN, SLACK_BOT_TOKEN, SLACK_APP_TOKEN, SLACK_SIGNING_SECRET, GOOGLE_CHAT_SERVICE_ACCOUNT_JSON, WHATSAPP_ACCESS_TOKEN, WHATSAPP_VERIFY_TOKEN, WHATSAPP_CLOUD_ACCESS_TOKEN, WHATSAPP_CLOUD_APP_SECRET, WHATSAPP_CLOUD_VERIFY_TOKEN, MATRIX_ACCESS_TOKEN, MATTERMOST_TOKEN, TEAMS_CLIENT_SECRET, EMAIL_PASSWORD, SMTP_PASSWORD, SMS_API_KEY, TWILIO_AUTH_TOKEN, DINGTALK_CLIENT_SECRET, DINGTALK_WEBHOOK_URL, FEISHU_APP_SECRET, FEISHU_ENCRYPT_KEY, FEISHU_VERIFICATION_TOKEN, WECOM_CORP_SECRET, BLUEBUBBLES_PASSWORD, GATEWAY_PROXY_KEY, GATEWAY_RELAY_SECRET, GATEWAY_RELAY_DELIVERY_KEY, GATEWAY_RELAY_ENROLL_TOKEN, GATEWAY_RELAY_ROUTE_KEYS
config file
~/.hermes/.env, ~/.hermes/config.yaml

Linux/macOS Hermes gateway platform credentials and platform configuration. Per-profile Hermes homes can contain their own .env and config.yaml under ~/.hermes/profiles/<name>/.

config file
%USERPROFILE%\.hermes\.env, %USERPROFILE%\.hermes\config.yaml

Windows Hermes gateway platform credentials and platform configuration. Per-profile Hermes homes can contain their own .env and config.yaml under %USERPROFILE%\.hermes\profiles\<name>\.

secret store

Platform app dashboards, cloud secret managers, password managers, and deployment secret stores.

logs
~/.hermes/logs/gateway.log, ~/.hermes/logs, %USERPROFILE%\.hermes\logs\gateway.log, %USERPROFILE%\.hermes\logs

Gateway startup, platform authentication, webhook, and delivery logs.

Notes

Some adjacent allowlist and channel variables are not secrets, but platform tokens, webhook secrets, relay keys, and app secrets are sensitive because they can grant messaging or gateway control.

04

API Server / Dashboard / Webhook Secret

hermes-agent / api-dashboard-webhook-secret

Hermes can expose a dashboard, API server, local proxy, and webhook routes. API keys, dashboard drain secrets, webhook secrets, and route tokens protect remote control and automation surfaces.

user definedgenerated on installsecretsecret value

Looks like

pattern
pattern

Contextual assignment pattern for Hermes API, webhook, drain, and dashboard-auth secrets.

(?i)(API_SERVER_KEY|WEBHOOK_SECRET|HERMES_DASHBOARD_DRAIN_SECRET|HERMES_DASHBOARD_BASIC_AUTH_PASSWORD|HERMES_DASHBOARD_BASIC_AUTH_SECRET)\s*[:=]\s*['"]?[A-Za-z0-9_./+=:\-]{16,512}['"]?

Location

environment
API_SERVER_KEY, WEBHOOK_SECRET, HERMES_DASHBOARD_DRAIN_SECRET, HERMES_DASHBOARD_BASIC_AUTH_PASSWORD, HERMES_DASHBOARD_BASIC_AUTH_PASSWORD_HASH, HERMES_DASHBOARD_BASIC_AUTH_SECRET, HERMES_DASHBOARD_OIDC_CLIENT_SECRET
config file
~/.hermes/.env, ~/.hermes/config.yaml, ~/.hermes/webhooks.yaml

Linux/macOS Hermes dashboard, API server, proxy, webhook, and automation configuration. Per-profile Hermes homes can contain their own .env and config.yaml under ~/.hermes/profiles/<name>/.

config file
%USERPROFILE%\.hermes\.env, %USERPROFILE%\.hermes\config.yaml, %USERPROFILE%\.hermes\webhooks.yaml

Windows Hermes dashboard, API server, proxy, webhook, and automation configuration. Per-profile Hermes homes can contain their own .env and config.yaml under %USERPROFILE%\.hermes\profiles\<name>\.

public interface
/, /api, /webhooks, /v1/chat/completions

Hermes dashboard, API server, webhook, and OpenAI-compatible proxy endpoints.

http header
Authorization, X-API-Key, X-Hermes-Secret

Headers commonly used to carry API, proxy, or webhook credentials.

logs
~/.hermes/logs, %USERPROFILE%\.hermes\logs

Dashboard, API server, proxy, and webhook logs may reveal route names or accidental credential material.

Notes

Treat exposed dashboard/API/webhook secrets as high-impact because they may allow remote agent interaction, scheduled runs, or tool execution depending on deployment. Public URL, CORS, host, and port variables are intentionally omitted from the environment location because they are not credential material.

05

MCP Server / Plugin Credential

hermes-agent / mcp-and-plugin-credential

Hermes can load MCP servers and plugins. Their configurations may contain API keys, bearer tokens, command arguments, OAuth material, or service credentials for third-party tools exposed to the agent.

user definedsecretsecret value

Location

config file
~/.hermes/config.yaml, ~/.hermes/.env, ~/.hermes/mcp.json

Linux/macOS Hermes MCP and plugin configuration. Plugin code and per-profile plugin secrets can live under Hermes profile directories.

config file
%USERPROFILE%\.hermes\config.yaml, %USERPROFILE%\.hermes\.env, %USERPROFILE%\.hermes\mcp.json

Windows Hermes MCP and plugin configuration. Plugin code and per-profile plugin secrets can live under Hermes profile directories.

environment
BRAVE_SEARCH_API_KEY, FIRECRAWL_API_KEY, EXA_API_KEY, TAVILY_API_KEY, AIRTABLE_API_KEY, NOTION_API_KEY, LINEAR_API_KEY, TENOR_API_KEY, BROWSERBASE_API_KEY, BROWSER_USE_API_KEY, DAYTONA_API_KEY, MODAL_TOKEN_ID, MODAL_TOKEN_SECRET, GITHUB_TOKEN, GH_TOKEN, HASS_TOKEN, HERMES_LANGFUSE_PUBLIC_KEY, HERMES_LANGFUSE_SECRET_KEY, LANGFUSE_PUBLIC_KEY, LANGFUSE_SECRET_KEY, TOOL_GATEWAY_USER_TOKEN
source code
plugin.py, manifest.yaml, config.yaml, .env, mcp.json

Local plugin and MCP server source/configuration files that may embed tool credentials.

secret store

External secret stores and password managers used by MCP servers or plugins.

logs
~/.hermes/logs, %USERPROFILE%\.hermes\logs

MCP and plugin startup errors may reveal configured command arguments or credential names.

Notes

MCP/plugin secrets are product-specific to the connected service; this block catalogs Hermes locations where those third-party credentials are commonly wired in. Non-secret service URLs such as FIRECRAWL_API_URL and HERMES_LANGFUSE_BASE_URL are omitted from the environment credential location.

06

Voice / Media Provider API Key

hermes-agent / voice-and-media-provider-key

Hermes voice, transcription, text-to-speech, image generation, browser, and media tools can use provider API keys. These keys may be stored alongside model provider credentials and are consumed by optional toolsets.

user definedsecretAPI key

Location

environment
GROQ_API_KEY, VOICE_TOOLS_OPENAI_KEY, ELEVENLABS_API_KEY, MINIMAX_API_KEY, MISTRAL_API_KEY, FAL_KEY, KREA_API_KEY, BROWSERBASE_API_KEY, BROWSER_USE_API_KEY, CAMOFOX_SESSION_KEY, HONCHO_API_KEY, SUPERMEMORY_API_KEY, DAYTONA_API_KEY
config file
~/.hermes/.env, ~/.hermes/config.yaml

Linux/macOS Hermes STT, TTS, image, browser, memory-provider, and media provider configuration. Per-profile Hermes homes can contain their own .env and config.yaml under ~/.hermes/profiles/<name>/.

config file
%USERPROFILE%\.hermes\.env, %USERPROFILE%\.hermes\config.yaml

Windows Hermes STT, TTS, image, browser, memory-provider, and media provider configuration. Per-profile Hermes homes can contain their own .env and config.yaml under %USERPROFILE%\.hermes\profiles\<name>\.

secret store

Provider dashboards, password managers, and deployment secret stores used for optional Hermes media/tool providers.

logs
~/.hermes/logs, %USERPROFILE%\.hermes\logs

Provider setup and tool errors may expose credential names or accidental API key material.

Notes

Some env vars overlap with model-provider keys; scanner output should deduplicate findings by path, variable name, and value. Browser URL and user-id variables are omitted unless they contain credential material.

Scope

Authorized use

LOLCreds helps map the credential surface of real products: known defaults, generated values, credential locations, and exposure patterns.