Summary
The Web UI has no way to toggle YOLO mode (skip all dangerous command approval prompts for the session). The CLI's /yolo toggles this instantly for the current session. In the Web UI, if you're doing a batch of trusted operations and want to stop clicking "Allow once" on every terminal command, you have to edit config.yaml on the server — there's no in-session toggle.
Current state
The agent's tools/approval.py gates terminal commands against 33 DANGEROUS_PATTERNS (regex list: rm -rf, DROP TABLE, chmod 777, etc.). When a match is found, it prompts for approval with four options: Allow once, Allow session, Always allow, Deny.
In the CLI, /yolo calls _toggle_yolo() (cli.py line 6199) which sets or unsets the HERMES_YOLO_MODE environment variable in the current process. When set, approval.py's should_require_approval() skips all pattern checks and returns approved immediately.
In the gateway, YOLO is session-scoped via contextvars (enable_session_yolo() / disable_session_yolo() in approval.py) so it doesn't leak across concurrent gateway sessions.
The Web UI shows the approval card correctly when a dangerous command is detected. But there is no toggle to pre-emptively disable it for the session. The only workarounds are: click "Allow session" each time a new pattern is encountered, or go to the terminal and set HERMES_YOLO_MODE=1 globally.
Proposed solution
Slash command — add /yolo to COMMANDS. When executed client-side, it calls a new POST /api/session/yolo endpoint with {"enabled": true/false}. The endpoint sets a session-scoped YOLO flag (same as the gateway's enable_session_yolo() pattern) that approval.py checks for subsequent commands in that session.
Approval card — add a small "Skip all approvals this session" link/button to the existing approval card UI. Clicking it fires the same POST /api/session/yolo call and dismisses the current prompt with "Allow once" as the immediate action. This makes the feature discoverable at exactly the moment it's most useful — when you're clicking "Allow once" for the third time in a row.
Visual indicator — when YOLO mode is active for a session, show a small warning pill in the composer footer (e.g. "⚡ YOLO" in amber) so the user knows approvals are suspended. Clicking it toggles YOLO back off.
Backend: the WebUIApprovalCallback in api/streaming.py that surfaces approval requests to the browser needs to check a per-session YOLO flag. The session object (SessionStore) is the right place to store yolo_enabled: bool — it's already session-scoped and accessible during streaming.
Security note: YOLO mode in the Web UI should be session-scoped only (never persistent, never global across sessions), consistent with how the gateway implements it. This is already the correct behavior given the contextvars approach — the implementation just needs to be wired up.
Files involved
~/hermes-webui-public/api/routes.py — new POST /api/session/yolo endpoint~/hermes-webui-public/api/streaming.py — check session YOLO flag before surfacing approval prompt~/hermes-webui-public/static/commands.js — add /yolo to COMMANDS~/hermes-webui-public/static/boot.js — "Skip all this session" button on approval card; YOLO indicator pill in footer~/hermes-webui-public/static/style.css — YOLO indicator styling~/.hermes/hermes-agent/tools/approval.py — enable_session_yolo(), is_current_session_yolo_enabled() (line 300, 335)
Summary
The Web UI has no way to toggle YOLO mode (skip all dangerous command approval prompts for the session). The CLI's
/yolotoggles this instantly for the current session. In the Web UI, if you're doing a batch of trusted operations and want to stop clicking "Allow once" on every terminal command, you have to editconfig.yamlon the server — there's no in-session toggle.Current state
The agent's
tools/approval.pygates terminal commands against 33DANGEROUS_PATTERNS(regex list:rm -rf,DROP TABLE,chmod 777, etc.). When a match is found, it prompts for approval with four options: Allow once, Allow session, Always allow, Deny.In the CLI,
/yolocalls_toggle_yolo()(cli.py line 6199) which sets or unsets theHERMES_YOLO_MODEenvironment variable in the current process. When set,approval.py'sshould_require_approval()skips all pattern checks and returns approved immediately.In the gateway, YOLO is session-scoped via
contextvars(enable_session_yolo()/disable_session_yolo()inapproval.py) so it doesn't leak across concurrent gateway sessions.The Web UI shows the approval card correctly when a dangerous command is detected. But there is no toggle to pre-emptively disable it for the session. The only workarounds are: click "Allow session" each time a new pattern is encountered, or go to the terminal and set
HERMES_YOLO_MODE=1globally.Proposed solution
Slash command — add
/yolotoCOMMANDS. When executed client-side, it calls a newPOST /api/session/yoloendpoint with{"enabled": true/false}. The endpoint sets a session-scoped YOLO flag (same as the gateway'senable_session_yolo()pattern) thatapproval.pychecks for subsequent commands in that session.Approval card — add a small "Skip all approvals this session" link/button to the existing approval card UI. Clicking it fires the same
POST /api/session/yolocall and dismisses the current prompt with "Allow once" as the immediate action. This makes the feature discoverable at exactly the moment it's most useful — when you're clicking "Allow once" for the third time in a row.Visual indicator — when YOLO mode is active for a session, show a small warning pill in the composer footer (e.g. "⚡ YOLO" in amber) so the user knows approvals are suspended. Clicking it toggles YOLO back off.
Backend: the
WebUIApprovalCallbackinapi/streaming.pythat surfaces approval requests to the browser needs to check a per-session YOLO flag. The session object (SessionStore) is the right place to storeyolo_enabled: bool— it's already session-scoped and accessible during streaming.Security note: YOLO mode in the Web UI should be session-scoped only (never persistent, never global across sessions), consistent with how the gateway implements it. This is already the correct behavior given the
contextvarsapproach — the implementation just needs to be wired up.Files involved
~/hermes-webui-public/api/routes.py— newPOST /api/session/yoloendpoint~/hermes-webui-public/api/streaming.py— check session YOLO flag before surfacing approval prompt~/hermes-webui-public/static/commands.js— add/yolotoCOMMANDS~/hermes-webui-public/static/boot.js— "Skip all this session" button on approval card; YOLO indicator pill in footer~/hermes-webui-public/static/style.css— YOLO indicator styling~/.hermes/hermes-agent/tools/approval.py—enable_session_yolo(),is_current_session_yolo_enabled()(line 300, 335)