Safer Agentic AI? đź§ Full Docker + Hermes Agent Tutorial (Desktop)
This tutorial demonstrates how to safely run AI agents like Hermes inside Docker containers to sandbox code execution and prevent unauthorized access to sensitive files on your computer. By configuring Docker volumes and mounting specific folders, users can give agents access to only the files they choose while keeping code execution isolated from the main system.
Summary
Callum (Wanderer) explains the security risks of running AI agents with unrestricted access to your computer, including a real example where Meta's privacy head accidentally deleted emails using Claude. The core problem is that AI agents can read and execute code directly on your machine, potentially exposing sensitive information like API keys, passwords, personal notes, and company strategies.
The solution is Docker, which creates an isolated sandbox environment where agents can execute code without affecting the host system. The video demonstrates this by first showing Hermes reading all files in a test folder containing sensitive information (secrets, server details, personal therapy notes, business strategy), then reconfiguring Hermes to run inside Docker where it cannot access those same files.
The setup process involves installing Docker Desktop, modifying Hermes' configuration file to set the working directory to /workspace, and adding Docker volume mounts that link specific folders on your computer to the container. For example, mounting /Users/username/hermes-workspace to /workspace inside the container allows selective file access. The speaker demonstrates this by having Hermes create files that appear both in the Docker container and the linked desktop folder.
The video emphasizes the distinction between access and execution: agents should have access to only the files you explicitly choose (through mounted volumes), but execution of code should happen only inside the container. This prevents malicious code, accidental deletions, and data theft. However, the speaker notes this isn't 100% foolproof—custom skills may still execute on the host computer—so users must still be selective about which tools and skills they install.
An advanced option is running the entire Hermes instance inside Docker and accessing it remotely via a gateway, providing complete isolation but with some usability tradeoffs. The speaker recommends the basic Docker execution approach for everyday use while reserving full containerization for higher-risk scenarios.
Key Insights
- By default, AI agents executing on local machines can read and access all files including API keys, passwords, and personal information, even when they have safety features like redaction—the sensitive data may still be sent to external servers like OpenAI's API
- Docker prevents agent code execution on the host computer by creating an isolated sandbox, but agents can still attempt to access local files unless the container is explicitly restricted through volume mounting configuration
- The goal of safe agent deployment is to give access without execution—agents should only access files explicitly mounted as Docker volumes, while all code execution happens exclusively inside the container
- Custom skills and tools installed into Hermes may not run inside the Docker execution backend and could operate directly on the host computer, creating a potential security gap even with containerization
- Docker volumes can be selectively mounted to create dedicated workspaces for specific applications like Obsidian vaults, allowing agents to access and modify only those folders while protecting the rest of the file system
Topics
Transcript
[0:00] Before, it listed all of this potentially sensitive information, but now when I tried it again, it says I can't even find that folder. I can't access it. You've probably heard of AI agents like Open Claw or Claude Code, but you might be a little bit nervous about having an AI run free on your computer. That fear is well-founded. Giving these tools access to your whole computer can be really dangerous. Just look at the head of privacy at Meta who accidentally deleted her emails with Open Claw. It forgot that it needed permission to delete, so it just went through and deleted things. How do you run an AI agent without putting your computer at risk?…
Full transcript available for MurmurCast members
Sign Up to AccessMore from Wanderloots
Full Hermes Agent Tutorial (Desktop) đź§ A Useful Agentic AI Workflow
This tutorial demonstrates how to set up and use Hermes, an open-source AI agent by Nous Research that learns and evolves over time through persistent memory and automated skill generation. The video covers local model setup with Ollama, cloud model integration with OpenAI, messaging gateway configuration via Telegram, and creating a self-improving daily AI briefing automation.
100% Free & Private AI 🦙 Build & Run Local AI Agents #ai #agenticai #ollama #localllm
The video introduces local AI models as a privacy-preserving alternative to cloud-based AI services. By running AI assistants locally on your computer, users can maintain complete control over their data while leveraging AI capabilities for personal tasks like analyzing notes and answering work-related questions.
Information ➡️ Knowledge: How To Build An LLM Wiki In Obsidian 🧠#obsidian #ai #agenticai
This video introduces the concept of an 'LLM Wiki' built in Obsidian — a structured knowledge system where AI agents automatically extract and organize concepts from raw information. The presenter explains that the goal is to transform information into persistent, accessible knowledge. This episode focuses on the practical setup, following a prior video that covered the rationale.
Obsidian Smart Plugin Workflow 📝 New Smart Connections + Context AI
Callum (Waterloo Loot) demonstrates a three-plugin 'smart loop' workflow in Obsidian using Smart Connections, Smart Context, and Smart Chat to solve the problem of losing notes and context over time. The workflow follows a discovery-preparation-use cycle that helps users surface relevant notes, bundle them into reusable context, and optionally pass that context to AI while keeping chat threads linked to specific projects. The entire system is built on a shared 'smart environment' vector database layer that automatically updates context bundles as notes evolve.
Why LLM Wiki? đź§ Future Of Knowledge For Agentic AI & Humans
Callum, a former IP lawyer, explains the concept of knowledge graphs and introduces the 'LLM Wiki' — a separate, AI-maintained structured knowledge base that allows multiple AI tools to share the same persistent, interlinked information. He contrasts standard RAG retrieval with graph RAG, arguing that a structured wiki layer dramatically improves how AI handles complex, multi-source knowledge.