fix(gateway): add request timeouts to HA, Email, Mattermost, SMS adapters

Add timeout=30 to all bare ClientSession, IMAP4_SSL, smtplib.SMTP, and
ws_connect calls that previously had no timeout, preventing indefinite
hangs when an external server is slow or unresponsive.

Adapters hardened:
- HomeAssistant: REST + WS session creation, ws_connect handshake
- Email: all IMAP4_SSL (x2) and smtplib.SMTP (x3) calls
- Mattermost: session creation, _api_get, _api_post, _upload_file (60s)
- SMS: session creation in connect() + fallback session in send()

Salvaged from PRs #3161, #3168, #3170 (memosr) and #3201 (binhnt92).
SMS fallback ClientSession on send() also patched (missed in #3201).

Co-authored-by: memosr <memosr@users.noreply.github.com>
Co-authored-by: nguyen binh <binhnt92@users.noreply.github.com>

AGENTS.md

@@ -173,7 +173,6 @@ if canonical == "mycommand":
 - `args_hint` — argument placeholder shown in help (e.g. `"<prompt>"`, `"[name]"`)
 - `cli_only` — only available in the interactive CLI
 - `gateway_only` — only available in messaging platforms
-- `gateway_config_gate` — config dotpath (e.g. `"display.tool_progress_command"`); when set on a `cli_only` command, the command becomes available in the gateway if the config value is truthy. `GATEWAY_KNOWN_COMMANDS` always includes config-gated commands so the gateway can dispatch them; help/menus only show them when the gate is open.
 
 **Adding an alias** requires only adding it to the `aliases` tuple on the existing `CommandDef`. No other file changes needed — dispatch, help text, Telegram menu, Slack mapping, and autocomplete all update automatically.
 

cli.py

@@ -2916,7 +2916,7 @@ class HermesCLI:
                 try:
                     self._session_db.create_session(
                         session_id=self.session_id,
-                        source=os.environ.get("HERMES_SESSION_SOURCE", "cli"),
+                        source="cli",
                         model=self.model,
                         model_config={
                             "max_iterations": self.max_turns,
@@ -7163,13 +7163,13 @@ class HermesCLI:
             if self.agent and getattr(self.agent, '_honcho', None):
                 try:
                     self.agent._honcho.shutdown()
-                except (Exception, KeyboardInterrupt):
+                except Exception:
                     pass
             # Close session in SQLite
             if hasattr(self, '_session_db') and self._session_db and self.agent:
                 try:
                     self._session_db.end_session(self.agent.session_id, "cli_close")
-                except (Exception, KeyboardInterrupt) as e:
+                except Exception as e:
                     logger.debug("Could not close session in DB: %s", e)
             _run_cleanup()
             self._print_exit_summary()

cron/scheduler.py

@@ -474,11 +474,11 @@ def run_job(job: dict) -> tuple[bool, str, str, Optional[str]]:
         if _session_db:
             try:
                 _session_db.end_session(_cron_session_id, "cron_complete")
-            except (Exception, KeyboardInterrupt) as e:
+            except Exception as e:
                 logger.debug("Job '%s': failed to end session: %s", job_id, e)
             try:
                 _session_db.close()
-            except (Exception, KeyboardInterrupt) as e:
+            except Exception as e:
                 logger.debug("Job '%s': failed to close SQLite session store: %s", job_id, e)
 
 

gateway/platforms/api_server.py

@@ -383,7 +383,6 @@ class APIServerAdapter(BasePlatformAdapter):
             quiet_mode=True,
             verbose_logging=False,
             ephemeral_system_prompt=ephemeral_system_prompt or None,
-            enabled_toolsets=["hermes-api-server"],
             session_id=session_id,
             platform="api_server",
             stream_delta_callback=stream_delta_callback,

gateway/platforms/discord.py

@@ -446,7 +446,6 @@ class DiscordAdapter(BasePlatformAdapter):
         # Persistent typing indicator loops per channel (DMs don't reliably
         # show the standard typing gateway event for bots)
         self._typing_tasks: Dict[str, asyncio.Task] = {}
-        self._bot_task: Optional[asyncio.Task] = None
         # Cap to prevent unbounded growth (Discord threads get archived).
         self._MAX_TRACKED_THREADS = 500
     
@@ -589,7 +588,7 @@ class DiscordAdapter(BasePlatformAdapter):
             self._register_slash_commands()
             
             # Start the bot in background
-            self._bot_task = asyncio.create_task(self._client.start(self.config.token))
+            asyncio.create_task(self._client.start(self.config.token))
             
             # Wait for ready
             await asyncio.wait_for(self._ready_event.wait(), timeout=30)

gateway/platforms/signal.py

@@ -344,9 +344,7 @@ class SignalAdapter(BasePlatformAdapter):
         """Force SSE reconnection by closing the current response."""
         if self._sse_response and not self._sse_response.is_stream_consumed:
             try:
-                task = asyncio.create_task(self._sse_response.aclose())
-                self._background_tasks.add(task)
-                task.add_done_callback(self._background_tasks.discard)
+                asyncio.create_task(self._sse_response.aclose())
             except Exception:
                 pass
             self._sse_response = None

gateway/platforms/slack.py

@@ -72,7 +72,6 @@ class SlackAdapter(BasePlatformAdapter):
         self._handler: Optional[AsyncSocketModeHandler] = None
         self._bot_user_id: Optional[str] = None
         self._user_name_cache: Dict[str, str] = {}  # user_id → display name
-        self._socket_mode_task: Optional[asyncio.Task] = None
 
     async def connect(self) -> bool:
         """Connect to Slack via Socket Mode."""
@@ -120,7 +119,7 @@ class SlackAdapter(BasePlatformAdapter):
 
             # Start Socket Mode handler in background
             self._handler = AsyncSocketModeHandler(self._app, app_token)
-            self._socket_mode_task = asyncio.create_task(self._handler.start_async())
+            asyncio.create_task(self._handler.start_async())
 
             self._running = True
             logger.info("[Slack] Connected as @%s (Socket Mode)", bot_name)

gateway/platforms/sms.py

@@ -265,9 +265,7 @@ class SmsAdapter(BasePlatformAdapter):
         )
 
         # Non-blocking: Twilio expects a fast response
-        task = asyncio.create_task(self.handle_message(event))
-        self._background_tasks.add(task)
-        task.add_done_callback(self._background_tasks.discard)
+        asyncio.create_task(self.handle_message(event))
 
         # Return empty TwiML — we send replies via the REST API, not inline TwiML
         return web.Response(

gateway/platforms/telegram.py

@@ -219,14 +219,7 @@ class TelegramAdapter(BasePlatformAdapter):
             self._polling_network_error_count = 0
         except Exception as retry_err:
             logger.warning("[%s] Telegram polling reconnect failed: %s", self.name, retry_err)
-            # start_polling failed — polling is dead and no further error
-            # callbacks will fire, so schedule the next retry ourselves.
-            if not self.has_fatal_error:
-                task = asyncio.ensure_future(
-                    self._handle_polling_network_error(retry_err)
-                )
-                self._background_tasks.add(task)
-                task.add_done_callback(self._background_tasks.discard)
+            # The next network error will trigger another attempt.
 
     async def _handle_polling_conflict(self, error: Exception) -> None:
         if self.has_fatal_error and self.fatal_error_code == "telegram_polling_conflict":

gateway/platforms/webhook.py

@@ -363,9 +363,7 @@ class WebhookAdapter(BasePlatformAdapter):
         )
 
         # Non-blocking — return 202 Accepted immediately
-        task = asyncio.create_task(self.handle_message(event))
-        self._background_tasks.add(task)
-        task.add_done_callback(self._background_tasks.discard)
+        asyncio.create_task(self.handle_message(event))
 
         return web.json_response(
             {

gateway/platforms/whatsapp.py

@@ -140,7 +140,6 @@ class WhatsAppAdapter(BasePlatformAdapter):
         self._message_queue: asyncio.Queue = asyncio.Queue()
         self._bridge_log_fh = None
         self._bridge_log: Optional[Path] = None
-        self._poll_task: Optional[asyncio.Task] = None
     
     async def connect(self) -> bool:
         """
@@ -199,7 +198,7 @@ class WhatsAppAdapter(BasePlatformAdapter):
                                 print(f"[{self.name}] Using existing bridge (status: {bridge_status})")
                                 self._mark_connected()
                                 self._bridge_process = None  # Not managed by us
-                                self._poll_task = asyncio.create_task(self._poll_messages())
+                                asyncio.create_task(self._poll_messages())
                                 return True
                             else:
                                 print(f"[{self.name}] Bridge found but not connected (status: {bridge_status}), restarting")
@@ -305,7 +304,7 @@ class WhatsAppAdapter(BasePlatformAdapter):
                     print(f"[{self.name}]   If session expired, re-pair: hermes whatsapp")
             
             # Start message polling task
-            self._poll_task = asyncio.create_task(self._poll_messages())
+            asyncio.create_task(self._poll_messages())
             
             self._mark_connected()
             print(f"[{self.name}] Bridge started on port {self._bridge_port}")

gateway/run.py

@@ -414,9 +414,6 @@ class GatewayRunner:
         # Per-chat voice reply mode: "off" | "voice_only" | "all"
         self._voice_mode: Dict[str, str] = self._load_voice_modes()
 
-        # Track background tasks to prevent garbage collection mid-execution
-        self._background_tasks: set = set()
-
     def _get_or_create_gateway_honcho(self, session_key: str):
         """Return a persistent Honcho manager/config pair for this gateway session."""
         if not hasattr(self, "_honcho_managers"):
@@ -1301,11 +1298,6 @@ class GatewayRunner:
             except Exception as e:
                 logger.error("✗ %s disconnect error: %s", platform.value, e)
 
-        # Cancel any pending background tasks
-        for _task in list(self._background_tasks):
-            _task.cancel()
-        self._background_tasks.clear()
-
         self.adapters.clear()
         self._running_agents.clear()
         self._pending_messages.clear()
@@ -1716,9 +1708,6 @@ class GatewayRunner:
         if canonical == "reasoning":
             return await self._handle_reasoning_command(event)
 
-        if canonical == "verbose":
-            return await self._handle_verbose_command(event)
-
         if canonical == "provider":
             return await self._handle_provider_command(event)
         
@@ -2748,11 +2737,9 @@ class GatewayRunner:
         try:
             old_entry = self.session_store._entries.get(session_key)
             if old_entry:
-                _flush_task = asyncio.create_task(
+                asyncio.create_task(
                     self._async_flush_memories(old_entry.session_id, session_key)
                 )
-                self._background_tasks.add(_flush_task)
-                _flush_task.add_done_callback(self._background_tasks.discard)
         except Exception as e:
             logger.debug("Gateway memory flush on reset failed: %s", e)
 
@@ -3565,11 +3552,9 @@ class GatewayRunner:
         task_id = f"bg_{datetime.now().strftime('%H%M%S')}_{os.urandom(3).hex()}"
 
         # Fire-and-forget the background task
-        _task = asyncio.create_task(
+        asyncio.create_task(
             self._run_background_task(prompt, source, task_id)
         )
-        self._background_tasks.add(_task)
-        _task.add_done_callback(self._background_tasks.discard)
 
         preview = prompt[:60] + ("..." if len(prompt) > 60 else "")
         return f'🔄 Background task started: "{preview}"\nTask ID: {task_id}\nYou can keep chatting — results will appear when done.'
@@ -3787,68 +3772,6 @@ class GatewayRunner:
         else:
             return f"🧠 ✓ Reasoning effort set to `{effort}` (this session only)"
 
-    async def _handle_verbose_command(self, event: MessageEvent) -> str:
-        """Handle /verbose command — cycle tool progress display mode.
-
-        Gated by ``display.tool_progress_command`` in config.yaml (default off).
-        When enabled, cycles the tool progress mode through off → new → all →
-        verbose → off, same as the CLI.
-        """
-        import yaml
-
-        config_path = _hermes_home / "config.yaml"
-
-        # --- check config gate ------------------------------------------------
-        try:
-            user_config = {}
-            if config_path.exists():
-                with open(config_path, encoding="utf-8") as f:
-                    user_config = yaml.safe_load(f) or {}
-            gate_enabled = user_config.get("display", {}).get("tool_progress_command", False)
-        except Exception:
-            gate_enabled = False
-
-        if not gate_enabled:
-            return (
-                "The `/verbose` command is not enabled for messaging platforms.\n\n"
-                "Enable it in `config.yaml`:\n```yaml\n"
-                "display:\n  tool_progress_command: true\n```"
-            )
-
-        # --- cycle mode -------------------------------------------------------
-        cycle = ["off", "new", "all", "verbose"]
-        descriptions = {
-            "off": "⚙️ Tool progress: **OFF** — no tool activity shown.",
-            "new": "⚙️ Tool progress: **NEW** — shown when tool changes.",
-            "all": "⚙️ Tool progress: **ALL** — every tool call shown.",
-            "verbose": "⚙️ Tool progress: **VERBOSE** — full args and results.",
-        }
-
-        raw_progress = user_config.get("display", {}).get("tool_progress", "all")
-        # YAML 1.1 parses bare "off" as boolean False — normalise back
-        if raw_progress is False:
-            current = "off"
-        elif raw_progress is True:
-            current = "all"
-        else:
-            current = str(raw_progress).lower()
-        if current not in cycle:
-            current = "all"
-        idx = (cycle.index(current) + 1) % len(cycle)
-        new_mode = cycle[idx]
-
-        # Save to config.yaml
-        try:
-            if "display" not in user_config or not isinstance(user_config.get("display"), dict):
-                user_config["display"] = {}
-            user_config["display"]["tool_progress"] = new_mode
-            with open(config_path, "w", encoding="utf-8") as f:
-                yaml.dump(user_config, f, default_flow_style=False, sort_keys=False)
-            return f"{descriptions[new_mode]}\n_(saved to config — takes effect on next message)_"
-        except Exception as e:
-            logger.warning("Failed to save tool_progress mode: %s", e)
-            return f"{descriptions[new_mode]}\n_(could not save to config: {e})_"
-
     async def _handle_compress_command(self, event: MessageEvent) -> str:
         """Handle /compress command -- manually compress conversation context."""
         source = event.source
@@ -4006,11 +3929,9 @@ class GatewayRunner:
 
         # Flush memories for current session before switching
         try:
-            _flush_task = asyncio.create_task(
+            asyncio.create_task(
                 self._async_flush_memories(current_entry.session_id, session_key)
             )
-            self._background_tasks.add(_flush_task)
-            _flush_task.add_done_callback(self._background_tasks.discard)
         except Exception as e:
             logger.debug("Memory flush on resume failed: %s", e)
 

hermes_cli/commands.py

@@ -36,7 +36,6 @@ class CommandDef:
     subcommands: tuple[str, ...] = ()  # tab-completable subcommands
     cli_only: bool = False             # only available in CLI
     gateway_only: bool = False         # only available in gateway/messaging
-    gateway_config_gate: str | None = None  # config dotpath; when truthy, overrides cli_only for gateway
 
 
 # ---------------------------------------------------------------------------
@@ -88,8 +87,7 @@ COMMAND_REGISTRY: list[CommandDef] = [
     CommandDef("statusbar", "Toggle the context/model status bar", "Configuration",
                cli_only=True, aliases=("sb",)),
     CommandDef("verbose", "Cycle tool progress display: off -> new -> all -> verbose",
-               "Configuration", cli_only=True,
-               gateway_config_gate="display.tool_progress_command"),
+               "Configuration", cli_only=True),
     CommandDef("reasoning", "Manage reasoning effort and display", "Configuration",
                args_hint="[level|show|hide]",
                subcommands=("none", "low", "minimal", "medium", "high", "xhigh", "show", "hide", "on", "off")),
@@ -207,7 +205,7 @@ def rebuild_lookups() -> None:
     GATEWAY_KNOWN_COMMANDS = frozenset(
         name
         for cmd in COMMAND_REGISTRY
-        if not cmd.cli_only or cmd.gateway_config_gate
+        if not cmd.cli_only
         for name in (cmd.name, *cmd.aliases)
     )
 
@@ -261,76 +259,20 @@ for _cmd in COMMAND_REGISTRY:
 # Gateway helpers
 # ---------------------------------------------------------------------------
 
-# Set of all command names + aliases recognized by the gateway.
-# Includes config-gated commands so the gateway can dispatch them
-# (the handler checks the config gate at runtime).
+# Set of all command names + aliases recognized by the gateway
 GATEWAY_KNOWN_COMMANDS: frozenset[str] = frozenset(
     name
     for cmd in COMMAND_REGISTRY
-    if not cmd.cli_only or cmd.gateway_config_gate
+    if not cmd.cli_only
     for name in (cmd.name, *cmd.aliases)
 )
 
 
-def _resolve_config_gates() -> set[str]:
-    """Return canonical names of commands whose ``gateway_config_gate`` is truthy.
-
-    Reads ``config.yaml`` and walks the dot-separated key path for each
-    config-gated command.  Returns an empty set on any error so callers
-    degrade gracefully.
-    """
-    gated = [c for c in COMMAND_REGISTRY if c.gateway_config_gate]
-    if not gated:
-        return set()
-    try:
-        import yaml
-        config_path = os.path.join(
-            os.getenv("HERMES_HOME", os.path.expanduser("~/.hermes")),
-            "config.yaml",
-        )
-        if os.path.exists(config_path):
-            with open(config_path, encoding="utf-8") as f:
-                cfg = yaml.safe_load(f) or {}
-        else:
-            cfg = {}
-    except Exception:
-        return set()
-    result: set[str] = set()
-    for cmd in gated:
-        val: Any = cfg
-        for key in cmd.gateway_config_gate.split("."):
-            if isinstance(val, dict):
-                val = val.get(key)
-            else:
-                val = None
-                break
-        if val:
-            result.add(cmd.name)
-    return result
-
-
-def _is_gateway_available(cmd: CommandDef, config_overrides: set[str] | None = None) -> bool:
-    """Check if *cmd* should appear in gateway surfaces (help, menus, mappings).
-
-    Unconditionally available when ``cli_only`` is False.  When ``cli_only``
-    is True but ``gateway_config_gate`` is set, the command is available only
-    when the config value is truthy.  Pass *config_overrides* (from
-    ``_resolve_config_gates()``) to avoid re-reading config for every command.
-    """
-    if not cmd.cli_only:
-        return True
-    if cmd.gateway_config_gate:
-        overrides = config_overrides if config_overrides is not None else _resolve_config_gates()
-        return cmd.name in overrides
-    return False
-
-
 def gateway_help_lines() -> list[str]:
     """Generate gateway help text lines from the registry."""
-    overrides = _resolve_config_gates()
     lines: list[str] = []
     for cmd in COMMAND_REGISTRY:
-        if not _is_gateway_available(cmd, overrides):
+        if cmd.cli_only:
             continue
         args = f" {cmd.args_hint}" if cmd.args_hint else ""
         alias_parts: list[str] = []
@@ -351,10 +293,9 @@ def telegram_bot_commands() -> list[tuple[str, str]]:
     underscores.  Aliases are skipped -- Telegram shows one menu entry per
     canonical command.
     """
-    overrides = _resolve_config_gates()
     result: list[tuple[str, str]] = []
     for cmd in COMMAND_REGISTRY:
-        if not _is_gateway_available(cmd, overrides):
+        if cmd.cli_only:
             continue
         tg_name = cmd.name.replace("-", "_")
         result.append((tg_name, cmd.description))
@@ -367,10 +308,9 @@ def slack_subcommand_map() -> dict[str, str]:
     Maps both canonical names and aliases so /hermes bg do stuff works
     the same as /hermes background do stuff.
     """
-    overrides = _resolve_config_gates()
     mapping: dict[str, str] = {}
     for cmd in COMMAND_REGISTRY:
-        if not _is_gateway_available(cmd, overrides):
+        if cmd.cli_only:
             continue
         mapping[cmd.name] = f"/{cmd.name}"
         for alias in cmd.aliases:

hermes_cli/config.py

@@ -269,7 +269,6 @@ DEFAULT_CONFIG = {
         "streaming": False,
         "show_cost": False,       # Show $ cost in the status bar (off by default)
         "skin": "default",
-        "tool_progress_command": False,  # Enable /verbose command in messaging gateway
     },
 
     # Privacy settings

hermes_cli/main.py

@@ -513,10 +513,6 @@ def cmd_chat(args):
     if getattr(args, "yolo", False):
         os.environ["HERMES_YOLO_MODE"] = "1"
 
-    # --source: tag session source for filtering (e.g. 'tool' for third-party integrations)
-    if getattr(args, "source", None):
-        os.environ["HERMES_SESSION_SOURCE"] = args.source
-
     # Import and run the CLI
     from cli import main as cli_main
     
@@ -3174,11 +3170,6 @@ For more help on a command:
         default=False,
         help="Include the session ID in the agent's system prompt"
     )
-    chat_parser.add_argument(
-        "--source",
-        default=None,
-        help="Session source tag for filtering (default: cli). Use 'tool' for third-party integrations that should not appear in user session lists."
-    )
     chat_parser.set_defaults(func=cmd_chat)
 
     # =========================================================================
@@ -3877,12 +3868,8 @@ For more help on a command:
 
         action = args.sessions_action
 
-        # Hide third-party tool sessions by default, but honour explicit --source
-        _source = getattr(args, "source", None)
-        _exclude = None if _source else ["tool"]
-
         if action == "list":
-            sessions = db.list_sessions_rich(source=args.source, exclude_sources=_exclude, limit=args.limit)
+            sessions = db.list_sessions_rich(source=args.source, limit=args.limit)
             if not sessions:
                 print("No sessions found.")
                 return
@@ -3965,8 +3952,7 @@ For more help on a command:
         elif action == "browse":
             limit = getattr(args, "limit", 50) or 50
             source = getattr(args, "source", None)
-            _browse_exclude = None if source else ["tool"]
-            sessions = db.list_sessions_rich(source=source, exclude_sources=_browse_exclude, limit=limit)
+            sessions = db.list_sessions_rich(source=source, limit=limit)
             db.close()
             if not sessions:
                 print("No sessions found.")

hermes_cli/tools_config.py

@@ -134,7 +134,6 @@ PLATFORMS = {
     "homeassistant": {"label": "🏠 Home Assistant", "default_toolset": "hermes-homeassistant"},
     "email":    {"label": "📧 Email",      "default_toolset": "hermes-email"},
     "dingtalk": {"label": "💬 DingTalk",   "default_toolset": "hermes-dingtalk"},
-    "api_server": {"label": "🌐 API Server", "default_toolset": "hermes-api-server"},
 }
 
 

hermes_state.py

@@ -572,7 +572,6 @@ class SessionDB:
     def list_sessions_rich(
         self,
         source: str = None,
-        exclude_sources: List[str] = None,
         limit: int = 20,
         offset: int = 0,
     ) -> List[Dict[str, Any]]:
@@ -584,18 +583,7 @@ class SessionDB:
 
         Uses a single query with correlated subqueries instead of N+2 queries.
         """
-        where_clauses = []
-        params = []
-
-        if source:
-            where_clauses.append("s.source = ?")
-            params.append(source)
-        if exclude_sources:
-            placeholders = ",".join("?" for _ in exclude_sources)
-            where_clauses.append(f"s.source NOT IN ({placeholders})")
-            params.extend(exclude_sources)
-
-        where_sql = f"WHERE {' AND '.join(where_clauses)}" if where_clauses else ""
+        source_clause = "WHERE s.source = ?" if source else ""
         query = f"""
             SELECT s.*,
                 COALESCE(
@@ -610,11 +598,11 @@ class SessionDB:
                     s.started_at
                 ) AS last_active
             FROM sessions s
-            {where_sql}
+            {source_clause}
             ORDER BY s.started_at DESC
             LIMIT ? OFFSET ?
         """
-        params.extend([limit, offset])
+        params = (source, limit, offset) if source else (limit, offset)
         with self._lock:
             cursor = self._conn.execute(query, params)
             rows = cursor.fetchall()
@@ -830,7 +818,6 @@ class SessionDB:
         self,
         query: str,
         source_filter: List[str] = None,
-        exclude_sources: List[str] = None,
         role_filter: List[str] = None,
         limit: int = 20,
         offset: int = 0,
@@ -863,11 +850,6 @@ class SessionDB:
             where_clauses.append(f"s.source IN ({source_placeholders})")
             params.extend(source_filter)
 
-        if exclude_sources is not None:
-            exclude_placeholders = ",".join("?" for _ in exclude_sources)
-            where_clauses.append(f"s.source NOT IN ({exclude_placeholders})")
-            params.extend(exclude_sources)
-
         if role_filter:
             role_placeholders = ",".join("?" for _ in role_filter)
             where_clauses.append(f"m.role IN ({role_placeholders})")

run_agent.py

@@ -883,7 +883,7 @@ class AIAgent:
             try:
                 self._session_db.create_session(
                     session_id=self.session_id,
-                    source=self.platform or os.environ.get("HERMES_SESSION_SOURCE", "cli"),
+                    source=self.platform or "cli",
                     model=self.model,
                     model_config={
                         "max_iterations": self.max_iterations,
@@ -2274,7 +2274,7 @@ class AIAgent:
                 return
             try:
                 manager.flush_all()
-            except (Exception, KeyboardInterrupt) as exc:
+            except Exception as exc:
                 logger.debug("Honcho flush on exit failed (non-fatal): %s", exc)
 
         atexit.register(_flush_honcho_on_exit)
@@ -4859,7 +4859,7 @@ class AIAgent:
                 self.session_id = f"{datetime.now().strftime('%Y%m%d_%H%M%S')}_{uuid.uuid4().hex[:6]}"
                 self._session_db.create_session(
                     session_id=self.session_id,
-                    source=self.platform or os.environ.get("HERMES_SESSION_SOURCE", "cli"),
+                    source=self.platform or "cli",
                     model=self.model,
                     parent_session_id=old_session_id,
                 )

tests/gateway/test_api_server_toolset.py

@@ -1,93 +0,0 @@
-"""Tests for hermes-api-server toolset and API server tool availability."""
-import os
-import json
-from unittest.mock import patch, MagicMock
-
-import pytest
-
-from toolsets import resolve_toolset, get_toolset, validate_toolset
-
-
-class TestHermesApiServerToolset:
-    """Tests for the hermes-api-server toolset definition."""
-
-    def test_toolset_exists(self):
-        ts = get_toolset("hermes-api-server")
-        assert ts is not None
-
-    def test_toolset_validates(self):
-        assert validate_toolset("hermes-api-server")
-
-    def test_toolset_includes_web_tools(self):
-        tools = resolve_toolset("hermes-api-server")
-        assert "web_search" in tools
-        assert "web_extract" in tools
-
-    def test_toolset_includes_core_tools(self):
-        tools = resolve_toolset("hermes-api-server")
-        expected = [
-            "terminal", "process",
-            "read_file", "write_file", "patch", "search_files",
-            "vision_analyze", "image_generate",
-            "execute_code", "delegate_task",
-            "todo", "memory", "session_search", "cronjob",
-        ]
-        for tool in expected:
-            assert tool in tools, f"Missing expected tool: {tool}"
-
-    def test_toolset_includes_browser_tools(self):
-        tools = resolve_toolset("hermes-api-server")
-        for tool in ["browser_navigate", "browser_snapshot", "browser_click",
-                      "browser_type", "browser_scroll", "browser_back",
-                      "browser_press", "browser_close"]:
-            assert tool in tools, f"Missing browser tool: {tool}"
-
-    def test_toolset_includes_homeassistant_tools(self):
-        tools = resolve_toolset("hermes-api-server")
-        for tool in ["ha_list_entities", "ha_get_state", "ha_list_services", "ha_call_service"]:
-            assert tool in tools, f"Missing HA tool: {tool}"
-
-    def test_toolset_excludes_clarify(self):
-        tools = resolve_toolset("hermes-api-server")
-        assert "clarify" not in tools
-
-    def test_toolset_excludes_send_message(self):
-        tools = resolve_toolset("hermes-api-server")
-        assert "send_message" not in tools
-
-    def test_toolset_excludes_text_to_speech(self):
-        tools = resolve_toolset("hermes-api-server")
-        assert "text_to_speech" not in tools
-
-
-class TestApiServerPlatformConfig:
-    def test_platforms_dict_includes_api_server(self):
-        from hermes_cli.tools_config import PLATFORMS
-        assert "api_server" in PLATFORMS
-        assert PLATFORMS["api_server"]["default_toolset"] == "hermes-api-server"
-
-
-class TestApiServerAdapterToolset:
-    @patch("gateway.platforms.api_server.AIOHTTP_AVAILABLE", True)
-    def test_create_agent_uses_api_server_toolset(self):
-        from gateway.platforms.api_server import APIServerAdapter
-        from gateway.config import PlatformConfig
-
-        adapter = APIServerAdapter(PlatformConfig())
-
-        with patch("gateway.run._resolve_runtime_agent_kwargs") as mock_kwargs, \
-             patch("gateway.run._resolve_gateway_model") as mock_model, \
-             patch("run_agent.AIAgent") as mock_agent_cls:
-
-            mock_kwargs.return_value = {"api_key": "test-key", "base_url": None,
-                                        "provider": None, "api_mode": None,
-                                        "command": None, "args": []}
-            mock_model.return_value = "test/model"
-            mock_agent_cls.return_value = MagicMock()
-
-            adapter._create_agent()
-
-            mock_agent_cls.assert_called_once()
-            call_kwargs = mock_agent_cls.call_args
-            assert call_kwargs.kwargs.get("enabled_toolsets") == ["hermes-api-server"]
-            assert call_kwargs.kwargs.get("platform") == "api_server"

tests/gateway/test_background_command.py

@@ -38,7 +38,6 @@ def _make_runner():
     runner._provider_routing = {}
     runner._fallback_model = None
     runner._running_agents = {}
-    runner._background_tasks = set()
 
     mock_store = MagicMock()
     runner.session_store = mock_store

tests/gateway/test_gateway_shutdown.py

@@ -72,7 +72,6 @@ async def test_gateway_stop_interrupts_running_agents_and_cancels_adapter_tasks(
     runner._exit_reason = None
     runner._pending_messages = {"session": "pending text"}
     runner._pending_approvals = {"session": {"command": "rm -rf /tmp/x"}}
-    runner._background_tasks = set()
     runner._shutdown_all_gateway_honcho = lambda: None
 
     adapter = StubAdapter()

tests/gateway/test_session_race_guard.py

@@ -39,7 +39,6 @@ def _make_runner():
     runner._pending_messages = {}
     runner._pending_approvals = {}
     runner._voice_mode = {}
-    runner._background_tasks = set()
     runner._is_user_authorized = lambda _source: True
     return runner
 

tests/gateway/test_telegram_network_reconnect.py

@@ -1,154 +0,0 @@
-"""
-Tests for Telegram polling network error recovery.
-
-Specifically tests the fix for #3173 — when start_polling() fails after a
-network error, the adapter must self-reschedule the next reconnect attempt
-rather than silently leaving polling dead.
-"""
-
-import asyncio
-import sys
-from unittest.mock import AsyncMock, MagicMock, patch
-
-import pytest
-
-from gateway.config import PlatformConfig
-
-
-def _ensure_telegram_mock():
-    if "telegram" in sys.modules and hasattr(sys.modules["telegram"], "__file__"):
-        return
-
-    telegram_mod = MagicMock()
-    telegram_mod.ext.ContextTypes.DEFAULT_TYPE = type(None)
-    telegram_mod.constants.ParseMode.MARKDOWN_V2 = "MarkdownV2"
-    telegram_mod.constants.ChatType.GROUP = "group"
-    telegram_mod.constants.ChatType.SUPERGROUP = "supergroup"
-    telegram_mod.constants.ChatType.CHANNEL = "channel"
-    telegram_mod.constants.ChatType.PRIVATE = "private"
-
-    for name in ("telegram", "telegram.ext", "telegram.constants"):
-        sys.modules.setdefault(name, telegram_mod)
-
-
-_ensure_telegram_mock()
-
-from gateway.platforms.telegram import TelegramAdapter  # noqa: E402
-
-
-def _make_adapter() -> TelegramAdapter:
-    return TelegramAdapter(PlatformConfig(enabled=True, token="test-token"))
-
-
-@pytest.mark.asyncio
-async def test_reconnect_self_schedules_on_start_polling_failure():
-    """
-    When start_polling() raises during a network error retry, the adapter must
-    schedule a new _handle_polling_network_error task — otherwise polling stays
-    dead with no further error callbacks to trigger recovery.
-
-    Regression test for #3173: gateway becomes unresponsive after Telegram 502.
-    """
-    adapter = _make_adapter()
-    adapter._polling_network_error_count = 1
-
-    mock_updater = MagicMock()
-    mock_updater.running = True
-    mock_updater.stop = AsyncMock()
-    mock_updater.start_polling = AsyncMock(side_effect=Exception("Timed out"))
-
-    mock_app = MagicMock()
-    mock_app.updater = mock_updater
-    adapter._app = mock_app
-
-    with patch("asyncio.sleep", new_callable=AsyncMock):
-        await adapter._handle_polling_network_error(Exception("Bad Gateway"))
-
-    # A retry task must have been added to _background_tasks
-    pending = [t for t in adapter._background_tasks if not t.done()]
-    assert len(pending) >= 1, (
-        "Expected at least one self-rescheduled retry task in _background_tasks "
-        f"after start_polling failure, got {len(pending)}"
-    )
-
-    # Clean up — cancel the pending retry so it doesn't run after the test
-    for t in pending:
-        t.cancel()
-        try:
-            await t
-        except (asyncio.CancelledError, Exception):
-            pass
-
-
-@pytest.mark.asyncio
-async def test_reconnect_does_not_self_schedule_when_fatal_error_set():
-    """
-    When a fatal error is already set, the failed reconnect should NOT create
-    another retry task — the gateway is already shutting down this adapter.
-    """
-    adapter = _make_adapter()
-    adapter._polling_network_error_count = 1
-    adapter._set_fatal_error("telegram_network_error", "already fatal", retryable=True)
-
-    mock_updater = MagicMock()
-    mock_updater.running = True
-    mock_updater.stop = AsyncMock()
-    mock_updater.start_polling = AsyncMock(side_effect=Exception("Timed out"))
-
-    mock_app = MagicMock()
-    mock_app.updater = mock_updater
-    adapter._app = mock_app
-
-    initial_count = len(adapter._background_tasks)
-
-    with patch("asyncio.sleep", new_callable=AsyncMock):
-        await adapter._handle_polling_network_error(Exception("Timed out"))
-
-    assert len(adapter._background_tasks) == initial_count, (
-        "Should not schedule a retry when a fatal error is already set"
-    )
-
-
-@pytest.mark.asyncio
-async def test_reconnect_success_resets_error_count():
-    """
-    When start_polling() succeeds, _polling_network_error_count should reset to 0.
-    """
-    adapter = _make_adapter()
-    adapter._polling_network_error_count = 3
-
-    mock_updater = MagicMock()
-    mock_updater.running = True
-    mock_updater.stop = AsyncMock()
-    mock_updater.start_polling = AsyncMock()  # succeeds
-
-    mock_app = MagicMock()
-    mock_app.updater = mock_updater
-    adapter._app = mock_app
-
-    with patch("asyncio.sleep", new_callable=AsyncMock):
-        await adapter._handle_polling_network_error(Exception("Bad Gateway"))
-
-    assert adapter._polling_network_error_count == 0
-
-
-@pytest.mark.asyncio
-async def test_reconnect_triggers_fatal_after_max_retries():
-    """
-    After MAX_NETWORK_RETRIES attempts, the adapter should set a fatal error
-    rather than retrying forever.
-    """
-    adapter = _make_adapter()
-    adapter._polling_network_error_count = 10  # MAX_NETWORK_RETRIES
-
-    fatal_handler = AsyncMock()
-    adapter.set_fatal_error_handler(fatal_handler)
-
-    mock_app = MagicMock()
-    adapter._app = mock_app
-
-    await adapter._handle_polling_network_error(Exception("still failing"))
-
-    assert adapter.has_fatal_error
-    assert adapter.fatal_error_code == "telegram_network_error"
-    fatal_handler.assert_called_once()

tests/gateway/test_verbose_command.py

@@ -1,146 +0,0 @@
-"""Tests for gateway /verbose command (config-gated tool progress cycling)."""
-
-import asyncio
-from unittest.mock import AsyncMock, MagicMock
-
-import pytest
-import yaml
-
-import gateway.run as gateway_run
-from gateway.config import Platform
-from gateway.platforms.base import MessageEvent
-from gateway.session import SessionSource
-
-
-def _make_event(text="/verbose", platform=Platform.TELEGRAM, user_id="12345", chat_id="67890"):
-    """Build a MessageEvent for testing."""
-    source = SessionSource(
-        platform=platform,
-        user_id=user_id,
-        chat_id=chat_id,
-        user_name="testuser",
-    )
-    return MessageEvent(text=text, source=source)
-
-
-def _make_runner():
-    """Create a bare GatewayRunner without calling __init__."""
-    runner = object.__new__(gateway_run.GatewayRunner)
-    runner.adapters = {}
-    runner._ephemeral_system_prompt = ""
-    runner._prefill_messages = []
-    runner._reasoning_config = None
-    runner._show_reasoning = False
-    runner._provider_routing = {}
-    runner._fallback_model = None
-    runner._running_agents = {}
-    runner.hooks = MagicMock()
-    runner.hooks.emit = AsyncMock()
-    runner.hooks.loaded_hooks = []
-    runner._session_db = None
-    runner._get_or_create_gateway_honcho = lambda session_key: (None, None)
-    return runner
-
-
-class TestVerboseCommand:
-    """Tests for _handle_verbose_command in the gateway."""
-
-    @pytest.mark.asyncio
-    async def test_disabled_by_default(self, tmp_path, monkeypatch):
-        """When tool_progress_command is false, /verbose returns an info message."""
-        hermes_home = tmp_path / "hermes"
-        hermes_home.mkdir()
-        config_path = hermes_home / "config.yaml"
-        config_path.write_text("display:\n  tool_progress: all\n", encoding="utf-8")
-
-        monkeypatch.setattr(gateway_run, "_hermes_home", hermes_home)
-
-        runner = _make_runner()
-        result = await runner._handle_verbose_command(_make_event())
-
-        assert "not enabled" in result.lower()
-        assert "tool_progress_command" in result
-
-    @pytest.mark.asyncio
-    async def test_enabled_cycles_mode(self, tmp_path, monkeypatch):
-        """When enabled, /verbose cycles tool_progress mode."""
-        hermes_home = tmp_path / "hermes"
-        hermes_home.mkdir()
-        config_path = hermes_home / "config.yaml"
-        config_path.write_text(
-            "display:\n  tool_progress_command: true\n  tool_progress: all\n",
-            encoding="utf-8",
-        )
-
-        monkeypatch.setattr(gateway_run, "_hermes_home", hermes_home)
-
-        runner = _make_runner()
-        result = await runner._handle_verbose_command(_make_event())
-
-        # all -> verbose
-        assert "VERBOSE" in result
-
-        # Verify config was saved
-        saved = yaml.safe_load(config_path.read_text(encoding="utf-8"))
-        assert saved["display"]["tool_progress"] == "verbose"
-
-    @pytest.mark.asyncio
-    async def test_cycles_through_all_modes(self, tmp_path, monkeypatch):
-        """Calling /verbose repeatedly cycles through all four modes."""
-        hermes_home = tmp_path / "hermes"
-        hermes_home.mkdir()
-        config_path = hermes_home / "config.yaml"
-        config_path.write_text(
-            "display:\n  tool_progress_command: true\n  tool_progress: 'off'\n",
-            encoding="utf-8",
-        )
-
-        monkeypatch.setattr(gateway_run, "_hermes_home", hermes_home)
-        runner = _make_runner()
-
-        # off -> new -> all -> verbose -> off
-        expected = ["new", "all", "verbose", "off"]
-        for mode in expected:
-            result = await runner._handle_verbose_command(_make_event())
-            saved = yaml.safe_load(config_path.read_text(encoding="utf-8"))
-            assert saved["display"]["tool_progress"] == mode, \
-                f"Expected {mode}, got {saved['display']['tool_progress']}"
-
-    @pytest.mark.asyncio
-    async def test_defaults_to_all_when_no_tool_progress_set(self, tmp_path, monkeypatch):
-        """When tool_progress is not in config, defaults to 'all' then cycles to verbose."""
-        hermes_home = tmp_path / "hermes"
-        hermes_home.mkdir()
-        config_path = hermes_home / "config.yaml"
-        config_path.write_text(
-            "display:\n  tool_progress_command: true\n",
-            encoding="utf-8",
-        )
-
-        monkeypatch.setattr(gateway_run, "_hermes_home", hermes_home)
-
-        runner = _make_runner()
-        result = await runner._handle_verbose_command(_make_event())
-
-        # default "all" -> verbose
-        assert "VERBOSE" in result
-        saved = yaml.safe_load(config_path.read_text(encoding="utf-8"))
-        assert saved["display"]["tool_progress"] == "verbose"
-
-    @pytest.mark.asyncio
-    async def test_no_config_file_returns_disabled(self, tmp_path, monkeypatch):
-        """When config.yaml doesn't exist, command reports disabled."""
-        hermes_home = tmp_path / "hermes"
-        hermes_home.mkdir()
-        # No config.yaml
-
-        monkeypatch.setattr(gateway_run, "_hermes_home", hermes_home)
-
-        runner = _make_runner()
-        result = await runner._handle_verbose_command(_make_event())
-        assert "not enabled" in result.lower()
-
-    def test_verbose_is_in_gateway_known_commands(self):
-        """The /verbose command is recognized by the gateway dispatch."""
-        from hermes_cli.commands import GATEWAY_KNOWN_COMMANDS
-        assert "verbose" in GATEWAY_KNOWN_COMMANDS

tests/hermes_cli/test_commands.py

@@ -134,19 +134,12 @@ class TestDerivedDicts:
 # ---------------------------------------------------------------------------
 
 class TestGatewayKnownCommands:
-    def test_excludes_cli_only_without_config_gate(self):
+    def test_excludes_cli_only(self):
         for cmd in COMMAND_REGISTRY:
-            if cmd.cli_only and not cmd.gateway_config_gate:
+            if cmd.cli_only:
                 assert cmd.name not in GATEWAY_KNOWN_COMMANDS, \
                     f"cli_only command '{cmd.name}' should not be in GATEWAY_KNOWN_COMMANDS"
 
-    def test_includes_config_gated_cli_only(self):
-        """Commands with gateway_config_gate are always in GATEWAY_KNOWN_COMMANDS."""
-        for cmd in COMMAND_REGISTRY:
-            if cmd.gateway_config_gate:
-                assert cmd.name in GATEWAY_KNOWN_COMMANDS, \
-                    f"config-gated command '{cmd.name}' should be in GATEWAY_KNOWN_COMMANDS"
-
     def test_includes_gateway_commands(self):
         for cmd in COMMAND_REGISTRY:
             if not cmd.cli_only:
@@ -167,11 +160,11 @@ class TestGatewayHelpLines:
         lines = gateway_help_lines()
         assert len(lines) > 10
 
-    def test_excludes_cli_only_commands_without_config_gate(self):
+    def test_excludes_cli_only_commands(self):
         lines = gateway_help_lines()
         joined = "\n".join(lines)
         for cmd in COMMAND_REGISTRY:
-            if cmd.cli_only and not cmd.gateway_config_gate:
+            if cmd.cli_only:
                 assert f"`/{cmd.name}" not in joined, \
                     f"cli_only command /{cmd.name} should not be in gateway help"
 
@@ -195,10 +188,10 @@ class TestTelegramBotCommands:
         for name, _ in telegram_bot_commands():
             assert "-" not in name, f"Telegram command '{name}' contains a hyphen"
 
-    def test_excludes_cli_only_without_config_gate(self):
+    def test_excludes_cli_only(self):
         names = {name for name, _ in telegram_bot_commands()}
         for cmd in COMMAND_REGISTRY:
-            if cmd.cli_only and not cmd.gateway_config_gate:
+            if cmd.cli_only:
                 tg_name = cmd.name.replace("-", "_")
                 assert tg_name not in names
 
@@ -218,84 +211,13 @@ class TestSlackSubcommandMap:
         assert "bg" in mapping
         assert "reset" in mapping
 
-    def test_excludes_cli_only_without_config_gate(self):
+    def test_excludes_cli_only(self):
         mapping = slack_subcommand_map()
         for cmd in COMMAND_REGISTRY:
-            if cmd.cli_only and not cmd.gateway_config_gate:
+            if cmd.cli_only:
                 assert cmd.name not in mapping
 
 
-# ---------------------------------------------------------------------------
-# Config-gated gateway commands
-# ---------------------------------------------------------------------------
-
-class TestGatewayConfigGate:
-    """Tests for the gateway_config_gate mechanism on CommandDef."""
-
-    def test_verbose_has_config_gate(self):
-        cmd = resolve_command("verbose")
-        assert cmd is not None
-        assert cmd.cli_only is True
-        assert cmd.gateway_config_gate == "display.tool_progress_command"
-
-    def test_verbose_in_gateway_known_commands(self):
-        """Config-gated commands are always recognized by the gateway."""
-        assert "verbose" in GATEWAY_KNOWN_COMMANDS
-
-    def test_config_gate_excluded_from_help_when_off(self, tmp_path, monkeypatch):
-        """When the config gate is falsy, the command should not appear in help."""
-        # Write a config with the gate off (default)
-        config_file = tmp_path / "config.yaml"
-        config_file.write_text("display:\n  tool_progress_command: false\n")
-        monkeypatch.setenv("HERMES_HOME", str(tmp_path))
-
-        lines = gateway_help_lines()
-        joined = "\n".join(lines)
-        assert "`/verbose" not in joined
-
-    def test_config_gate_included_in_help_when_on(self, tmp_path, monkeypatch):
-        """When the config gate is truthy, the command should appear in help."""
-        config_file = tmp_path / "config.yaml"
-        config_file.write_text("display:\n  tool_progress_command: true\n")
-        monkeypatch.setenv("HERMES_HOME", str(tmp_path))
-
-        lines = gateway_help_lines()
-        joined = "\n".join(lines)
-        assert "`/verbose" in joined
-
-    def test_config_gate_excluded_from_telegram_when_off(self, tmp_path, monkeypatch):
-        config_file = tmp_path / "config.yaml"
-        config_file.write_text("display:\n  tool_progress_command: false\n")
-        monkeypatch.setenv("HERMES_HOME", str(tmp_path))
-
-        names = {name for name, _ in telegram_bot_commands()}
-        assert "verbose" not in names
-
-    def test_config_gate_included_in_telegram_when_on(self, tmp_path, monkeypatch):
-        config_file = tmp_path / "config.yaml"
-        config_file.write_text("display:\n  tool_progress_command: true\n")
-        monkeypatch.setenv("HERMES_HOME", str(tmp_path))
-
-        names = {name for name, _ in telegram_bot_commands()}
-        assert "verbose" in names
-
-    def test_config_gate_excluded_from_slack_when_off(self, tmp_path, monkeypatch):
-        config_file = tmp_path / "config.yaml"
-        config_file.write_text("display:\n  tool_progress_command: false\n")
-        monkeypatch.setenv("HERMES_HOME", str(tmp_path))
-
-        mapping = slack_subcommand_map()
-        assert "verbose" not in mapping
-
-    def test_config_gate_included_in_slack_when_on(self, tmp_path, monkeypatch):
-        config_file = tmp_path / "config.yaml"
-        config_file.write_text("display:\n  tool_progress_command: true\n")
-        monkeypatch.setenv("HERMES_HOME", str(tmp_path))
-
-        mapping = slack_subcommand_map()
-        assert "verbose" in mapping
-
-
 # ---------------------------------------------------------------------------
 # Autocomplete (SlashCommandCompleter)
 # ---------------------------------------------------------------------------

tests/test_exit_cleanup_interrupt.py

@@ -1,105 +0,0 @@
-"""Tests for KeyboardInterrupt handling in exit cleanup paths.
-
-``except Exception`` does not catch ``KeyboardInterrupt`` (which inherits
-from ``BaseException``).  A second Ctrl+C during exit cleanup must not
-abort remaining cleanup steps.  These tests exercise the actual production
-code paths — not a copy of the try/except pattern.
-"""
-
-import atexit
-import weakref
-from unittest.mock import MagicMock, patch, call
-
-import pytest
-
-
-class TestHonchoAtexitFlush:
-    """run_agent.py — _register_honcho_exit_hook atexit handler."""
-
-    def test_keyboard_interrupt_during_flush_does_not_propagate(self):
-        """The atexit handler must swallow KeyboardInterrupt from flush_all()."""
-        mock_manager = MagicMock()
-        mock_manager.flush_all.side_effect = KeyboardInterrupt
-
-        # Capture functions passed to atexit.register
-        registered_fns = []
-        original_register = atexit.register
-
-        def capturing_register(fn, *args, **kwargs):
-            registered_fns.append(fn)
-            # Don't actually register — we don't want side effects
-
-        with patch("atexit.register", side_effect=capturing_register):
-            from run_agent import AIAgent
-            agent = object.__new__(AIAgent)
-            agent._honcho = mock_manager
-            agent._honcho_exit_hook_registered = False
-            agent._register_honcho_exit_hook()
-
-        # Our handler is the last one registered
-        assert len(registered_fns) >= 1, "atexit handler was not registered"
-        flush_handler = registered_fns[-1]
-
-        # Invoke the registered handler — must not raise
-        flush_handler()
-        mock_manager.flush_all.assert_called_once()
-
-
-class TestCronJobCleanup:
-    """cron/scheduler.py — end_session + close in the finally block."""
-
-    def test_keyboard_interrupt_in_end_session_does_not_skip_close(self):
-        """If end_session raises KeyboardInterrupt, close() must still run."""
-        mock_db = MagicMock()
-        mock_db.end_session.side_effect = KeyboardInterrupt
-
-        from cron import scheduler
-
-        job = {
-            "id": "test-job-1",
-            "name": "test cleanup",
-            "prompt": "hello",
-            "schedule": "0 9 * * *",
-            "model": "test/model",
-        }
-
-        with patch("hermes_state.SessionDB", return_value=mock_db), \
-             patch.object(scheduler, "_build_job_prompt", return_value="hello"), \
-             patch.object(scheduler, "_resolve_origin", return_value=None), \
-             patch.object(scheduler, "_resolve_delivery_target", return_value=None), \
-             patch("dotenv.load_dotenv", return_value=None), \
-             patch("run_agent.AIAgent") as MockAgent:
-            # Make the agent raise immediately so we hit the finally block
-            MockAgent.return_value.run_conversation.side_effect = RuntimeError("boom")
-            scheduler.run_job(job)
-
-        mock_db.end_session.assert_called_once()
-        mock_db.close.assert_called_once()
-
-    def test_keyboard_interrupt_in_close_does_not_propagate(self):
-        """If close() raises KeyboardInterrupt, it must not escape run_job."""
-        mock_db = MagicMock()
-        mock_db.close.side_effect = KeyboardInterrupt
-
-        from cron import scheduler
-
-        job = {
-            "id": "test-job-2",
-            "name": "test close interrupt",
-            "prompt": "hello",
-            "schedule": "0 9 * * *",
-            "model": "test/model",
-        }
-
-        with patch("hermes_state.SessionDB", return_value=mock_db), \
-             patch.object(scheduler, "_build_job_prompt", return_value="hello"), \
-             patch.object(scheduler, "_resolve_origin", return_value=None), \
-             patch.object(scheduler, "_resolve_delivery_target", return_value=None), \
-             patch("dotenv.load_dotenv", return_value=None), \
-             patch("run_agent.AIAgent") as MockAgent:
-            MockAgent.return_value.run_conversation.side_effect = RuntimeError("boom")
-            # Must not raise
-            scheduler.run_job(job)
-
-        mock_db.end_session.assert_called_once()
-        mock_db.close.assert_called_once()

tests/test_hermes_state.py

@@ -1102,89 +1102,6 @@ class TestListSessionsRich:
         assert "Line one Line two" in sessions[0]["preview"]
 
 
-# =========================================================================
-# Session source exclusion (--source flag for third-party isolation)
-# =========================================================================
-
-class TestExcludeSources:
-    """Tests for exclude_sources on list_sessions_rich and search_messages."""
-
-    def test_list_sessions_rich_excludes_tool_source(self, db):
-        db.create_session("s1", "cli")
-        db.create_session("s2", "tool")
-        db.create_session("s3", "telegram")
-        sessions = db.list_sessions_rich(exclude_sources=["tool"])
-        ids = [s["id"] for s in sessions]
-        assert "s1" in ids
-        assert "s3" in ids
-        assert "s2" not in ids
-
-    def test_list_sessions_rich_no_exclusion_returns_all(self, db):
-        db.create_session("s1", "cli")
-        db.create_session("s2", "tool")
-        sessions = db.list_sessions_rich()
-        ids = [s["id"] for s in sessions]
-        assert "s1" in ids
-        assert "s2" in ids
-
-    def test_list_sessions_rich_source_and_exclude_combined(self, db):
-        """When source= is explicit, exclude_sources should not conflict."""
-        db.create_session("s1", "cli")
-        db.create_session("s2", "tool")
-        db.create_session("s3", "telegram")
-        # Explicit source filter: only tool sessions, no exclusion
-        sessions = db.list_sessions_rich(source="tool")
-        ids = [s["id"] for s in sessions]
-        assert ids == ["s2"]
-
-    def test_list_sessions_rich_exclude_multiple_sources(self, db):
-        db.create_session("s1", "cli")
-        db.create_session("s2", "tool")
-        db.create_session("s3", "cron")
-        db.create_session("s4", "telegram")
-        sessions = db.list_sessions_rich(exclude_sources=["tool", "cron"])
-        ids = [s["id"] for s in sessions]
-        assert "s1" in ids
-        assert "s4" in ids
-        assert "s2" not in ids
-        assert "s3" not in ids
-
-    def test_search_messages_excludes_tool_source(self, db):
-        db.create_session("s1", "cli")
-        db.append_message("s1", "user", "Python deployment question")
-        db.create_session("s2", "tool")
-        db.append_message("s2", "user", "Python automated question")
-        results = db.search_messages("Python", exclude_sources=["tool"])
-        sources = [r["source"] for r in results]
-        assert "cli" in sources
-        assert "tool" not in sources
-
-    def test_search_messages_no_exclusion_returns_all_sources(self, db):
-        db.create_session("s1", "cli")
-        db.append_message("s1", "user", "Rust deployment question")
-        db.create_session("s2", "tool")
-        db.append_message("s2", "user", "Rust automated question")
-        results = db.search_messages("Rust")
-        sources = [r["source"] for r in results]
-        assert "cli" in sources
-        assert "tool" in sources
-
-    def test_search_messages_source_include_and_exclude(self, db):
-        """source_filter (include) and exclude_sources can coexist."""
-        db.create_session("s1", "cli")
-        db.append_message("s1", "user", "Golang test")
-        db.create_session("s2", "telegram")
-        db.append_message("s2", "user", "Golang test")
-        db.create_session("s3", "tool")
-        db.append_message("s3", "user", "Golang test")
-        # Include cli+tool, but exclude tool → should only return cli
-        results = db.search_messages(
-            "Golang", source_filter=["cli", "tool"], exclude_sources=["tool"]
-        )
-        sources = [r["source"] for r in results]
-        assert sources == ["cli"]
-
-
 class TestResolveSessionByNameOrId:
     """Tests for the main.py helper that resolves names or IDs."""
 

tests/tools/test_approval.py

@@ -512,73 +512,3 @@ class TestGatewayProtection:
         dangerous, key, desc = detect_dangerous_command(cmd)
         assert dangerous is False
 
-
-class TestNormalizationBypass:
-    """Obfuscation techniques must not bypass dangerous command detection."""
-
-    def test_fullwidth_unicode_rm(self):
-        """Fullwidth Unicode 'ｒｍ -ｒｆ /' must be caught after NFKC normalization."""
-        cmd = "\uff52\uff4d -\uff52\uff46 /"  # ｒｍ -ｒｆ /
-        dangerous, key, desc = detect_dangerous_command(cmd)
-        assert dangerous is True, f"Fullwidth 'rm -rf /' was not detected: {cmd!r}"
-
-    def test_fullwidth_unicode_dd(self):
-        """Fullwidth 'ｄｄ if=/dev/zero' must be caught."""
-        cmd = "\uff44\uff44 if=/dev/zero of=/dev/sda"
-        dangerous, key, desc = detect_dangerous_command(cmd)
-        assert dangerous is True
-
-    def test_fullwidth_unicode_chmod(self):
-        """Fullwidth 'ｃｈｍｏｄ 777' must be caught."""
-        cmd = "\uff43\uff48\uff4d\uff4f\uff44 777 /tmp/test"
-        dangerous, key, desc = detect_dangerous_command(cmd)
-        assert dangerous is True
-
-    def test_ansi_csi_wrapped_rm(self):
-        """ANSI CSI color codes wrapping 'rm' must be stripped and caught."""
-        cmd = "\x1b[31mrm\x1b[0m -rf /"
-        dangerous, key, desc = detect_dangerous_command(cmd)
-        assert dangerous is True, f"ANSI-wrapped 'rm -rf /' was not detected"
-
-    def test_ansi_osc_embedded_rm(self):
-        """ANSI OSC sequences embedded in command must be stripped."""
-        cmd = "\x1b]0;title\x07rm -rf /"
-        dangerous, key, desc = detect_dangerous_command(cmd)
-        assert dangerous is True
-
-    def test_ansi_8bit_c1_wrapped_rm(self):
-        """8-bit C1 CSI (0x9b) wrapping 'rm' must be stripped and caught."""
-        cmd = "\x9b31mrm\x9b0m -rf /"
-        dangerous, key, desc = detect_dangerous_command(cmd)
-        assert dangerous is True, "8-bit C1 CSI bypass was not caught"
-
-    def test_null_byte_in_rm(self):
-        """Null bytes injected into 'rm' must be stripped and caught."""
-        cmd = "r\x00m -rf /"
-        dangerous, key, desc = detect_dangerous_command(cmd)
-        assert dangerous is True, f"Null-byte 'rm' was not detected: {cmd!r}"
-
-    def test_null_byte_in_dd(self):
-        """Null bytes in 'dd' must be stripped."""
-        cmd = "d\x00d if=/dev/sda"
-        dangerous, key, desc = detect_dangerous_command(cmd)
-        assert dangerous is True
-
-    def test_mixed_fullwidth_and_ansi(self):
-        """Combined fullwidth + ANSI obfuscation must still be caught."""
-        cmd = "\x1b[1m\uff52\uff4d\x1b[0m -rf /"
-        dangerous, key, desc = detect_dangerous_command(cmd)
-        assert dangerous is True
-
-    def test_safe_command_after_normalization(self):
-        """Normal safe commands must not be flagged after normalization."""
-        cmd = "ls -la /tmp"
-        dangerous, key, desc = detect_dangerous_command(cmd)
-        assert dangerous is False
-
-    def test_fullwidth_safe_command_not_flagged(self):
-        """Fullwidth 'ｌｓ -ｌａ' is safe and must not be flagged."""
-        cmd = "\uff4c\uff53 -\uff4c\uff41 /tmp"
-        dangerous, key, desc = detect_dangerous_command(cmd)
-        assert dangerous is False
-

tests/tools/test_delegate_toolset_scope.py

@@ -1,66 +0,0 @@
-"""Tests for delegate_tool toolset scoping.
-
-Verifies that subagents cannot gain tools that the parent does not have.
-The LLM controls the `toolsets` parameter — without intersection with the
-parent's enabled_toolsets, it can escalate privileges by requesting
-arbitrary toolsets.
-"""
-
-from unittest.mock import MagicMock, patch
-from types import SimpleNamespace
-
-from tools.delegate_tool import _strip_blocked_tools
-
-
-class TestToolsetIntersection:
-    """Subagent toolsets must be a subset of parent's enabled_toolsets."""
-
-    def test_requested_toolsets_intersected_with_parent(self):
-        """LLM requests toolsets parent doesn't have — extras are dropped."""
-        parent = SimpleNamespace(enabled_toolsets=["terminal", "file"])
-
-        # Simulate the intersection logic from _build_child_agent
-        parent_toolsets = set(parent.enabled_toolsets)
-        requested = ["terminal", "file", "web", "browser", "rl"]
-        scoped = [t for t in requested if t in parent_toolsets]
-
-        assert sorted(scoped) == ["file", "terminal"]
-        assert "web" not in scoped
-        assert "browser" not in scoped
-        assert "rl" not in scoped
-
-    def test_all_requested_toolsets_available_on_parent(self):
-        """LLM requests subset of parent tools — all pass through."""
-        parent = SimpleNamespace(enabled_toolsets=["terminal", "file", "web", "browser"])
-
-        parent_toolsets = set(parent.enabled_toolsets)
-        requested = ["terminal", "web"]
-        scoped = [t for t in requested if t in parent_toolsets]
-
-        assert sorted(scoped) == ["terminal", "web"]
-
-    def test_no_toolsets_requested_inherits_parent(self):
-        """When toolsets is None/empty, child inherits parent's set."""
-        parent_toolsets = ["terminal", "file", "web"]
-        child = _strip_blocked_tools(parent_toolsets)
-        assert "terminal" in child
-        assert "file" in child
-        assert "web" in child
-
-    def test_strip_blocked_removes_delegation(self):
-        """Blocked toolsets (delegation, clarify, etc.) are always removed."""
-        child = _strip_blocked_tools(["terminal", "delegation", "clarify", "memory"])
-        assert "delegation" not in child
-        assert "clarify" not in child
-        assert "memory" not in child
-        assert "terminal" in child
-
-    def test_empty_intersection_yields_empty_toolsets(self):
-        """If parent has no overlap with requested, child gets nothing extra."""
-        parent = SimpleNamespace(enabled_toolsets=["terminal"])
-
-        parent_toolsets = set(parent.enabled_toolsets)
-        requested = ["web", "browser"]
-        scoped = [t for t in requested if t in parent_toolsets]
-
-        assert scoped == []

tests/tools/test_session_search.py

@@ -8,7 +8,6 @@ from tools.session_search_tool import (
     _format_timestamp,
     _format_conversation,
     _truncate_around_matches,
-    _HIDDEN_SESSION_SOURCES,
     MAX_SESSION_CHARS,
     SESSION_SEARCH_SCHEMA,
 )
@@ -18,17 +17,6 @@ from tools.session_search_tool import (
 # Tool schema guidance
 # =========================================================================
 
-class TestHiddenSessionSources:
-    """Verify the _HIDDEN_SESSION_SOURCES constant used for third-party isolation."""
-
-    def test_tool_source_is_hidden(self):
-        assert "tool" in _HIDDEN_SESSION_SOURCES
-
-    def test_standard_sources_not_hidden(self):
-        for src in ("cli", "telegram", "discord", "slack", "cron"):
-            assert src not in _HIDDEN_SESSION_SOURCES
-
-
 class TestSessionSearchSchema:
     def test_keeps_cross_session_recall_guidance_without_current_session_nudge(self):
         description = SESSION_SEARCH_SCHEMA["description"]

tools/approval.py

@@ -13,7 +13,6 @@ import os
 import re
 import sys
 import threading
-import unicodedata
 from typing import Optional
 
 logger = logging.getLogger(__name__)
@@ -83,31 +82,13 @@ def _approval_key_aliases(pattern_key: str) -> set[str]:
 # Detection
 # =========================================================================
 
-def _normalize_command_for_detection(command: str) -> str:
-    """Normalize a command string before dangerous-pattern matching.
-
-    Strips ANSI escape sequences (full ECMA-48 via tools.ansi_strip),
-    null bytes, and normalizes Unicode fullwidth characters so that
-    obfuscation techniques cannot bypass the pattern-based detection.
-    """
-    from tools.ansi_strip import strip_ansi
-
-    # Strip all ANSI escape sequences (CSI, OSC, DCS, 8-bit C1, etc.)
-    command = strip_ansi(command)
-    # Strip null bytes
-    command = command.replace('\x00', '')
-    # Normalize Unicode (fullwidth Latin, halfwidth Katakana, etc.)
-    command = unicodedata.normalize('NFKC', command)
-    return command
-
-
 def detect_dangerous_command(command: str) -> tuple:
     """Check if a command matches any dangerous patterns.
 
     Returns:
         (is_dangerous, pattern_key, description) or (False, None, None)
     """
-    command_lower = _normalize_command_for_detection(command).lower()
+    command_lower = command.lower()
     for pattern, description in DANGEROUS_PATTERNS:
         if re.search(pattern, command_lower, re.IGNORECASE | re.DOTALL):
             pattern_key = description

tools/delegate_tool.py

@@ -174,10 +174,8 @@ def _build_child_agent(
 
     # When no explicit toolsets given, inherit from parent's enabled toolsets
     # so disabled tools (e.g. web) don't leak to subagents.
-    parent_toolsets = set(getattr(parent_agent, "enabled_toolsets", None) or DEFAULT_TOOLSETS)
     if toolsets:
-        # Intersect with parent — subagent must not gain tools the parent lacks
-        child_toolsets = _strip_blocked_tools([t for t in toolsets if t in parent_toolsets])
+        child_toolsets = _strip_blocked_tools(toolsets)
     elif parent_agent and getattr(parent_agent, "enabled_toolsets", None):
         child_toolsets = _strip_blocked_tools(parent_agent.enabled_toolsets)
     else:

tools/session_search_tool.py

@@ -178,16 +178,10 @@ async def _summarize_session(
                 return None
 
 
-# Sources that are excluded from session browsing/searching by default.
-# Third-party integrations (Paperclip agents, etc.) tag their sessions with
-# HERMES_SESSION_SOURCE=tool so they don't clutter the user's session history.
-_HIDDEN_SESSION_SOURCES = ("tool",)
-
-
 def _list_recent_sessions(db, limit: int, current_session_id: str = None) -> str:
     """Return metadata for the most recent sessions (no LLM calls)."""
     try:
-        sessions = db.list_sessions_rich(limit=limit + 5, exclude_sources=list(_HIDDEN_SESSION_SOURCES))  # fetch extra to skip current
+        sessions = db.list_sessions_rich(limit=limit + 5)  # fetch extra to skip current
 
         # Resolve current session lineage to exclude it
         current_root = None
@@ -271,7 +265,6 @@ def session_search(
         raw_results = db.search_messages(
             query=query,
             role_filter=role_list,
-            exclude_sources=list(_HIDDEN_SESSION_SOURCES),
             limit=50,  # Get more matches to find unique sessions
             offset=0,
         )

toolsets.py

@@ -248,42 +248,6 @@ TOOLSETS = {
         ],
         "includes": []
     },
-
-    "hermes-api-server": {
-        "description": "OpenAI-compatible API server — full agent tools accessible via HTTP (no interactive UI tools like clarify or send_message)",
-        "tools": [
-            # Web
-            "web_search", "web_extract",
-            # Terminal + process management
-            "terminal", "process",
-            # File manipulation
-            "read_file", "write_file", "patch", "search_files",
-            # Vision + image generation
-            "vision_analyze", "image_generate",
-            # MoA
-            "mixture_of_agents",
-            # Skills
-            "skills_list", "skill_view", "skill_manage",
-            # Browser automation
-            "browser_navigate", "browser_snapshot", "browser_click",
-            "browser_type", "browser_scroll", "browser_back",
-            "browser_press", "browser_close", "browser_get_images",
-            "browser_vision", "browser_console",
-            # Planning & memory
-            "todo", "memory",
-            # Session history search
-            "session_search",
-            # Code execution + delegation
-            "execute_code", "delegate_task",
-            # Cronjob management
-            "cronjob",
-            # Home Assistant smart home control (gated on HASS_TOKEN via check_fn)
-            "ha_list_entities", "ha_get_state", "ha_list_services", "ha_call_service",
-            # Honcho memory tools (gated on honcho being active via check_fn)
-            "honcho_context", "honcho_profile", "honcho_search", "honcho_conclude",
-        ],
-        "includes": []
-    },
     
     "hermes-cli": {
         "description": "Full interactive CLI toolset - all default tools plus cronjob management",

website/docs/reference/slash-commands.md

@@ -46,7 +46,7 @@ Type `/` in the CLI to open the autocomplete menu. Built-in commands are case-in
 | `/provider` | Show available providers and current provider |
 | `/prompt` | View/set custom system prompt |
 | `/personality` | Set a predefined personality |
-| `/verbose` | Cycle tool progress display: off → new → all → verbose. Can be [enabled for messaging](#notes) via config. |
+| `/verbose` | Cycle tool progress display: off → new → all → verbose |
 | `/reasoning` | Manage reasoning effort and display (usage: /reasoning [level\|show\|hide]) |
 | `/skin` | Show or change the display skin/theme |
 | `/voice [on\|off\|tts\|status]` | Toggle CLI voice mode and spoken playback. Recording uses `voice.record_key` (default: `Ctrl+B`). |
@@ -125,8 +125,7 @@ The messaging gateway supports the following built-in commands inside Telegram,
 
 ## Notes
 
-- `/skin`, `/tools`, `/toolsets`, `/browser`, `/config`, `/prompt`, `/cron`, `/skills`, `/platforms`, `/paste`, `/statusbar`, and `/plugins` are **CLI-only** commands.
-- `/verbose` is **CLI-only by default**, but can be enabled for messaging platforms by setting `display.tool_progress_command: true` in `config.yaml`. When enabled, it cycles the `display.tool_progress` mode and saves to config.
+- `/skin`, `/tools`, `/toolsets`, `/browser`, `/config`, `/prompt`, `/cron`, `/skills`, `/platforms`, `/paste`, `/verbose`, `/statusbar`, and `/plugins` are **CLI-only** commands.
 - `/status`, `/sethome`, `/update`, `/approve`, and `/deny` are **messaging-only** commands.
 - `/background`, `/voice`, `/reload-mcp`, and `/rollback` work in **both** the CLI and the messaging gateway.
 - `/voice join`, `/voice channel`, and `/voice leave` are only meaningful on Discord.

website/docs/user-guide/cli.md

@@ -230,7 +230,7 @@ The CLI shows animated feedback as the agent works:
   ┊ 📄 web_extract (2.1s)
 ```
 
-Cycle through display modes with `/verbose`: `off → new → all → verbose`. This command can also be enabled for messaging platforms — see [configuration](/docs/user-guide/configuration#display-settings).
+Cycle through display modes with `/verbose`: `off → new → all → verbose`.
 
 ## Session Management
 

website/docs/user-guide/configuration.md

@@ -1163,7 +1163,6 @@ This controls both the `text_to_speech` tool and spoken replies in voice mode (`
 ```yaml
 display:
   tool_progress: all      # off | new | all | verbose
-  tool_progress_command: false  # Enable /verbose slash command in messaging gateway
   skin: default           # Built-in or custom CLI skin (see user-guide/features/skins)
   theme_mode: auto        # auto | light | dark — color scheme for skin-aware rendering
   personality: "kawaii"  # Legacy cosmetic field still surfaced in some summaries
@@ -1195,8 +1194,6 @@ This works with any skin — built-in or custom. Skin authors can provide `color
 | `all` | Every tool call with a short preview (default) |
 | `verbose` | Full args, results, and debug logs |
 
-In the CLI, cycle through these modes with `/verbose`. To use `/verbose` in messaging platforms (Telegram, Discord, Slack, etc.), set `tool_progress_command: true` in the `display` section above. The command will then cycle the mode and save to config.
-
 ## Privacy
 
 ```yaml

website/docs/user-guide/features/plugins.md

@@ -83,7 +83,6 @@ The handler receives the argument string (everything after `/greet`) and returns
 | `aliases` | Tuple of alternative names |
 | `cli_only` | Only available in CLI |
 | `gateway_only` | Only available in messaging platforms |
-| `gateway_config_gate` | Config dotpath (e.g. `"display.my_option"`). When set on a `cli_only` command, the command becomes available in the gateway if the config value is truthy. |
 
 ## Managing plugins
 

website/docs/user-guide/messaging/index.md

@@ -188,7 +188,6 @@ Control how much tool activity is displayed in `~/.hermes/config.yaml`:
 ```yaml
 display:
   tool_progress: all    # off | new | all | verbose
-  tool_progress_command: false  # set to true to enable /verbose in messaging
 ```
 
 When enabled, the bot sends status messages as it works: