alt Hacker NewsHow are you handling secrets? I want hermes to do stuff on the internet but I am not enthused about dumping the requried keys in .env.local or using process wrapper services like infisical yet. Encapsulating hermes in a docker sandbox feels slippery and I'm always left thinking if i've hardened my server enough.
Openclaw uses the API key for Sonarr / Radarr, no secrets management (yet).
Though egress is heavily restricted for OpenClaw and everything is behind a FW.