webhook-subscriptions
Create and manage webhook subscriptions for event-driven agent activation, or for direct push notifications (zero LLM cost). Use when the user wants external services to trigger agent runs OR push not
Create and manage webhook subscriptions for event-driven agent activation, or for direct push notifications (zero LLM cost). Use when the user wants external services to trigger agent runs OR push not
Real data. Real impact.
Emerging
Developers
Per week
Excellent
Skills give you superpowers. Install in 30 seconds.
Create dynamic webhook subscriptions so external services (GitHub, GitLab, Stripe, CI/CD, IoT sensors, monitoring tools) can trigger Hermes agent runs by POSTing events to a URL.
The webhook platform must be enabled before subscriptions can be created. Check with:
hermes webhook list
If it says "Webhook platform is not enabled", set it up:
hermes gateway setup
Follow the prompts to enable webhooks, set the port, and set a global HMAC secret.
Add to
~/.hermes/config.yaml:
platforms: webhook: enabled: true extra: host: "0.0.0.0" port: 8644 secret: "generate-a-strong-secret-here"
Add to
~/.hermes/.env:
WEBHOOK_ENABLED=true WEBHOOK_PORT=8644 WEBHOOK_SECRET=generate-a-strong-secret-here
After configuration, start (or restart) the gateway:
hermes gateway run # Or if using systemd: systemctl --user restart hermes-gateway
Verify it's running:
curl http://localhost:8644/health
All management is via the
hermes webhook CLI command:
hermes webhook subscribe <name> \ --prompt "Prompt template with {payload.fields}" \ --events "event1,event2" \ --description "What this does" \ --skills "skill1,skill2" \ --deliver telegram \ --deliver-chat-id "12345" \ --secret "optional-custom-secret"
Returns the webhook URL and HMAC secret. The user configures their service to POST to that URL.
hermes webhook list
hermes webhook remove <name>
hermes webhook test <name> hermes webhook test <name> --payload '{"key": "value"}'
Prompts support
{dot.notation} for accessing nested payload fields:
{issue.title} — GitHub issue title{pull_request.user.login} — PR author{data.object.amount} — Stripe payment amount{sensor.temperature} — IoT sensor readingIf no prompt is specified, the full JSON payload is dumped into the agent prompt.
hermes webhook subscribe github-issues \ --events "issues" \ --prompt "New GitHub issue #{issue.number}: {issue.title}\n\nAction: {action}\nAuthor: {issue.user.login}\nBody:\n{issue.body}\n\nPlease triage this issue." \ --deliver telegram \ --deliver-chat-id "-100123456789"
Then in GitHub repo Settings → Webhooks → Add webhook:
hermes webhook subscribe github-prs \ --events "pull_request" \ --prompt "PR #{pull_request.number} {action}: {pull_request.title}\nBy: {pull_request.user.login}\nBranch: {pull_request.head.ref}\n\n{pull_request.body}" \ --skills "github-code-review" \ --deliver github_comment
hermes webhook subscribe stripe-payments \ --events "payment_intent.succeeded,payment_intent.payment_failed" \ --prompt "Payment {data.object.status}: {data.object.amount} cents from {data.object.receipt_email}" \ --deliver telegram \ --deliver-chat-id "-100123456789"
hermes webhook subscribe ci-builds \ --events "pipeline" \ --prompt "Build {object_attributes.status} on {project.name} branch {object_attributes.ref}\nCommit: {commit.message}" \ --deliver discord \ --deliver-chat-id "1234567890"
hermes webhook subscribe alerts \ --prompt "Alert: {alert.name}\nSeverity: {alert.severity}\nMessage: {alert.message}\n\nPlease investigate and suggest remediation." \ --deliver origin
For use cases where you just want to push a notification through to a user's chat — no reasoning, no agent loop — add
--deliver-only. The rendered --prompt template becomes the literal message body and is dispatched directly to the target adapter.
Use this for:
hermes webhook subscribe antenna-matches \ --deliver telegram \ --deliver-chat-id "123456789" \ --deliver-only \ --prompt "🎉 New match: {match.user_name} matched with you!" \ --description "Antenna match notifications"
The POST returns
200 OK on successful delivery, 502 on target failure — so upstream services can retry intelligently. HMAC auth, rate limits, and idempotency still apply.
Requires
--deliver to be a real target (telegram, discord, slack, github_comment, etc.) — --deliver log is rejected because log-only direct delivery is pointless.
--secret)~/.hermes/webhook_subscriptions.jsonhermes webhook subscribe writes to ~/.hermes/webhook_subscriptions.jsonIf webhooks aren't working:
systemctl --user status hermes-gateway or ps aux | grep gatewaycurl http://localhost:8644/health should return {"status": "ok"}grep webhook ~/.hermes/logs/gateway.log | tail -20hermes webhook list. GitHub sends X-Hub-Signature-256, GitLab sends X-Gitlab-Token.--events filter matches what the service sends. Use hermes webhook test <name> to verify the route works.MIT
mkdir -p ~/.hermes/skills/devops/webhook-subscriptions && curl -o ~/.hermes/skills/devops/webhook-subscriptions/SKILL.md https://raw.githubusercontent.com/NousResearch/hermes-agent/main/skills/devops/webhook-subscriptions/SKILL.md1,500+ AI skills, agents & workflows. Install in 30 seconds. Part of the Torly.ai family.
© 2026 Torly.ai. All rights reserved.