Skip to main content

Overview

Connectors are where agents create differentiated value — reading a customer’s ad performance, pulling assets from their drive, sending email on their behalf. All of that requires customer credentials, which Herm treats as radioactive. Secret handling is split across two steps:
  1. Register the credential once with the Prism team. It’s stored in Herm’s vault and you get back a reference (sec_...).
  2. Reference it on the deployment. The deployment declaration carries only references — never raw values.
This separation keeps secrets out of API requests, version control, and logs entirely.

Register a credential

Herm is in early access, so registration goes through the Prism team — book a call or email rajit@prismvideos.com with the connector and customer it belongs to. You receive a sec_... reference per credential.

Reference secrets on the deployment

Pass references in the secrets map when creating or updating a deployment. The key is the environment variable name the connector expects; the value is the reference: 
await herm.deployments.update("dep_7xK9s2", {
  secrets: {
    META_ADS_TOKEN: "sec_acme_meta_ads",
    GOOGLE_DRIVE_TOKEN: "sec_acme_gdrive",
  },
});
On updates, secrets is merged at the key level — set a key to null to remove it. A deployment referencing a missing or inaccessible secret fails with invalid_secret_ref.

What the agent can and can’t see

The agent’s connector tools work at runtime, but the raw credential never appears in: Credentials are injected outside the sandbox boundary, so even a prompt-injected agent can’t exfiltrate a token it never possessed.

Per-customer scoping

Register separate credentials per customer and pass each customer’s references to their own deployment. Combined with per-container isolation, customer A’s agent has no path to customer B’s credentials — there is no shared credential store inside any sandbox.

Rotate a credential

Rotation is a two-step swap with no deployment downtime:
  1. Register the new credential with the Prism team and receive a fresh reference.
  2. Update the deployment’s secrets map to point at it:
await herm.deployments.update("dep_7xK9s2", {
  secrets: {
    META_ADS_TOKEN: "sec_acme_meta_ads_v2",
  },
});
The new credential applies from the agent’s next run. Ask the Prism team to revoke the old reference once nothing points at it.