hermes-upstream-watch.sh is a standalone Bash watchdog that summarizes upstream NousResearch/hermes-agent activity and writes a daily Markdown report for safe human review.

It is designed to answer one question before any update: "Is pulling upstream worth the risk today?"

What it does

Queries GitHub commits from the last 24 hours (max 100) with a 15s network timeout.
Reads local repo state from /home/iadnah/.hermes/hermes-agent/ without changing history.
Computes branch divergence (behind / ahead), local branch name, and dirty/clean status.
Cross-checks commit titles/bodies and changed paths against a pain-points file.
Produces a report at /home/iadnah/lilaBuild/vaults/obsidian-private/hermes/reports/hermes-upstream-YYYY-MM-DD.md.
In --quiet mode, stays silent unless relevant changes were found or local is 3+ commits behind.

Safety guarantees

Never runs git pull, git merge, or git reset.
Uses git fetch origin --quiet only to refresh remote refs for comparison.
Handles API and git failures by writing clear warnings into the report (including API unavailable).

Inputs and outputs

Script path (deployed copy): /home/iadnah/.hermes/scripts/hermes-upstream-watch.sh
Repo copy in this git folder: hermes-repo-watcher/hermes-upstream-watch.sh
Pain-point file: /home/iadnah/lilaBuild/vaults/obsidian-private/hermes/hermes-pain-points.md
Report directory: /home/iadnah/lilaBuild/vaults/obsidian-private/hermes/reports/

If hermes-pain-points.md is missing, the script auto-creates a starter template.

Usage

/home/iadnah/.hermes/scripts/hermes-upstream-watch.sh
/home/iadnah/.hermes/scripts/hermes-upstream-watch.sh --quiet