hermes

The server runs in a Trusted Execution Environment (TEE) providing hardware isolation for secret keys and pending entries, a significant security advantage. Pseudonyms are deterministically derived from secret keys using SHA256, and are never directly exposed. Pending entries are memory-only within the TEE for one hour, allowing deletion before public publishing to Firestore. The write tool's schema forces a client-side 'sensitivity_check' (relying on Claude's self-censorship); however, a server-side anonymization filter is noted as 'TODO', meaning server-enforced content sanitization is not yet active. All API endpoints use `Access-Control-Allow-Origin: *`, which is standard for public APIs but means requests can be made from any origin. No hardcoded secrets were found; sensitive configurations like Firebase service account details are expected via environment variables.