Gmail, Calendar, Drive, Docs, Sheets via gws CLI or Python.
Configure and use Honcho memory with Hermes -- cross-session user modeling, multi-profile peer isolation, observation config, dialectic reasoning, session summaries, and context budget enforcement. Use when setting up Honcho, troubleshooting memory, managing profiles with Honcho peers, or tuning observation, recall, and dialectic settings.
Migrate a user's OpenClaw customization footprint into Hermes Agent. Imports Hermes-compatible memories, SOUL.md, command allowlists, user skills, and selected workspace assets from ~/.openclaw, then reports exactly what could not be migrated and why.
Configure, extend, or contribute to Hermes Agent.
Operate the Antigravity CLI (agy): plugins, auth, sandbox.
Apple Reminders via remindctl: add, list, complete.
| name | grok |
| description | Delegate coding to xAI Grok Build CLI (features, PRs). |
| version | 0.1.0 |
| author | Matt Maximo (MattMaximo), Hermes Agent |
| license | MIT |
| platforms | ["linux","macos","windows"] |
| metadata | {"hermes":{"tags":["Coding-Agent","Grok","xAI","Code-Review","Refactoring","Automation"],"related_skills":["codex","claude-code","hermes-agent"]}} |
Delegate coding tasks to Grok Build (xAI's
autonomous coding agent CLI, the grok command) via the Hermes terminal. Grok
can read files, write code, run shell commands, spawn subagents, and manage git
workflows. It runs three ways: an interactive TUI, headless (-p), and as
an ACP agent over JSON-RPC.
This is the third sibling to codex and claude-code. The orchestration
pattern is nearly identical — prefer headless -p for one-shots, use a PTY
for interactive sessions.
npm install -g @xai-official/grok
curl -fsSL https://x.ai/cli/install.sh | bash also
works, but the x.ai host is Cloudflare-walled in some environments. The
npm path avoids that dependency entirely.grok login once → opens a browser for OAuth → token cached in
~/.grok/auth.json. This uses your SuperGrok or X Premium+ subscription
(no per-token API billing).~/.grok/auth.json, or run a cheap
headless smoke test: grok --no-auto-update -p "Say ok."/logout signs out and /login (or relaunching) signs back in.CLAUDE.md, .claude/ (skills, agents, MCPs, hooks, rules), and the
AGENTS.md family. Existing project context just works.API-key fallback (not the default for this user): Grok also supports setting the
XAI_API_KEYenvironment variable for pay-as-you-go billing viaapi.x.ai. Only use this ifgrok login/ SuperGrok auth is unavailable. The subscription path (grok login) is the intended setup here.
-p) — Non-Interactive (PREFERRED)Runs a one-shot task, prints the result, and exits. No PTY, no interactive
dialogs to navigate. This is the cleanest integration path — the analog of
claude -p and codex exec.
terminal(command="grok --no-auto-update -p 'Add a dark mode toggle to settings'", workdir="/path/to/project", timeout=180)
Always pass --no-auto-update in automation to skip background update checks.
When to use headless:
--output-format jsonThe TUI is a fullscreen, mouse-interactive app. Drive it with pty=true. For
robust monitoring/input use tmux (same pattern as the claude-code skill).
# Launch in a tmux session for capture-pane monitoring
terminal(command="tmux new-session -d -s grok-work -x 140 -y 40")
terminal(command="tmux send-keys -t grok-work 'cd /path/to/project && grok' Enter")
# Wait for startup, then send a task
terminal(command="sleep 5 && tmux send-keys -t grok-work 'Refactor the auth module to use JWT' Enter")
# Monitor progress
terminal(command="sleep 15 && tmux capture-pane -t grok-work -p -S -50")
# Exit when done
terminal(command="tmux send-keys -t grok-work '/quit' Enter && sleep 1 && tmux kill-session -t grok-work")
Tip for headless-but-inline output: if you want TUI-style output without the
fullscreen alt-screen takeover (e.g. for cleaner logs), add --no-alt-screen.
For pure automation, headless -p is still cleaner than the TUI.
| Flag | Effect |
|---|---|
-p, --single <PROMPT> | Send one prompt, run headless, exit |
-m, --model <MODEL> | Choose a model |
-s, --session-id <ID> | Create or resume a named headless session |
-r, --resume <ID> | Resume an existing session |
-c, --continue | Continue the most recent session in the current directory |
--cwd <PATH> | Set the working directory |
--output-format <FMT> | plain (default), json, or streaming-json |
--always-approve | Auto-approve all tool executions (the --full-auto / --yolo equivalent) |
--no-alt-screen | Run inline, no fullscreen TUI takeover |
--no-auto-update | Skip background update checks (use in all automation) |
plain — human-readable text (default)json — one JSON object at the end of the run (parse the result cleanly)streaming-json — newline-delimited JSON events as they arrive# Structured result for parsing
terminal(command="grok --no-auto-update -p 'List all TODO comments in src/' --output-format json", workdir="/project", timeout=120)
# Auto-approve for autonomous building
terminal(command="grok --no-auto-update --always-approve -p 'Refactor the database layer and run the tests'", workdir="/project", timeout=300)
# Start headless in background
terminal(command="grok --no-auto-update --always-approve -p 'Refactor the auth module'", workdir="/project", background=true, notify_on_complete=true)
# Returns session_id
# Monitor
process(action="poll", session_id="<id>")
process(action="log", session_id="<id>")
# Kill if needed
process(action="kill", session_id="<id>")
For an interactive (TUI) background session, use pty=true + tmux and monitor
with tmux capture-pane, exactly like the claude-code / codex skills.
# Start a named session
terminal(command="grok --no-auto-update -s refactor-db -p 'Start refactoring the database layer' --always-approve", workdir="/project", timeout=240)
# Resume it later
terminal(command="grok --no-auto-update -r refactor-db -p 'Now add connection pooling' --always-approve", workdir="/project", timeout=180)
# Or continue the most recent session in this directory
terminal(command="grok --no-auto-update -c -p 'What did you change last time?'", workdir="/project", timeout=60)
To have Grok review local artifacts and return a clean markdown note (for Obsidian or a repo) without mutating anything:
read_file,
write_file). Snapshot only the relevant context into a temp file rather
than dumping raw paths.--always-approve so it cannot auto-write, and
demand markdown only, no preamble.write_file().grok --no-auto-update -p "Read /tmp/current.md and /tmp/inventory.md. Produce markdown only, no preamble. Output a clean note titled 'Cleanup Review'." --output-format plain
Pitfall (same as Claude Code): for document rewrites, a loose "rewrite this"
prompt may return a change summary instead of the full file. Instead: pipe the
file in, and demand Return ONLY the full revised markdown document. No intro, no explanation, no code fences. Start immediately with '# Title'. Verify the
first lines with read_file() before overwriting the destination.
terminal(command="cd /path/to/repo && git diff main...feature-branch | grok --no-auto-update -p 'Review this diff for bugs, security issues, and style problems. Be thorough.'", timeout=120)
terminal(command="REVIEW=$(mktemp -d) && git clone https://github.com/user/repo.git $REVIEW && cd $REVIEW && gh pr checkout 42 && grok --no-auto-update -p 'Review the changes vs origin/main. Check bugs, security, race conditions, missing tests.'", pty=true, timeout=300)
terminal(command="gh pr comment 42 --body '<review text>'", workdir="/path/to/repo")
# Create worktrees
terminal(command="git worktree add -b fix/issue-78 /tmp/issue-78 main", workdir="~/project")
terminal(command="git worktree add -b fix/issue-99 /tmp/issue-99 main", workdir="~/project")
# Launch Grok headless in each (background)
terminal(command="grok --no-auto-update --always-approve -p 'Fix issue #78: <description>. Commit when done.'", workdir="/tmp/issue-78", background=true, notify_on_complete=true)
terminal(command="grok --no-auto-update --always-approve -p 'Fix issue #99: <description>. Commit when done.'", workdir="/tmp/issue-99", background=true, notify_on_complete=true)
# Monitor
process(action="list")
# After completion: push and open PRs
terminal(command="cd /tmp/issue-78 && git push -u origin fix/issue-78")
terminal(command="gh pr create --repo user/repo --head fix/issue-78 --title 'fix: ...' --body '...'")
# Cleanup
terminal(command="git worktree remove /tmp/issue-78", workdir="~/project")
| Command | Purpose |
|---|---|
grok | Start the interactive TUI |
grok -p "query" | Headless one-shot |
grok login / grok logout | Sign in / out (SuperGrok / X Premium+ OAuth) |
grok inspect | Show what Grok discovered in cwd: config sources, instructions, skills, plugins, hooks, MCP servers |
grok agent stdio | Run as an ACP agent over JSON-RPC (for IDE/tool integration) |
grok update | Update the CLI (needs the x.ai host; skip in automation) |
TUI slash commands (interactive only): /model <name>, /always-approve,
/plan, /context, /compact, /resume, /sessions, /fork, /usage,
/quit. Shift+Tab cycles session modes (including Plan mode, which blocks
write tools except the session plan file).
~/.grok/config.toml)[cli]
auto_update = false # skip background update checks persistently
[ui]
permission_mode = "ask" # or "always-approve" to skip tool prompts by default
[models]
default = "grok-build-0.1"
Put global preferences in ~/.grok/config.toml (not project-scoped
.grok/config.toml). permission_mode supersedes the legacy approval_mode /
yolo = true keys.
grok login requires a SuperGrok or X
Premium+ subscription. If login fails or there's no ~/.grok/auth.json,
confirm the subscription is active before falling back to XAI_API_KEY.grok CLI's auth. Hermes'
x_search runs on its own xAI OAuth; the standalone grok CLI has a
separate token in ~/.grok/auth.json. A working x_search does NOT mean
grok is logged in.--no-auto-update in automation — otherwise Grok phones home
for update checks (and x.ai/storage.googleapis.com may be unreachable).npm install -g @xai-official/grok avoids the Cloudflare-walled x.ai host.--always-approve is the autonomous-build switch. Without it, headless
runs may stall waiting on tool-approval prompts. Omit it deliberately for
read-only review/audit work so Grok can't mutate files.-p skips TUI dialogs; the TUI needs pty=true (+ tmux for
monitoring), just like Claude Code.--no-alt-screen if you run the TUI inline and the fullscreen
alt-screen takeover garbles captured output.mktemp -d && git init for scratch commit tasks.tmux kill-session -t <name> when done.-p for single tasks — cleanest integration, structured
output via --output-format json.workdir (or --cwd) so Grok targets the right project.--no-auto-update in every automated invocation.--always-approve only when Grok should write autonomously; omit it
for read-only reviews and audits.background=true, notify_on_complete=true and
monitor via the process tool.tmux capture-pane -t <session> -p -S -50.~/.grok/auth.json or run a
cheap grok -p "Say ok." smoke test; don't assume Hermes' xAI auth carries
over.