Connector Risk Register
Rule
Every connector starts read-only, narrow and logged. Write access comes later
through an approval flow.
Every connector also needs a memory-filter rule. The first question is not
"can Hermes store this?" but "what business meaning should be digested from
this, and where does the raw source already live?"
- Slack over Telegram.
- Fathom over Fireflies.
- Airtable is already becoming obsolete and should not be treated as a major
future source unless a specific base still matters.
- Easier Now should become the note-taking source of truth and later receive a
second-brain structure that works in harmony with Hermes.
- Notion is a migration source, not necessarily the future operating layer.
- n8n is the approval and workflow layer, not a permission free-for-all.
Connector Order
| Rank |
Connector |
First safe use |
Risk |
Gate |
| 1 |
Fathom |
Import approved call digests and source receipts |
Personal/client data |
Manual digest first |
| 2 |
Calendar |
Read-only daily context |
Location/timing/privacy |
No event creation |
| 3 |
Slack |
int-agentops internal channel |
Accidental messages |
Draft/review first |
| 4 |
Airtable |
Read-only selected views |
Business records |
View-level scope |
| 5 |
Notion |
Migration/export reference |
Incomplete/stale docs |
Treat as context, not truth |
| 6 |
GitHub |
Read-only project context |
Code changes |
PR-only writes |
| 7 |
n8n |
Approval queue |
Workflow side effects |
Human approvals |
| 8 |
Gmail |
Draft-only later |
High trust and privacy risk |
No send permission |
| 9 |
Ads platforms |
Reporting only much later |
Money/spend risk |
No write access |
| 10 |
Finance/legal tools |
Avoid initially |
High consequence |
Manual only |
| 11 |
Google Drive |
Link and digest selected creative/source assets |
Bulk files, privacy, disk bloat |
Links and digests first |
Slack Plan
Initial:
- One app.
- Create one internal channel:
int-agentops.
- Mention or slash-command only.
- No proactive posting.
- No DMs.
- No customer channels.
- No message deletion or editing.
Later:
- Draft approval in Slack.
- Daily COO update posted to
int-agentops once the loop has been reviewed.
- Weekly brief posted internally after approval.
- Relationship risk prompts to internal channel.
- Read broader internal channels by explicit allowlist.
Never early:
- Replying to clients.
- Joining all channels.
- Reading private DMs.
- Bulk-ingesting channel history into the vault.
Fathom Plan
Initial:
- Manual meeting digest into
digests/meetings/ plus source receipt.
- Human marks sensitivity and source.
- Agent creates draft meeting summary.
- Full transcript remains in Fathom by default.
Later:
- Read-only Fathom import.
- Auto-create draft relationship note.
- Create action proposals for approval.
Never early:
- Auto-sending follow-ups.
- Importing all calls without consent and retention policy.
- Treating transcript volume as memory quality.
Google Drive Plan
Initial:
- Store links and metadata for selected creative/source assets.
- Create campaign, creative and performance-learning digests.
- Do not copy asset folders to the VM.
Later:
- Read-only targeted fetches for approved folders.
- Extract only useful creative learnings and source links.
Never early:
- Bulk-syncing Drive.
- Storing video, PSD, image or raw creative archives in the vault.
Airtable Plan
Initial:
- Document important bases and views.
- Create read-only views specifically for Hermes tests.
- Import only fields needed for benchmark tasks.
Later:
- Draft record creation via n8n approval.
- Sync task/status updates after approval.
Never early:
- Updating client records directly.
- Bulk edits.
- Deleting or archiving records.
Notion Plan
Initial:
- Use as reference for current thinking.
- Do not treat incomplete pages as canonical.
- Export selected pages into
raw/notion/ only when approved.
Later:
- Migrate viable SOPs into the vault.
- Preserve source page link and status.
Never early:
- Silent bulk import of the whole workspace.
- Agent edits to Notion.