Curious about the security model here. Giving an agent access to SMS, contacts, and the ability to send email from
my phone is a pretty large capability surface — what's the approval flow look like? Is it per-tool-call,
per-session, or do you grant broad scopes up front? The MCP tool-use pattern where everything gets pre-approved
feels risky for something like "send email," and I'd be interested to know how you're thinking about the difference
between "agent reads my calendar" and "agent sends an email as me.
Good question. I think of it as scope control + action control.
Scope control: in Palmier, you explicitly enable/disable phone capability groups in the UI. Some are bundled according to Android’s permission model. So an agent only gets access to the categories you’ve chosen to expose.
Action control: for agent CLIs that already support tool-level permission checks, Palmier piggybacks on that. So even if, say, email/calendar access is enabled in Palmier, the actual tool use can still be approved per action by the agent runtime.
So Palmier is one layer of defense, and the agent’s own tool approval model is the second.
That means the safety story is much better for agents with good per-tool approval UX (like Claude Code), and weaker for agents that don’t have it (like OpenClaw). For those, the Palmier toggles are the main gate, so users need to be much more careful about what they enable.
curious why you wouldn't want them to exist independently, giving them their own phone numbers. a lot of the things you want to give them access to on our actual phones can be simple integrations. i like having that abstraction (wouldn't want an agent going crazy on my phone which holds my most sensitive information).
I’d say they overlap, but they’re not the same thing.
Hermes is an agent/runtime you talk to. Palmier is agent-agnostic infrastructure that connects your phone to the agents you already use.
So Palmier’s value prop is:
give any compatible agent access to phone capabilities like GPS, email, calendar, contacts, SMS, etc.
provide a dedicated mobile app for controlling agents and managing tasks, instead of only talking to them through Telegram/Discord/WhatsApp/etc.
work alongside Hermes rather than replacing it
In that sense, Hermes can actually be one of the agents Palmier works with.
If you mean mobile-use, I think the main difference is the layer they work at.
mobile-use is about an agent operating your phone UI like a human — navigating apps and interacting with the screen directly.
Palmier is not about UI-driving. It’s more about letting your agents access/process/manage phone-side data and capabilities in the background, without interrupting your normal phone use in general.
It’s also a two-way bridge: not just “agent uses phone,” but also “you use phone to talk to/manage/schedule your agents.”
And unlike same-network-only setups, Palmier is meant to work when you’re away from your computer too.
If you are talking about something else, let me know.
Curious about the security model here. Giving an agent access to SMS, contacts, and the ability to send email from my phone is a pretty large capability surface — what's the approval flow look like? Is it per-tool-call, per-session, or do you grant broad scopes up front? The MCP tool-use pattern where everything gets pre-approved feels risky for something like "send email," and I'd be interested to know how you're thinking about the difference between "agent reads my calendar" and "agent sends an email as me.
Good question. I think of it as scope control + action control.
Scope control: in Palmier, you explicitly enable/disable phone capability groups in the UI. Some are bundled according to Android’s permission model. So an agent only gets access to the categories you’ve chosen to expose.
Action control: for agent CLIs that already support tool-level permission checks, Palmier piggybacks on that. So even if, say, email/calendar access is enabled in Palmier, the actual tool use can still be approved per action by the agent runtime.
So Palmier is one layer of defense, and the agent’s own tool approval model is the second.
That means the safety story is much better for agents with good per-tool approval UX (like Claude Code), and weaker for agents that don’t have it (like OpenClaw). For those, the Palmier toggles are the main gate, so users need to be much more careful about what they enable.
Any thoughts/suggestions?
this is exactly where it gets tricky
once you give something the ability to send messages or trigger actions, it’s not just read access anymore, it’s execution on your behalf
it looks simple from the outside, but there’s usually a lot of hidden behavior underneath (routing, timing, provider handling, etc)
so the question becomes less about access and more about how controlled and observable that execution actually is
curious if you’re thinking about exposing that layer, or keeping it abstracted away
[dead]
[flagged]
curious why you wouldn't want them to exist independently, giving them their own phone numbers. a lot of the things you want to give them access to on our actual phones can be simple integrations. i like having that abstraction (wouldn't want an agent going crazy on my phone which holds my most sensitive information).
[dead]
Isnt hermes doing the same ? Whats the value prop this offers?
I’d say they overlap, but they’re not the same thing.
Hermes is an agent/runtime you talk to. Palmier is agent-agnostic infrastructure that connects your phone to the agents you already use.
So Palmier’s value prop is:
give any compatible agent access to phone capabilities like GPS, email, calendar, contacts, SMS, etc. provide a dedicated mobile app for controlling agents and managing tasks, instead of only talking to them through Telegram/Discord/WhatsApp/etc. work alongside Hermes rather than replacing it
In that sense, Hermes can actually be one of the agents Palmier works with.
What is the difference between this and android use?
If you mean mobile-use, I think the main difference is the layer they work at.
mobile-use is about an agent operating your phone UI like a human — navigating apps and interacting with the screen directly.
Palmier is not about UI-driving. It’s more about letting your agents access/process/manage phone-side data and capabilities in the background, without interrupting your normal phone use in general.
It’s also a two-way bridge: not just “agent uses phone,” but also “you use phone to talk to/manage/schedule your agents.”
And unlike same-network-only setups, Palmier is meant to work when you’re away from your computer too.
If you are talking about something else, let me know.