Hermes agents + Shopify/Gmail access - how are you guys handling privacy/security?
Hi all been researching for a while and would love some community advice. I’m currently going deeper into AI agents and automations for my e-commerce business, and I’m debating the best setup architecture-wise.
Main concern is privacy/security for my business and customers.
I run a small Shopify brand with customer data, Gmail access, some finance/ERP integrations, etc. The idea of giving agents access to all of this is obviously a bit uncomfortable, especially as a non-technical founder trying to do things properly from day one.
Right now I’m debating between:
• Buying a Mac Mini (or similar) and running everything locally
• Buying a laptop and running a VPS/cloud setup
• Hybrid approach
I need to buy new hardware anyway so still debating.
From what I understand, even with “local” setups, services like Shopify/Gmail/OpenAI APIs are still cloud-based anyway, so I’m trying to understand where the actual privacy/security differences really are in practice.
My biggest concerns are:
• Customer data protection
• Shopify/admin access
• Gmail access
• API key security
• Long-term reliability
• Risk of agents “doing something stupid”
• Whether VPS providers realistically introduce meaningful additional risk
Would love to hear how people here are handling:
• Agent permissions/scoping
• VPS vs local
• Separate Gmail accounts
• Sandbox environments
• API key management
• Whether you trust agents with direct Shopify access or use approval flows
Especially interested in hearing from anyone running Hermes/OpenClaw/n8n-style workflows for real businesses.
Thanks 🙏