diff --git a/scripts/dev-api.js b/scripts/dev-api.js
index 087e879..36ad220 100644
--- a/scripts/dev-api.js
+++ b/scripts/dev-api.js
@@ -5520,6 +5520,7 @@ export function buildHermesTerminalConfigValues(config = {}) {
     terminalShellInitFiles: normalizeHermesShellInitFileList(terminal.shell_init_files || [], 'terminal.shell_init_files').join('\n'),
     terminalAutoSourceBashrc: readHermesBool(terminal.auto_source_bashrc, true),
     terminalPersistentShell: readHermesBool(terminal.persistent_shell, true),
+    terminalEnvPassthrough: normalizeHermesEnvNameList(terminal.env_passthrough || [], 'terminal.env_passthrough').join('\n'),
     terminalDockerMountCwdToWorkspace: readHermesBool(terminal.docker_mount_cwd_to_workspace, false),
     terminalDockerRunAsHostUser: readHermesBool(terminal.docker_run_as_host_user, false),
     terminalDockerImage: typeof terminal.docker_image === 'string' ? terminal.docker_image.trim() : '',
@@ -5553,6 +5554,9 @@ export function mergeHermesTerminalConfig(config = {}, form = {}) {
   else delete terminal.shell_init_files
   terminal.auto_source_bashrc = formHermesBool(form, 'terminalAutoSourceBashrc', currentValues.terminalAutoSourceBashrc)
   terminal.persistent_shell = formHermesBool(form, 'terminalPersistentShell', currentValues.terminalPersistentShell)
+  const envPassthrough = normalizeHermesEnvNameList(Object.hasOwn(form, 'terminalEnvPassthrough') ? form.terminalEnvPassthrough : currentValues.terminalEnvPassthrough, 'terminal.env_passthrough')
+  if (envPassthrough.length) terminal.env_passthrough = envPassthrough
+  else delete terminal.env_passthrough
   terminal.docker_mount_cwd_to_workspace = formHermesBool(form, 'terminalDockerMountCwdToWorkspace', currentValues.terminalDockerMountCwdToWorkspace)
   terminal.docker_run_as_host_user = formHermesBool(form, 'terminalDockerRunAsHostUser', currentValues.terminalDockerRunAsHostUser)
   for (const [formKey, yamlKey] of [
diff --git a/src-tauri/src/commands/hermes.rs b/src-tauri/src/commands/hermes.rs
index 3798d6a..03d05ae 100644
--- a/src-tauri/src/commands/hermes.rs
+++ b/src-tauri/src/commands/hermes.rs
@@ -8646,6 +8646,9 @@ fn build_hermes_terminal_config_values(config: &serde_yaml::Value) -> Value {
     let terminal_persistent_shell = terminal
         .and_then(|map| yaml_bool_field(map, "persistent_shell"))
         .unwrap_or(true);
+    let terminal_env_passthrough = terminal
+        .map(|map| yaml_string_sequence_field(map, "env_passthrough").join("\n"))
+        .unwrap_or_default();
     let terminal_docker_mount_cwd_to_workspace = terminal
         .and_then(|map| yaml_bool_field(map, "docker_mount_cwd_to_workspace"))
         .unwrap_or(false);
@@ -8686,6 +8689,7 @@ fn build_hermes_terminal_config_values(config: &serde_yaml::Value) -> Value {
         "terminalShellInitFiles": terminal_shell_init_files,
         "terminalAutoSourceBashrc": terminal_auto_source_bashrc,
         "terminalPersistentShell": terminal_persistent_shell,
+        "terminalEnvPassthrough": terminal_env_passthrough,
         "terminalDockerMountCwdToWorkspace": terminal_docker_mount_cwd_to_workspace,
         "terminalDockerRunAsHostUser": terminal_docker_run_as_host_user,
         "terminalDockerImage": terminal_docker_image,
@@ -8768,6 +8772,14 @@ fn merge_hermes_terminal_config(
         });
     let terminal_persistent_shell = form_bool(form, "terminalPersistentShell")
         .unwrap_or_else(|| current["terminalPersistentShell"].as_bool().unwrap_or(true));
+    let terminal_env_passthrough = normalize_hermes_env_name_list(
+        form_string(form, "terminalEnvPassthrough").or_else(|| {
+            current["terminalEnvPassthrough"]
+                .as_str()
+                .map(ToString::to_string)
+        }),
+        "terminal.env_passthrough",
+    )?;
     let terminal_docker_mount_cwd_to_workspace =
         form_bool(form, "terminalDockerMountCwdToWorkspace").unwrap_or_else(|| {
             current["terminalDockerMountCwdToWorkspace"]
@@ -8926,6 +8938,19 @@ fn merge_hermes_terminal_config(
         yaml_key("persistent_shell"),
         serde_yaml::Value::Bool(terminal_persistent_shell),
     );
+    if terminal_env_passthrough.is_empty() {
+        terminal.remove(yaml_key("env_passthrough"));
+    } else {
+        terminal.insert(
+            yaml_key("env_passthrough"),
+            serde_yaml::Value::Sequence(
+                terminal_env_passthrough
+                    .into_iter()
+                    .map(serde_yaml::Value::String)
+                    .collect(),
+            ),
+        );
+    }
     terminal.insert(
         yaml_key("docker_mount_cwd_to_workspace"),
         serde_yaml::Value::Bool(terminal_docker_mount_cwd_to_workspace),
@@ -17849,6 +17874,7 @@ mod hermes_terminal_config_tests {
         assert_eq!(values["terminalShellInitFiles"], "");
         assert_eq!(values["terminalAutoSourceBashrc"], true);
         assert_eq!(values["terminalPersistentShell"], true);
+        assert_eq!(values["terminalEnvPassthrough"], "");
         assert_eq!(values["terminalDockerMountCwdToWorkspace"], false);
         assert_eq!(values["terminalDockerRunAsHostUser"], false);
         assert_eq!(values["terminalContainerCpu"], 1);
@@ -17880,6 +17906,9 @@ terminal:
     - ${HOME}/.config/hermes/env.sh
   auto_source_bashrc: false
   persistent_shell: false
+  env_passthrough:
+    - OPENROUTER_API_KEY
+    - GITHUB_TOKEN
   docker_mount_cwd_to_workspace: true
   docker_run_as_host_user: true
   docker_image: nikolaik/python-nodejs:python3.11-nodejs20
@@ -17911,6 +17940,10 @@ terminal:
         );
         assert_eq!(values["terminalAutoSourceBashrc"], false);
         assert_eq!(values["terminalPersistentShell"], false);
+        assert_eq!(
+            values["terminalEnvPassthrough"],
+            "OPENROUTER_API_KEY\nGITHUB_TOKEN"
+        );
         assert_eq!(values["terminalDockerMountCwdToWorkspace"], true);
         assert_eq!(values["terminalDockerRunAsHostUser"], true);
         assert_eq!(
@@ -17947,6 +17980,8 @@ terminal:
   backend: local
   shell_init_files:
     - ~/.profile
+  env_passthrough:
+    - OLD_TOKEN
   docker_image: custom/python-node
   docker_forward_env:
     - OLD_TOKEN
@@ -17967,6 +18002,7 @@ streaming:
                 "terminalShellInitFiles": "~/.zshrc\n${HOME}/.config/hermes/env.sh\n~/.zshrc",
                 "terminalAutoSourceBashrc": false,
                 "terminalPersistentShell": false,
+                "terminalEnvPassthrough": "OPENROUTER_API_KEY\nGITHUB_TOKEN\nOPENROUTER_API_KEY",
                 "terminalDockerMountCwdToWorkspace": true,
                 "terminalDockerRunAsHostUser": true,
                 "terminalDockerImage": "nikolaik/python-nodejs:python3.12-nodejs22",
@@ -18015,6 +18051,21 @@ streaming:
             config["terminal"]["persistent_shell"].as_bool(),
             Some(false)
         );
+        assert_eq!(
+            config["terminal"]["env_passthrough"][0].as_str(),
+            Some("OPENROUTER_API_KEY")
+        );
+        assert_eq!(
+            config["terminal"]["env_passthrough"][1].as_str(),
+            Some("GITHUB_TOKEN")
+        );
+        assert_eq!(
+            config["terminal"]["env_passthrough"]
+                .as_sequence()
+                .unwrap()
+                .len(),
+            2
+        );
         assert_eq!(
             config["terminal"]["docker_mount_cwd_to_workspace"].as_bool(),
             Some(true)
@@ -18131,6 +18182,33 @@ terminal:
         );
     }
 
+    #[test]
+    fn merge_terminal_config_removes_empty_env_passthrough() {
+        let mut config: serde_yaml::Value = serde_yaml::from_str(
+            r#"
+terminal:
+  env_passthrough:
+    - OPENROUTER_API_KEY
+  custom_flag: keep-terminal
+"#,
+        )
+        .unwrap();
+
+        merge_hermes_terminal_config(
+            &mut config,
+            &json!({
+                "terminalEnvPassthrough": "  \n",
+            }),
+        )
+        .unwrap();
+
+        assert!(config["terminal"]["env_passthrough"].is_null());
+        assert_eq!(
+            config["terminal"]["custom_flag"].as_str(),
+            Some("keep-terminal")
+        );
+    }
+
     #[test]
     fn merge_terminal_config_removes_empty_images() {
         let mut config: serde_yaml::Value = serde_yaml::from_str(
@@ -18240,6 +18318,12 @@ terminal:
         )
         .unwrap_err();
         assert!(err.contains("terminal.shell_init_files"));
+        let err = merge_hermes_terminal_config(
+            &mut config,
+            &json!({ "terminalEnvPassthrough": "GOOD_TOKEN\nBAD TOKEN" }),
+        )
+        .unwrap_err();
+        assert!(err.contains("terminal.env_passthrough"));
     }
 }
 
diff --git a/src/engines/hermes/pages/config.js b/src/engines/hermes/pages/config.js
index 354ab4d..3d92a75 100644
--- a/src/engines/hermes/pages/config.js
+++ b/src/engines/hermes/pages/config.js
@@ -311,6 +311,7 @@ const TERMINAL_DEFAULTS = {
   terminalShellInitFiles: '',
   terminalAutoSourceBashrc: true,
   terminalPersistentShell: true,
+  terminalEnvPassthrough: '',
   terminalDockerMountCwdToWorkspace: false,
   terminalDockerRunAsHostUser: false,
   terminalDockerImage: '',
@@ -2309,6 +2310,10 @@ export function render() {
               <span class="hm-field-label">${t('engine.hermesTerminalConfigShellInitFiles')}</span>
               <textarea id="hm-terminal-shell-init-files" class="hm-input hm-textarea" rows="3" placeholder="~/.bashrc&#10;\${HOME}/.config/hermes/env.sh" ${disabled ? 'disabled' : ''}>${esc(terminalValues.terminalShellInitFiles)}</textarea>
             </label>
+            <label class="hm-field hm-field--wide">
+              <span class="hm-field-label">${t('engine.hermesTerminalConfigEnvPassthrough')}</span>
+              <textarea id="hm-terminal-env-passthrough" class="hm-input hm-textarea" rows="3" placeholder="OPENROUTER_API_KEY&#10;GITHUB_TOKEN" ${disabled ? 'disabled' : ''}>${esc(terminalValues.terminalEnvPassthrough)}</textarea>
+            </label>
           </div>
           <div class="hm-config-check-grid">
             <label class="hm-channel-check">
@@ -4268,6 +4273,7 @@ export function render() {
       terminalShellInitFiles: el.querySelector('#hm-terminal-shell-init-files')?.value || '',
       terminalAutoSourceBashrc: !!el.querySelector('#hm-terminal-auto-source-bashrc')?.checked,
       terminalPersistentShell: !!el.querySelector('#hm-terminal-persistent-shell')?.checked,
+      terminalEnvPassthrough: el.querySelector('#hm-terminal-env-passthrough')?.value || '',
       terminalDockerMountCwdToWorkspace: !!el.querySelector('#hm-terminal-docker-mount-cwd-to-workspace')?.checked,
       terminalDockerRunAsHostUser: !!el.querySelector('#hm-terminal-docker-run-as-host-user')?.checked,
       terminalDockerImage: el.querySelector('#hm-terminal-docker-image')?.value || '',
diff --git a/src/locales/modules/engine.js b/src/locales/modules/engine.js
index 6080d87..b8469ec 100644
--- a/src/locales/modules/engine.js
+++ b/src/locales/modules/engine.js
@@ -543,6 +543,7 @@ export default {
   hermesTerminalConfigShellInitFiles: _('Shell 初始化文件', 'Shell init files', 'Shell 初始化檔案'),
   hermesTerminalConfigAutoSourceBashrc: _('自动读取常见 Shell 启动文件', 'Auto-source common shell startup files', '自動讀取常見 Shell 啟動檔案'),
   hermesTerminalConfigPersistentShell: _('远程/沙箱后端保持持久 Shell', 'Keep persistent shell for remote and sandbox backends', '遠端/沙箱後端保持持久 Shell'),
+  hermesTerminalConfigEnvPassthrough: _('沙箱透传环境变量名', 'Sandbox env passthrough names', '沙箱透傳環境變數名'),
   hermesTerminalConfigDockerMountCwd: _('Docker 挂载启动目录到 /workspace', 'Mount launch cwd into Docker /workspace', 'Docker 掛載啟動目錄到 /workspace'),
   hermesTerminalConfigDockerRunAsHostUser: _('Docker 使用宿主用户运行', 'Run Docker as host user', 'Docker 使用宿主使用者執行'),
   hermesTerminalConfigContainerPersistent: _('容器文件系统持久化', 'Persist container filesystem', '容器檔案系統持久化'),
@@ -560,7 +561,7 @@ export default {
   hermesTerminalConfigContainerCpu: _('CPU 核数', 'CPU cores', 'CPU 核心數'),
   hermesTerminalConfigContainerMemory: _('内存 MB', 'Memory MB', '記憶體 MB'),
   hermesTerminalConfigContainerDisk: _('磁盘 MB', 'Disk MB', '磁碟 MB'),
-  hermesTerminalConfigFootnote: _('Shell 初始化文件每行一个路径，支持 ~ 和 ${VAR} 占位；留空会移除 shell_init_files，让 Hermes 使用自动读取默认启动文件的行为。关闭自动读取可避免有问题的 rc 文件在非交互环境中退出。SSH 字段只在 SSH 后端生效，留空会移除主机、用户和密钥覆盖；面板不保存 SSH 密码。镜像字段只在对应 Docker、Singularity、Modal 或 Daytona 后端生效；留空会移除覆盖并使用 Hermes 默认值。Docker 环境变量转发只保存变量名，不保存密钥值；每行一个变量名，留空会移除覆盖。Docker 挂载启动目录会把宿主目录暴露给沙箱，仅在可信项目和无人值守任务中开启。', 'Shell init files use one path per line and support ~ plus ${VAR} placeholders. Leaving the list blank removes shell_init_files so Hermes uses its automatic startup-file sourcing behavior. Turn auto-source off only when an rc file exits in non-interactive environments. SSH fields only apply to the SSH backend. Leaving them blank removes host, user, and key overrides; the panel does not save SSH passwords. Image fields only apply to the matching Docker, Singularity, Modal, or Daytona backend. Leaving them blank removes the override and uses Hermes defaults. Docker env forwarding stores variable names only, not secret values; use one name per line, or leave blank to remove the override. Mounting the launch cwd exposes host files to the sandbox; enable it only for trusted projects or unattended jobs.', 'Shell 初始化檔案每行一個路徑，支援 ~ 和 ${VAR} 佔位；留空會移除 shell_init_files，讓 Hermes 使用自動讀取預設啟動檔案的行為。關閉自動讀取可避免有問題的 rc 檔案在非互動環境中退出。SSH 欄位只在 SSH 後端生效，留空會移除主機、使用者和金鑰覆蓋；面板不儲存 SSH 密碼。映像欄位只在對應 Docker、Singularity、Modal 或 Daytona 後端生效；留空會移除覆蓋並使用 Hermes 預設值。Docker 環境變數轉發只儲存變數名，不儲存密鑰值；每行一個變數名，留空會移除覆蓋。Docker 掛載啟動目錄會把宿主目錄暴露給沙箱，僅在可信專案和無人值守任務中開啟。'),
+  hermesTerminalConfigFootnote: _('Shell 初始化文件每行一个路径，支持 ~ 和 ${VAR} 占位；留空会移除 shell_init_files，让 Hermes 使用自动读取默认启动文件的行为。沙箱环境变量透传和 Docker 环境变量转发都只保存变量名，不保存密钥值；每行一个变量名，留空会移除覆盖。关闭自动读取可避免有问题的 rc 文件在非交互环境中退出。SSH 字段只在 SSH 后端生效，留空会移除主机、用户和密钥覆盖；面板不保存 SSH 密码。镜像字段只在对应 Docker、Singularity、Modal 或 Daytona 后端生效；留空会移除覆盖并使用 Hermes 默认值。Docker 挂载启动目录会把宿主目录暴露给沙箱，仅在可信项目和无人值守任务中开启。', 'Shell init files use one path per line and support ~ plus ${VAR} placeholders. Leaving the list blank removes shell_init_files so Hermes uses its automatic startup-file sourcing behavior. Sandbox env passthrough and Docker env forwarding both store variable names only, not secret values; use one name per line, or leave blank to remove the override. Turn auto-source off only when an rc file exits in non-interactive environments. SSH fields only apply to the SSH backend. Leaving them blank removes host, user, and key overrides; the panel does not save SSH passwords. Image fields only apply to the matching Docker, Singularity, Modal, or Daytona backend. Leaving them blank removes the override and uses Hermes defaults. Mounting the launch cwd exposes host files to the sandbox; enable it only for trusted projects or unattended jobs.', 'Shell 初始化檔案每行一個路徑，支援 ~ 和 ${VAR} 佔位；留空會移除 shell_init_files，讓 Hermes 使用自動讀取預設啟動檔案的行為。沙箱環境變數透傳和 Docker 環境變數轉發都只儲存變數名，不儲存密鑰值；每行一個變數名，留空會移除覆蓋。關閉自動讀取可避免有問題的 rc 檔案在非互動環境中退出。SSH 欄位只在 SSH 後端生效，留空會移除主機、使用者和金鑰覆蓋；面板不儲存 SSH 密碼。映像欄位只在對應 Docker、Singularity、Modal 或 Daytona 後端生效；留空會移除覆蓋並使用 Hermes 預設值。Docker 掛載啟動目錄會把宿主目錄暴露給沙箱，僅在可信專案和無人值守任務中開啟。'),
   hermesStreamingConfigTitle: _('网关流式输出', 'Gateway streaming output', '閘道流式輸出'),
   hermesStreamingConfigDesc: _('控制 Hermes Gateway 回复时是否边生成边更新消息，以及消息刷新节奏。适合需要更快看到长回复进度的渠道。', 'Control whether Hermes Gateway updates messages while replies are generated, plus the refresh cadence. Useful when channels need quicker progress for long replies.', '控制 Hermes Gateway 回覆時是否邊生成邊更新訊息，以及訊息刷新節奏。適合需要更快看到長回覆進度的渠道。'),
   hermesStreamingConfigStatusReady: _('结构化配置', 'structured settings', '結構化設定'),
diff --git a/tests/hermes-config-page-ui.test.js b/tests/hermes-config-page-ui.test.js
index e6aaade..b42682f 100644
--- a/tests/hermes-config-page-ui.test.js
+++ b/tests/hermes-config-page-ui.test.js
@@ -441,6 +441,7 @@ test('Hermes 配置页会暴露终端执行结构化配置字段', () => {
     'hm-terminal-shell-init-files',
     'hm-terminal-auto-source-bashrc',
     'hm-terminal-persistent-shell',
+    'hm-terminal-env-passthrough',
     'hm-terminal-docker-mount-cwd-to-workspace',
     'hm-terminal-docker-run-as-host-user',
     'hm-terminal-docker-image',
diff --git a/tests/hermes-terminal-config.test.js b/tests/hermes-terminal-config.test.js
index 91fdfd3..7395f65 100644
--- a/tests/hermes-terminal-config.test.js
+++ b/tests/hermes-terminal-config.test.js
@@ -17,6 +17,7 @@ test('Hermes 终端执行配置读取会提供上游默认值', () => {
     terminalShellInitFiles: '',
     terminalAutoSourceBashrc: true,
     terminalPersistentShell: true,
+    terminalEnvPassthrough: '',
     terminalDockerMountCwdToWorkspace: false,
     terminalDockerRunAsHostUser: false,
     terminalContainerCpu: 1,
@@ -45,6 +46,7 @@ test('Hermes 终端执行配置读取会回显 YAML 字段', () => {
       shell_init_files: ['~/.zshrc', '${HOME}/.config/hermes/env.sh'],
       auto_source_bashrc: false,
       persistent_shell: false,
+      env_passthrough: ['OPENROUTER_API_KEY', 'GITHUB_TOKEN'],
       docker_mount_cwd_to_workspace: true,
       docker_run_as_host_user: true,
       docker_image: 'nikolaik/python-nodejs:python3.11-nodejs20',
@@ -70,6 +72,7 @@ test('Hermes 终端执行配置读取会回显 YAML 字段', () => {
   assert.equal(values.terminalShellInitFiles, '~/.zshrc\n${HOME}/.config/hermes/env.sh')
   assert.equal(values.terminalAutoSourceBashrc, false)
   assert.equal(values.terminalPersistentShell, false)
+  assert.equal(values.terminalEnvPassthrough, 'OPENROUTER_API_KEY\nGITHUB_TOKEN')
   assert.equal(values.terminalDockerMountCwdToWorkspace, true)
   assert.equal(values.terminalDockerRunAsHostUser, true)
   assert.equal(values.terminalDockerImage, 'nikolaik/python-nodejs:python3.11-nodejs20')
@@ -93,6 +96,7 @@ test('Hermes 终端执行配置保存会保留未知字段并写入上游结构'
     terminal: {
       backend: 'local',
       shell_init_files: ['~/.profile'],
+      env_passthrough: ['OLD_TOKEN'],
       docker_image: 'custom/python-node',
       docker_forward_env: ['OLD_TOKEN'],
       custom_flag: 'keep-terminal',
@@ -106,6 +110,7 @@ test('Hermes 终端执行配置保存会保留未知字段并写入上游结构'
     terminalShellInitFiles: '~/.zshrc\n${HOME}/.config/hermes/env.sh\n~/.zshrc',
     terminalAutoSourceBashrc: false,
     terminalPersistentShell: false,
+    terminalEnvPassthrough: 'OPENROUTER_API_KEY\nGITHUB_TOKEN\nOPENROUTER_API_KEY',
     terminalDockerMountCwdToWorkspace: true,
     terminalDockerRunAsHostUser: true,
     terminalDockerImage: 'nikolaik/python-nodejs:python3.12-nodejs22',
@@ -132,6 +137,7 @@ test('Hermes 终端执行配置保存会保留未知字段并写入上游结构'
   assert.deepEqual(next.terminal.shell_init_files, ['~/.zshrc', '${HOME}/.config/hermes/env.sh'])
   assert.equal(next.terminal.auto_source_bashrc, false)
   assert.equal(next.terminal.persistent_shell, false)
+  assert.deepEqual(next.terminal.env_passthrough, ['OPENROUTER_API_KEY', 'GITHUB_TOKEN'])
   assert.equal(next.terminal.docker_mount_cwd_to_workspace, true)
   assert.equal(next.terminal.docker_run_as_host_user, true)
   assert.equal(next.terminal.docker_image, 'nikolaik/python-nodejs:python3.12-nodejs22')
@@ -178,6 +184,20 @@ test('Hermes 终端执行配置保存空 Shell 初始化文件会删除对应字
   assert.equal(next.terminal.custom_flag, 'keep-terminal')
 })
 
+test('Hermes 终端执行配置保存空环境变量透传会删除对应字段', () => {
+  const next = mergeHermesTerminalConfig({
+    terminal: {
+      env_passthrough: ['OPENROUTER_API_KEY'],
+      custom_flag: 'keep-terminal',
+    },
+  }, {
+    terminalEnvPassthrough: '  \n',
+  })
+
+  assert.equal(Object.hasOwn(next.terminal, 'env_passthrough'), false)
+  assert.equal(next.terminal.custom_flag, 'keep-terminal')
+})
+
 test('Hermes 终端执行配置保存空镜像会删除对应字段', () => {
   const next = mergeHermesTerminalConfig({
     terminal: {
@@ -261,4 +281,8 @@ test('Hermes 终端执行配置保存会拒绝非法后端和越界值', () => {
     () => mergeHermesTerminalConfig({}, { terminalShellInitFiles: 'valid.sh\nbad path.sh' }),
     /terminal\.shell_init_files/,
   )
+  assert.throws(
+    () => mergeHermesTerminalConfig({}, { terminalEnvPassthrough: 'GOOD_TOKEN\nBAD TOKEN' }),
+    /terminal\.env_passthrough/,
+  )
 })