Hermes 记忆与技能系统
PassAudited by ClawScan on May 10, 2026.
Overview
The provided files do not show hidden exfiltration or destructive behavior, but this skill is intentionally designed to persist memories and generate skills across sessions, so users should review that scope before installing.
Install this only if you want OpenClaw to keep cross-session memory and task traces. Before use, review the workspace paths, keep generated-skill approval enabled, avoid the development auto-install profile for normal work, configure encryption/retention, and verify any external repository or API-key setup you enable.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Conversations or task details may be saved across sessions and reused later, which can expose private context if the workspace is shared or compromised.
The skill is configured to automatically persist and later reuse conversation memory, and the main config does not encrypt sensitive data by default.
auto_sync: true ... memory_file: "{{ memory.workspace_dir }}/MEMORY.md" ... prefetch_enabled: true ... encrypt_sensitive_data: falseUse it only where persistent memory is desired; review memory files, configure retention, enable encryption where available, and avoid storing secrets in conversations.
Task traces can include operational details, and approved generated skills may change future agent behavior.
The skill records agent activity and can generate reusable skills, but default production behavior requires approval and does not auto-install generated skills.
auto_record: true ... record_tool_calls: true ... record_file_operations: true ... require_approval: true ... auto_install: false
Keep `require_approval: true` and `auto_install: false` for normal use, and review generated skills and trajectory logs before approving them.
Users who follow manual installation may execute code or dependencies that are not fully represented in the provided artifact set.
Manual installation relies on external source code, an unpinned dependency, and a shell deployment script outside the ClawHub install mechanism.
git clone https://github.com/openclaw/hermes-agent-skill.git ... pip install pyyaml ... ./scripts/deploy.sh --workspace ~/.openclaw/workspace --environment production
Verify the repository source, inspect scripts before running them, pin dependency versions, and prefer a reviewed install package when available.
If users enable external embedding providers, API keys and memory-derived text may be involved in provider calls.
The configuration supports optional provider credentials for embeddings, though the default setting disables that integration and no secret is hardcoded.
use_embedding: false ... embedding_provider: "word_overlap" # word_overlap, openai, ollama ... embedding_api_key: ""
Only enable external providers intentionally, use environment variables or a secret manager for keys, and choose least-privilege credentials.