Hermes Memory Sync
PassAudited by VirusTotal on May 4, 2026.
Overview
Type: OpenClaw Skill Name: hermes-memory-sync Version: 1.0.0 The hermes-memory-sync skill is a utility designed to aggregate and summarize Hermes Agent session logs into daily markdown files. The Python script (hermes-memory-sync.py) parses local JSON and JSONL log files to extract conversation topics and tool usage, writing the output to a local workspace directory. The instructions in SKILL.md guide the agent to automate this process using a built-in cron feature. The code uses standard libraries, lacks network activity or obfuscation, and its behavior is entirely consistent with its stated purpose of session log management.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Private chat content, decisions, and tool-use details may be preserved in Markdown files and could influence future memory use if those files are loaded later.
This confirms the skill intentionally converts Hermes conversation history into persistent readable memory files.
Reads session JSON/JSONL files, groups conversations by day, extracts key topics/decisions/tools used, and writes structured summaries to `workspace/memory/YYYY-MM-DD.md`.
Run it only on logs you are comfortable persisting, store the output in a private directory, and review or redact generated memory files if sessions may contain secrets.
If the cron job is created, the sync will continue running daily and writing memory files without a new manual command each time.
The skill documents an optional scheduled job that runs the memory sync every day.
cronjob action=create name="memory-sync-daily" ... schedule="0 3 * * *"
Create the cron job only if you want ongoing daily summaries, and know how to disable or delete the job when no longer needed.
Users have less external context for verifying the script's origin, even though the provided artifacts are coherent and the static scan is clean.
The registry metadata does not provide an upstream source or homepage for independent provenance checking.
Source: unknown; Homepage: none
Inspect the included script before running it and prefer a trusted source or pinned copy if deploying it broadly.