openclaw never f*cking “died” (and won’t for heavy ops)

most of the takes online frame this as a fight over which agent is smarter.

that framing misses the point.

these are two products solving different problems, and which one’s right for you depends on whether you’re trying to make a single assistant useful by sunday, or trying to build a system you can run a business on by next quarter.

i still lean openclaw for the long game.

i’ll get to why.

but hermes has earned the attention it’s getting, and pretending otherwise would be sloppy.

quick context if you’re new to either.

both are open-source ai agents you run yourself. both connect to messaging apps so you can reach them from telegram, discord, slack, your phone, wherever you already live. both keep memory across sessions instead of forgetting everything when a chat ends.

openclaw was started by peter steinberger in late 2025 and runs as a self-hosted gateway.

hermes agent is built by nous research, the lab behind their hermes language models.

the practical difference between them is what each assumes about the user.

hermes is built for someone who wants one assistant that learns them.

openclaw is built for someone who wants a control plane to build workflows around.

those aren’t the same product even though the surface area looks similar.

what hermes is doing right

the v0.11.0 release dropped on april 23. nous calls it the interface release, and the changelog backs that up: a full react and ink rewrite of the terminal interface, native aws bedrock support, qqbot as the seventeenth messaging integration, an expanded plugin surface, and gpt-5.5 access through codex oauth.

the underlying pitch is that hermes is a self-improving agent with a built-in learning loop.

it creates skills from your repeated workflows and improves those skills as you use them. it searches its own past sessions through a sqlite database with full-text search, and it can plug into honcho, a user-modeling memory backend from plastic labs, to build a deeper model of who you are over time.

honcho is one of eight memory providers hermes supports out of the box, but it’s the one nous puts in the headline feature list.

that pitch lands exactly where openclaw users get impatient.

memory.

a lot of openclaw users don’t want to read another doc page about markdown files, workspaces, or routing. they want the agent to remember what they already explained and stop treating every conversation like a cold start.

hermes is winning that emotional layer because its memory feels alive in a way openclaw’s just doesn’t.

reddit reflects it.

across the major comparison threads on r/openclaw, you’ll see three patterns showing up consistently: users sticking with openclaw despite the rough edges, citing integrations and the larger skill ecosystem, users drifting toward hermes, citing easier setup and better default memory, and users running both or paying for managed hosting because operating either one solo turns into its own job.

the same threads keep surfacing a real warning, though: token costs compound fast when an agent autonomously plans, reflects, and self-improves.

one r/openclaw operator tracked identical workloads across six models for three weeks and posted the daily averages: opus 4.7 at $8.70/day, around $261/month, sonnet 4.6 at $2.80/day, glm-5.1 at $1.03/day, and a local qwen model at zero.

that’s the actual cost spread on a single persistent agent.

which row of that table you land on is mostly about model routing, not the agent itself, but heavy autonomous behavior pushes you toward the top of the range whether you meant to be there or not.

so the honest version of the case for hermes: better feel, more autonomy, higher possible burn, very different tradeoff than what openclaw is offering.

that’s a real product for a real user, and i wouldn’t talk most beginners out of it.

why hermes is hitting openclaw where it hurts

the hermes story is just easier to understand.

an agent that grows with you, makes skills from experience, improves them while you use them, and searches past sessions automatically, that pitch fits on a single screen.

openclaw’s memory model is more explicit.

memory lives as plain markdown files inside the agent workspace, and the model only remembers what gets written to disk.

that sounds less magical because it is.

it’s also easier to inspect, edit, version-control, and audit.

for personal use, the magical version wins because the friction of inspecting your own memory isn’t worth it.

for business use, you actually want to know what got saved. when memory touches clients, projects, decisions, or credentials, “the agent learns me” stops being a feature and starts being a liability without a way to look inside.

call it the difference between an agent that learns you and an agent that lets you see what it learned.

either one is defensible.

which one matters depends on what’s at stake.

the lane hermes actually fits

hermes is the right answer for someone who wants a single assistant for personal admin, light research, small reports, and reminders, one agent they can reach from whatever messaging app they already live in.

community threads are full of users who tried openclaw, found it fragile, and switched to hermes for low-stakes personal automations: rolling unfinished todos forward, weather checks, pulling line items out of invoice pdfs into a sheet, polling a calendar for declined meetings.

nothing world-changing.

nothing they’d trust with anything important.

useful enough to be worth running, and that’s a sharp wedge into a real market.

plenty of people don’t need an operator stack on day one. they need one assistant that handles boring scraps without turning setup into a second job, and hermes is closer to that out of the box.

where openclaw separates

openclaw stops looking like a personal assistant and starts looking like infrastructure once the shape isn’t “one assistant for me.”

the docs describe it as a self-hosted gateway.

the gateway is one process that runs on your machine or vps and acts as the bridge between messaging apps and your ai agent. it handles channel connections, sessions, routing, tools, memory, and security in one control plane.

you can run multiple agents in the same gateway with different workspaces and different permissions. add channels, skills, plugins as you go.

that isn’t the shape of a personal assistant.

it’s the shape of a small platform.

if you’ve ever tried to build a real workflow on top of an llm, you already know the hard part isn’t the model.

the hard part is everything around the model: routing, memory, who can call which tool, what gets logged, how a human reviews risky actions before they actually happen, what the system does when an api times out, what happens when the wrong agent receives the wrong message.

openclaw’s design assumes that’s where the work actually is.

hermes’s design assumes you mostly want a smarter agent and the surrounding plumbing should disappear into the background.

both are valid takes.

they just answer different questions.

the update problem is real

openclaw has a genuine weakness: updates hurt.

community threads around the 2026.4.26 release surfaced users complaining about broken configs, with a few jumping to hermes because they were tired of fixing openclaw every time it shipped.

that signal is worth taking seriously.

upgrade fatigue loses users even when a product is winning on capability.

the answer for serious operators is to stop treating openclaw like an app and start treating it like infrastructure.

that means boring habits: running a test gateway before touching the main one, keeping a known-good config you can roll back to, snapshotting the workspace before upgrading, reading release notes before pulling the trigger, and testing one channel and one workflow before letting the new version handle anything important.

annoying for beginners, but it’s the correct mental model for production work.

hermes will face the same problem at scale; it’s just newer and hasn’t earned the scars yet.

(i’ve put my actual upgrade playbook at the bottom of this post if you want it.)

what the recent releases actually tell you

the late-april releases from both projects read like statements of intent.

hermes v0.11.0, april 23, was clearly an interface release. the changelog is dominated by ui polish, model provider reach, and how the agent feels to use day to day.

openclaw 2026.4.26, april 26, reads completely differently. its highlights are voice transport contracts, security tokens for browser-based talk sessions, and a system for resolving conflicts between user config, installed manifests, and runtime fallbacks when picking which model to use.

that’s plumbing.

less flashy.

more operator-shaped.

it’s the kind of work you only care about if you’re running this thing in production every day.

both directions are coherent strategies.

the question for any reader is which direction matches your actual problem.

the part nobody likes to talk about

the openclaw security docs are blunt in a way that makes some users uncomfortable, and that’s a feature.

they say one gateway supports one user or trust boundary, preferably one os user, host, or vps per boundary. they say a shared gateway isn’t a hostile security boundary for mutually untrusted users.

the plugin docs go further: native plugins run in-process with the gateway, aren’t sandboxed, and a malicious native plugin is functionally equivalent to arbitrary code execution inside the openclaw process.

i trust systems more when they tell me where the edge is.

hermes needs the same caution.

all agents do.

running either one with broad access to your email, calendar, documents, or local machine without sandboxing isn’t bravery, it’s bad operator hygiene.

cve-2026-25253 was real and exposed authentication tokens through unsafe websocket behavior. the koi security audit of clawhub found 341 malicious skills out of 2,857.

these aren’t theoretical risks.

the right setup for either tool is the same regardless of which one you pick: isolate the host, scope auth tokens narrowly, read what skills do before you install them, and assume the agent will eventually try something you didn’t expect.

memory is not actually about more memory

most users who say they want better memory mean something narrower.

they want the agent to remember what matters and forget the junk.

they want preferences to carry forward without dragging old mistakes along.

they want context to survive across sessions, and they want the system to stop asking the same questions twice.

hermes has the friendlier story here.

memory is persistent, the agent decides what to save, skills are created and reused on its own, and cross-session recall is built in.

you don’t manage it. it manages itself.

openclaw treats memory as a working file system instead.

you can see it, grep it, delete a memory you didn’t want, version it in git if that’s how your brain works.

for a personal assistant, that’s more friction than most people actually need.

for a business asset where memory is part of the operating context, you eventually need provenance: what got saved and why, where it lives, what evidence supports it, what should be corrected.

openclaw’s version is less charming for the same reason file systems are less charming than databases.

it’s closer to the metal, which is exactly the point when you’re explaining the system to someone who didn’t build it.

workflows are where openclaw pulls ahead

the openclaw advantage gets clearer the moment work moves beyond chat.

the docs around exec approval are explicit: auto-allowed skill commands are meant for trusted operator environments where the gateway and the node share the same trust boundary, and strict setups should keep auto-allow disabled and use manual path allowlists instead.

that’s the shape serious work needs.

not “agent, handle my inbox” but something more like: pull new messages, classify them, draft responses, surface the risky ones for human approval, send only what got approved, write the result back to the right place, and log the whole chain so you can audit it later.

that’s where business value actually lives, and it’s where openclaw gives you the most places to decide what autonomy is allowed to touch.

hermes can feel more autonomous because it’s making more of those calls for you.

openclaw makes you design the authority path yourself.

that’s slower up front but means you actually know what’s allowed to happen, which matters the moment money, accounts, clients, production systems, or customer data are anywhere in the loop.

the cost question deserves attention

token burn isn’t a minor footnote.

an agent that feels more autonomous is doing more work behind the scenes: more planning, more searching, more reflection, more tool calls, more context, more skill logic, and that work costs money even when nothing visible is happening.

it can be worth it for hard tasks.

it can also turn small chores into silent monthly spend that nobody flagged until the invoice arrived.

openclaw has a more developer-shaped routing story for cost discipline.

recent releases include real work on provider-filtered model listing, config authority order, installed manifests, and runtime fallbacks.

translated: you can pay for stronger reasoning where judgment actually matters, use cheaper models for repeated work, push deterministic steps into hard-coded workflows instead of letting the model rebuild them every time, and keep fallbacks in place for high-risk outputs.

that’s how you stop an agent system from becoming a slow leak in your budget.

the bigger market neither side is talking about

the more interesting opportunity isn’t openclaw versus hermes.

it’s the layer of managed services growing on top of both.

kiloclaw is hosting openclaw at $9/month.

hostinger has a one-click openclaw template.

nous research is offering hermes through their portal with managed tools included.

novita ai launched a sandbox specifically for running openclaw and hermes safely.

that ecosystem is the real signal.

these tools are useful enough that other businesses are getting paid to operate them.

what’s still missing for both is the operator layer: alerting, monitoring, upgrade testbenches, routing audits, memory cleanup workflows, skill review services, approval packs, gateway hardening, done-for-you installs, small-business workflow kits, local-first setups for privacy-sensitive users.

openclaw is stronger for that market because it already behaves like infrastructure.

hermes is stronger for the personal-assistant market because it feels easier faster.

both matter, but the paid subscriber opportunity is sitting on the openclaw side, and i don’t think that’s close.

who should pick what

think about an ecommerce operator running a stack of spreadsheets, salesforce, google drive, order data, and customer follow-up.

they don’t need a charming assistant.

they need a workflow they can audit when something breaks, and they need it not to surprise them at month-end with a bill they can’t explain.

that’s openclaw territory.

swap the use case for someone in devops, finance, or anyone packaging a service offering on top of these tools and the underlying need stays the same: predictability over magic, inspection over autonomy, a setup you can repeat and harden.

if you want one generalist assistant, the fastest path to useful memory, fewer setup decisions, and you’re mostly doing personal admin or light coding from your phone, go hermes.

don’t overthink it.

if you’re building a system that touches multiple channels, multiple agents, durable workflows, approval gates, model fallbacks, or any business surface you’ll need to explain to someone else, that’s openclaw, and the friction is the price of admission.

what openclaw should learn from hermes

openclaw should steal the lesson, not the product.

hermes is teaching the market that memory and skill growth need to feel natural even when there’s a lot happening underneath.

the openclaw answer should be supervised graduation.

run a workflow long enough to find the repeated steps.

write durable memory the operator can actually read.

propose a new skill before turning it on, draft a workflow when approvals matter, track longer jobs with real state, and ask the operator before any routine becomes trusted.

that’s the version of self-improvement that doesn’t trade away the audit trail, and it’s the missing piece between hermes’s polish and openclaw’s depth.

Share OpenClaw Unboxed

closing

hermes is the better first weekend for a lot of people.

openclaw is the better long-term operator stack.

those statements aren’t in conflict. they’re the same observation different users keep landing on from different starting points.

if the job is one assistant remembering you and handling personal loops, hermes is the answer.

for an inspectable system that spans channels, models, workflows, approvals, memory, and trust boundaries, openclaw is still where i’d start.

i lean openclaw, but not because hermes is weak.

it’s a real product solving a real problem for the right user.

the reason i still lean openclaw is that serious work eventually exposes the parts a more magical assistant has to keep out of view, and that exposure is where the actual operator opportunity lives.

the pre-upgrade operator pack

i said earlier that openclaw is the better long-term bet for serious work.

that’s only true if you actually treat it like infrastructure.

most of the people in those reddit threads complaining about broken configs aren’t wrong about the pain. they just haven’t built the habits that turn an upgrade from a weekend-eating event into a fifteen-minute checklist.

three things below.

read them once, save them somewhere, run them every time you upgrade.

they assume you’re running openclaw locally or on a vps you control, with the standard ~/.openclaw/ layout.

a pre-upgrade checklist

run this before you touch the new version.

anything that fails here, fix or note before continuing.

# 1. capture current state
openclaw --version                          # note what you're on
openclaw doctor                             # baseline health check (must be green)
openclaw config file                        # confirm where the active config lives
openclaw channels list                      # snapshot active channels
openclaw plugins list                       # snapshot installed plugins
openclaw skills list                        # snapshot active skills

# 2. back up the workspace and config
tar -czf ~/openclaw-backup-$(date +%Y%m%d-%H%M).tar.gz ~/.openclaw/

# 3. version-control the workspace if you haven't already
cd ~/.openclaw/workspace && git status      # if no repo, init one and commit

then read the release notes with intent.

the tells that matter:

• anything labeled BREAKING: or breaking change
  

• config schema changes, look for “renamed”, “moved”, “removed”, “deprecated”
  

• changes to providers you’re actively using, look up your model providers by name in the changelog
  

• changes to channels you depend on, whatsapp, slack, telegram especially, since those break most often
  

• plugin api changes if you have custom or third-party plugins installed
  

if the release notes don’t mention any of those for surfaces you use, the upgrade is probably low-risk.

if even one shows up, run asset 2 before touching production.

the parallel test gateway

this is the move most operators don’t know exists.

openclaw ships a --profile flag that gives you a totally isolated state directory: separate config, separate workspace, separate sessions, separate credentials.

you can install the new version, point it at a test profile, validate everything works, and then upgrade your real install with confidence.

no docker.

no second machine.

no production risk.

the easiest variant uses the built-in --dev flag, which isolates state under ~/.openclaw-dev:

# 1. install the target version globally (this temporarily replaces your prod cli too,
#    so make sure you've done asset 1 first)
npm install -g openclaw@<target-version>

# 2. spin up the dev profile against a fresh config on a non-default port
openclaw --dev onboard --non-interactive \
  --mode local \
  --auth-choice apiKey \
  --anthropic-api-key "$ANTHROPIC_API_KEY" \
  --gateway-port 18790 \
  --gateway-bind loopback

# 3. confirm it came up clean
openclaw --dev doctor
openclaw --dev config validate

if you need the test profile to reflect your actual production config, channels, skills, agents, copy the relevant pieces from your backup tar into the dev profile’s directory before step 3:

# example: bring over your skill set
cp -r ~/.openclaw/workspace/skills ~/.openclaw-dev/workspace/skills
openclaw --dev doctor

now run your highest-risk workflow against the dev gateway on port 18790.

send a message through your most complex skill.

confirm memory loads.

trigger a cron job manually.

if anything breaks here, it would have broken in production, but it didn’t, because you ran it through the dev profile first.

for advanced setups where you want multiple isolated environments at once, one for staging, one for upgrade testing, one for an experimental skill, use --profile <name> instead of --dev and give each one a different port and a different name.

each profile gets its own state directory and never touches the others.

the rollback runbook

if the upgrade lands and something is broken in production despite the dev test, here’s the path back.

don’t improvise this. you’ll waste an hour figuring out what step you’re on.

# 1. stop the running gateway
#    macos (if installed as a launchd agent):
#      launchctl list | grep openclaw                       # find the agent name
#      launchctl unload ~/Library/LaunchAgents/<that>.plist
#    linux (if installed as a systemd user service):
#      systemctl --user list-units | grep openclaw          # find the unit name
#      systemctl --user stop <that-unit>
#    otherwise: kill the process holding port 18789

# 2. roll the npm package back to your previous known-good version
npm install -g openclaw@<previous-version>

# 3. if the new version migrated your config and that's what broke things,
#    restore from the backup you took in asset 1
tar -xzf ~/openclaw-backup-<date>.tar.gz -C ~

# 4. validate before restarting
openclaw config validate
openclaw doctor

# 5. restart the gateway
#    daemon path:  launchctl load ... / systemctl --user start openclaw-gateway
#    foreground:   openclaw gateway run

# 6. confirm channels reconnect and a test message works end-to-end before
#    declaring the rollback successful

the discipline that matters: never run steps 2 through 5 without first running step 1.

a half-running gateway during a rollback is how you end up with corrupted sessions or duplicated channel auth.

stop it cleanly first, restore second, validate third, restart fourth.

if the rollback works, file the bug with reproduction steps.

if it doesn’t, that’s when you reach for the openclaw discord, and you’ll be able to describe exactly what you tried, which is most of what gets a fast answer.

that’s the pack.

it’s not glamorous.

it’s the boring operator hygiene that separates the people running openclaw in production from the people getting burned by it on every release.

the next 2026.x.x is probably already in the changelog by the time you read this.

run the checklist before you touch it.