Hermes Agent Kanban swarm and OpenClaw Claude Opus 4.8 updates speed local agents

What shipped

From 25 May to 1 June 2026 both Hermes Agent and OpenClaw released frequent updates centered on integrations, security hardening, and runtime stability. Hermes focused on practical account-free messaging and credential tools plus a major Kanban expansion. OpenClaw emphasized provider support for Claude Opus 4.8, mobile UI refreshes, and channel reliability for production messaging.

Hermes Agent

Hermes Agent delivered the bulk of the week's changes across 33 updates that touched messaging, secrets management, attack defenses, and multi-agent orchestration. The releases replaced slow auxiliary LLM calls with local tools, cut the core codebase by over 12,000 lines, and added account-free push notifications plus Bitwarden bootstrapping. These changes make the agent faster and safer for repeated daily tasks without extra API spend.

• •ntfy integration Hermes Agent added ntfy as its 23rd messaging platform so agents can send push alerts to phones and desktops from cron jobs without accounts or keys.
• •Bitwarden Secrets Manager The agent now pulls credentials from a single Bitwarden bootstrap token at startup, replacing scattered plaintext API keys in local files.
• •Promptware defense Three new chokepoints block Brainworm-style prompt injections by scanning memory on load, marking tool results, and checking dangerous code writes.
• •Session search rebuild A local three-mode tool replaced the auxiliary LLM, making session discovery instant, free, and up to 4,500 times faster.
• •Kanban multi-agent platform Kanban now supports auto task decomposition, swarm topologies, scheduled runs, per-task worktrees, and model overrides for coordinated agent teams.
• •Core loop refactor The main run_agent.py file shrank from 16,083 lines to 3,821 lines across 14 modules, speeding editor loads while keeping identical behavior.
• •MCP Docker fixes Bare commands like npx now resolve against /usr/local/bin inside containers so MCP servers start reliably.
• •Docker dashboard opt-in Insecure LAN mode now requires an explicit HERMES_DASHBOARD_INSECURE=1 flag instead of automatic derivation from bind settings.
• •Dashboard 401 loop fix Loopback mode no longer triggers infinite reloads after adding an allowUnauthorized opt-out for stale tokens.
• •Plugin manifest packaging Bundled plugin.yaml files now ship correctly in both wheel and sdist releases.
• •ntfy push notifications Agents gained account-free ntfy alerts for task completions and cron events across phones, watches, and desktops.
• •Bitwarden credential bootstrap A single BWS_ACCESS_TOKEN replaces multiple plaintext keys by fetching secrets securely at startup.
• •Promptware attack blocks Context defenses now scan recalled memories and wrap tool results to stop injection attempts at three points.
• •Local session search tool The native three-mode searcher delivers discovery, scroll, and browse in milliseconds at zero cost.
• •Kanban swarm upgrade Auto-decomposition, Swarm v1 graphs, and per-task model overrides turn Kanban into a full multi-agent board.
• •Modular agent loop Code moved from one 16k-line file into 14 focused modules under agent/ to improve load times and velocity.
• •Docker MCP path fix Node-based MCP servers now locate correctly inside containers and avoid silent launch failures.
• •Explicit insecure dashboard flag Users must set HERMES_DASHBOARD_INSECURE=1 to disable loopback auth, separating it from LAN bind settings.
• •Loopback reload loop resolved An allowUnauthorized setting prevents the dashboard identity probe from looping on 401 responses.
• •Manifest packaging fix Both wheel and sdist distributions now include the required plugin.yaml files without omission.
• •v2026.5.29.2 release The packaging patch ensures plugin manifests reach users in every distribution format.
• •Accountless ntfy alerts Cron jobs and task finishes can now notify phones and homelabs through ntfy without any account setup.
• •Bitwarden token bootstrap One access token replaces scattered keys and loads credentials safely when the agent starts.
• •Instant local session queries Native search replaced the prior LLM-powered method and now runs free and up to 4,500 times faster.
• •Cold-start and call cuts Deferred imports and hot-path tweaks trimmed launch time by one second and reduced function calls by 47 percent.
• •Kanban orchestration tools Scheduled tasks, worktree isolation, and model overrides now support complex multi-agent workflows on the board.
• •Major codebase split The monolithic run_agent.py became 14 modules, preserving behavior while cutting file size by 76 percent.
• •Full skills catalog restore The picker now shows all 19,932 sitemap entries instead of the prior partial list of 858.
• •Docker bin path resolution MCP servers using bare npm or node commands now start inside containers without PATH issues.
• •Dashboard insecure mode gate Explicit environment variable required to turn off loopback checks, avoiding accidental exposure.
• •Infinite reload patch Loopback dashboard sessions stay stable after the stale-token reload opt-out was added.
• •v2026.5.29 release The patch version fixed the dashboard reload loop and improved loopback handling.
• •v2026.5.28 release The velocity release delivered the large core refactor that split run_agent.py into maintainable modules.

OpenClaw

OpenClaw issued 40 updates that added Claude Opus 4.8 support, improved agent and Codex recovery, refreshed the iOS Pro UI, and hardened security boundaries. Releases also stabilized channels for Telegram, iMessage, and WhatsApp while introducing core transcripts and an ephemeral Activity tab. These changes target reliable local agent operation across desktop, mobile, and messaging surfaces.

• •NVIDIA local agents note OpenClaw and Hermes are cited as examples of on-device agents running on RTX PCs and DGX Spark hardware for personal workflows.
• •v2026.5.28 update The release stabilized agent and Codex recovery, secured channel delivery, refreshed iOS Pro UI, and added Claude Opus 4.8 provider support.
• •v2026.5.30-beta.1 update Agent recovery from interrupted calls improved, mobile delivery across Telegram and Slack stabilized, and Workboard orchestration primitives arrived.
• •v2026.5.28 release Runtime recovery for subagents became steadier with separate cwd and workspace handling.
• •Microsoft-Nvidia AI PC report OpenClaw framework is referenced in plans for Windows PCs that run local agents instead of basic Copilot features.
• •ClawHub skill verification Plugin display names, trust surfaces, and skill verification now help users judge plugin safety before install.
• •ClawPDF encrypted extraction The new integration pulls text from password-protected PDFs and exposes MCP structured content in tool results.
• •GitHub Copilot runtime Codex Supervisor plugin and Copilot runtime support delegated coding workflows inside the agent.
• •iOS Pro app refresh Pro Command, Chat, Agents, and Settings tabs plus realtime Talk playback tied to gateway sessions were added.
• •Claude Opus 4.8 support Provider list expanded to include Claude Opus 4.8, Fal Krea images, NVIDIA catalogs, and MiniMax music streaming.
• •Security boundary tightening Unsafe Node overrides are blocked, repeated-dot hostnames normalized, and node approvals limited to administrators.
• •Embedding provider deprecation Memory-specific embedding registration is now marked deprecated in the Plugin SDK with compatibility warnings.
• •Core OpenAI embedding provider A built-in OpenAI-compatible embedding provider with configuration and doctor support was added for local and hosted use.
• •iOS Pro UI update Gateway session picker and state preservation across reconnects improved in the developer app.
• •Agent and Codex recovery Subagent separation, session lock release on timeout, and prevention of shared runtime teardown on helper failure were implemented.
• •v2026.5.27 release Stronger content boundaries keep group prompt text out of system prompts.
• •Core transcripts and Gateway Transcript capture moved to core, Gateway startup sped up, and Telegram plus iMessage channels readied for production.
• •Security and Codex improvements Untrusted prompts now route outside system prompts, Codex reliability rose, and multi-channel delivery stabilized.
• •v2026.5.26 release Gateway startup avoids repeated plugin scans and visible replies separate user sends from slower follow-ups.
• •Pipeline hardening Alpine installs, trusted runtime roots, Docker timeouts, and Windows Scheduled Tasks gained reliability fixes.
• •Ephemeral Activity tab Sanitized live tool summaries appear in a new tab alongside OpenTelemetry LLM spans and stream progress.
• •LLM provider stabilization Named auth profiles, OpenAI sampling forwarding, and dynamic tool-schema guards were introduced.
• •Content boundary hardening SSRF policies on browser snapshots, prompt marker spoof prevention, and tool-call text scrubbing protect replies.
• •Realtime Talk controls Web UI and Discord voice now let users inspect, steer, cancel, or follow up on active Talk runs.
• •Messaging channel upgrades Telegram forum topics, iMessage attachment handling, WhatsApp media restoration, and reaction approvals rolled out.
• •Core transcript unification Meeting summaries, user turns, and media provenance now flow through a single reliable transcript path.
• •Gateway performance gains Startup skips repeated scans of plugins and sessions while replies surface faster to users.
• •v2026.5.31-beta.4 release Latest beta in the 2026.5.31 series.
• •v2026.5.31-beta.3 release Latest beta in the 2026.5.31 series.
• •v2026.5.31-beta.2 release Latest beta in the 2026.5.31 series.
• •v2026.5.31-beta.1 release Latest beta in the 2026.5.31 series.
• •v2026.5.30-beta.1 release Beta focused on agent recovery and channel stability.
• •v2026.5.28-beta.4 release Beta in the 2026.5.28 series.
• •v2026.5.28-beta.3 release Beta in the 2026.5.28 series.
• •v2026.5.28-beta.2 release Beta in the 2026.5.28 series.
• •v2026.5.28-beta.1 release Beta in the 2026.5.28 series.
• •v2026.5.27-beta.1 release Beta in the 2026.5.27 series.
• •v2026.5.26-beta.2 release Beta in the 2026.5.26 series.
• •v2026.5.26-beta.1 release Beta in the 2026.5.26 series.
• •v2026.5.25-beta.1 release Beta in the 2026.5.25 series.

What this means for you

For Vibe Builders: You can now wire Hermes Agent to ntfy for instant phone alerts and pull secrets from Bitwarden with one token, letting you ship notification and credential flows without extra accounts. OpenClaw's Claude Opus 4.8 support and iOS Pro UI give you a ready mobile surface for testing agent runs on the go. Use the Kanban swarm features to break tasks into parallel agents and watch recovery fixes reduce manual restarts.

For Non-techies: Hermes Agent now sends push messages to your phone from scheduled tasks without needing extra accounts and keeps API keys safer inside Bitwarden. OpenClaw updates improve how agents recover from interruptions and add better support for messaging apps you already use. These changes turn open agents into more dependable daily helpers for reminders, file handling, and simple automations.

For Developers: Hermes Agent's 76 percent codebase reduction and local session search tool cut both maintenance and inference spend when embedding the framework. OpenClaw's runtime recovery, core transcript path, and explicit security boundaries give clearer guarantees for production multi-channel deployments. Benchmark the new Kanban swarm topology and Claude Opus 4.8 provider against your current stack before rolling either agent into customer workflows.

What to watch next

Track the next Hermes Agent release for any MCP or Docker follow-ups and watch OpenClaw's v2026.5.31 stable tag for final recovery and channel polish. Monitor GitHub activity on both repos for new skill verification surfaces and embedding provider feedback.

Sources

• •[v2026.5.31-beta.4](https://github.com/openclaw/openclaw/releases/tag/v2026.5.31-beta.4)
• •[v2026.5.31-beta.3](https://github.com/openclaw/openclaw/releases/tag/v2026.5.31-beta.3)
• •[v2026.5.31-beta.2](https://github.com/openclaw/openclaw/releases/tag/v2026.5.31-beta.2)
• •[v2026.5.31-beta.1](https://github.com/openclaw/openclaw/releases/tag/v2026.5.31-beta.1)
• •[v2026.5.30-beta.1](https://github.com/openclaw/openclaw/releases/tag/v2026.5.30-beta.1)
• •[v2026.5.28-beta.4](https://github.com/openclaw/openclaw/releases/tag/v2026.5.28-beta.4)
• •[v2026.5.28-beta.3](https://github.com/openclaw/openclaw/releases/tag/v2026.5.28-beta.3)
• •[v2026.5.28-beta.2](https://github.com/openclaw/openclaw/releases/tag/v2026.5.28-beta.2)
• •[v2026.5.28-beta.1](https://github.com/openclaw/openclaw/releases/tag/v2026.5.28-beta.1)
• •[v2026.5.27-beta.1](https://github.com/openclaw/openclaw/releases/tag/v2026.5.27-beta.1)
• •[v2026.5.26-beta.2](https://github.com/openclaw/openclaw/releases/tag/v2026.5.26-beta.2)
• •[v2026.5.26-beta.1](https://github.com/openclaw/openclaw/releases/tag/v2026.5.26-beta.1)
• •[v2026.5.25-beta.1](https://github.com/openclaw/openclaw/releases/tag/v2026.5.25-beta.1)