The open source AI agent space has a new leader. As of May 10, 2026, Hermes Agent – created by Nous Research – has surpassed OpenClaw to take first place in OpenRouter’s global daily application and agent rankings. Hermes currently generates 224 billion tokens daily on OpenRouter versus 186 billion on OpenClaw, making it the most widely used open source AI agent in terms of current inference volume.
This achievement is more important than just switching the leaderboard. OpenClaw founder Peter Steinberger joined OpenAI in February 2026, while OpenClaw transitioned to an independent open source foundation with OpenAI as a sponsor.
Two different bets on what an agent should be
The rivalry between Hermes and OpenClaw goes back to a fundamental architectural disagreement. OpenClaw is organized around a central WebSocket gateway – a persistent routing layer that connects 50+ messaging channels (Telegram, Discord, Slack, WhatsApp, Signal, and more) to the agent runtime. Its design optimizes reach: the number of surfaces an agent can work on at one time.
Agent Hermes takes the opposite approach. Designed under license from the Massachusetts Institute of Technology (MIT), it focuses on the “execute, learn, improve” execution loop. After completing the task, the agent enters a reflective phase where he analyzes his performance and independently creates reusable skill files for future use. Memory is handled by three layers: a static snapshot of user and agent identity, a SQLite FTS5 full-text search database for every previous session, and procedural skill files that capture repeatable task logic. The design is designed to maximize value over time – the longer Hermes runs, the more optimized it becomes for your specific workflow.
Rapid release rhythm
Hermes has shipped a confirmed major release regularly since its launch in February 2026. The v0.9.0 “Everywhere” release brought Android/Termux support, iMessage via BlueBubbles, WeChat and WeCom adapters, and a native web dashboard, pushing Hermes to 16 supported messaging platforms. The “Interface” v0.11.0 release introduced a complete React/Ink TUI rewrite, native AWS Bedrock support, five new inference paths including NVIDIA NIM and Vercel ai-gateway, access to GPT-5.5 via Codex OAuth, and 17th cross-platform access via QQBot – across 1,556 commits and 761 combined commits.
v0.13.0 “Tenacity”, released on May 7, 2026, is currently the latest. Kanban serves as a robust multi-agent task board with heart rate monitoring, zombie detection, and hallucination recovery; A /goal Which locks the agent to the target across turns; Checkpoints version 2 with real state trimming; Gateway auto resume after reboot; and Google Chat as the 20th supported messaging platform.
Security: A noteworthy contrast
OpenClaw’s scope has come with security costs. CVE-2026-25253, which has a CVSS score of 8.8, exposes the gateway to remote exploitation. In a four-day period in March 2026, nine serious threats were detected, one of which scored a 9.9. A Koi Security review of 2,857 ClawHub skills found 341 malicious entries, of which 335 were linked to a single campaign, and broader third-party security scans pointed to more than 800 suspicious entries during the same period. SecurityScorecard has reported tens of thousands of publicly exposed OpenClaw instances.
The Hermes agent’s security record is shorter by virtue of his age, but it is not clean. NVD lists several common threats published from April 27-29, 2026, including CVE-2026-7113, a missing authentication issue in the webhooks endpoint for version 0.8.0, scoring a moderate 5.6 on CVSS 3.x and a low 2.9 on CVSS 4.0. v0.13.0 Tenacity addressed 8 P0 security issues, including enabling redaction by default, guild-wide allowed Discord role lists, strange WhatsApp rejection, and TOCTOU patches via auth.json and MCP OAuth streams.
Migration and the way forward
For developers using OpenClaw who want to evaluate Hermes, the transition process is designed to be low-friction. Hermes detects an existing presence ~/.openclaw Guide during setup and offers to automatically import settings, memories, skills, and API keys. the hermes claw migrate The command supports dry run previews, selective migration presets, and conflict overwrite controls.
The two frameworks are also increasingly running in parallel, with OpenClaw handling multi-channel orchestration and routing while Hermes implements repeatable task loops – coordinated via the Agent Communication Protocol (ACP).
The broader signal from the OpenRouter rankings is that the open source proxies market is not clustered around a single tool. It bifurcates around two different philosophies: breadth of access versus depth of learning. Hermes Agent’s move to first place in daily usage indicates that a large portion of the developer community, at least for now, is betting on depth.
224 b
Hermes everyday symbols
1 on OpenRouter
186 b
OpenClaw Daily Codes
2 on OpenRouter
6.35 tons
Hermes of all time
vs. 9.17T OpenClaw
v0.13.0
Latest version
May 7, 2026
| Hermes agent | OpenClaw | |
|---|---|---|
| creator | Nous Research (MIT) | Peter Steinberger/The Foundation (OpenAI Sponsor) |
| I set off | February 2026 | Late 2025 |
| Github stars | 114,000+ | 370,000+ |
| Daily icons | 224B (1 OpenRouter) | 186B (2 OpenRouter) |
| Symbols at all times | 6.35 tons | 9.17 tons |
| Build | Self-improving execution loop; Do-Learn-Improve | WebSocket Gateway; Central steering control unit |
| memory | SQLite FTS5 + Persistent Identity + Auto-Generated Skills | On a price reduction basis; Human authoring skills via ClawHub |
| Skill ecosystem | More than 40 built-in tools; agentskills.io standard; Automatically generates skills | 44,000+ ClawHub Skills (April 2026) |
| Platforms | 20 (including Google Chat, QQBot, WeChat, and iMessage) | More than 50 channels |
| Model support | 200+ via OpenRouter; Nvidia NIM; Os Bedrock; Olama; local | OpenAI compatible; OpenRouter; Olama |
| Latest version | Version 0.13.0 – May 7, 2026 | Active (LTS announced May 2026) |
| Number of Countering Violent Extremism | 4 Shared Challenges (April 27-29; impact version 0.8.0) | 9 serious challenges in 4 days (March 2026); One CVSS 9.9 |
| Immigration | hermes claw migrate Automatically imports OpenClaw configuration |
– |
v0.13.0 – Persistence release
Latest
May 7, 2026
Multi-agent Kanban board with zombie detection and hallucination recovery. /goal The agent locks on the target across turns. Checkpoints v2 with real case trim. The portal resumes automatically after reboot. 8 P0 security fixes: debugging enabled by default, Discord guild-level allowed lists, WhatsApp stranger rejection, TOCTOU patches. Google Chat = 20th platform. Seven languages i18n ship.
v0.12.0 – Coordinated version
April 30, 2026
An independent background curator evaluates, prunes and integrates the skills library. Four new heuristics providers. Difference plugin = 19th platform. Native Spotify and Google Meet integrations. ComfyUI and TouchDesigner-MCP bundled. ~57% reduction in TUI cold start time.
v0.11.0 – Interface version
April 23, 2026
Rewrite full reply/tui ink. Native AWS Bedrock support. 5 new inference paths: NVIDIA NIM, Arcee AI, Google Gemini CLI OAuth, Vercel ai-gateway, and Step Plan. GPT-5.5 via Codex OAuth. QQBot = 17th platform. The plugin surface has expanded significantly. Dashboard with i18n (English+Chinese).
v0.10.0 – Tool portal version
April 16, 2026
Nous Portal subscribers get web search (Firecrawl), image creation (FAL/FLUX 2 Pro), TTS (OpenAI TTS), and browser automation (browser usage) – no additional API keys required.
v0.9.0 – Ubiquitous version
April 13, 2026
Support Android/Termux. iMessage via BlueBubbles. WeChat and WeCom Adapters. Local web control panel. Fast mode for OpenAI and Anthropic priority queues. Monitor background process via watch_patterns. 16 platforms supported. Pass hardened deep security.
CVSS 8.8 high
Remote exploitation of OpenClaw portal. A single malicious link can hand over complete control of a device. Corrected. Update required. SecurityScorecard has reported tens of thousands of exposed cases.
9 basic challenges / 4 days
March 18-21, 2026: Nine serious challenges to violent extremism were revealed in four days. One record CVSS 9.9. Koi Security, which audited 2,857 ClawHub skills, found 341 malicious entries (11.9%), of which 335 were linked to a single campaign. Wider scans flagged more than 800 suspicious entries.
CVSS 3.x: 5.6 Average
CVSS 4.0: 2.9 Low
Authentication is missing on the webhooks endpoint (
gateway/platforms/webhook.py). Affects Hermes-agent v0.8.0 only. High attack complexity; It’s hard to exploit. Published April 27, 2026. Check the version before assuming it is not affected.
8 P0 fixes
The release of Tenacity (May 7) closed 8 P0 security issues: redaction is turned on by default, Discord allowed lists are now within guild scope, WhatsApp rejects outsiders by default, TOCTOU windows are closed via auth.json and MCP OAuth flows.
NOS Research – MIT License
◀You want an agent that improves recurring workflows over time
◀Long-horizon tasks where memory across sessions is important
◀You need AWS Bedrock, NVIDIA NIM, or 200+ resiliency models
◀Deploy security first (fewer common threats, stricter defaults)
◀Migrating from OpenClaw (
hermes claw migrate)◀Serverless, SSH or HPC deployment environments
Independent Foundation – Sponsor OpenAI
◀Maximum reach of messaging channel (50+ platforms)
◀Instant access to over 44,000+ community skills via ClawHub
◀Multi-agent coordination as the primary workflow
◀Large team deployments need mature, battle-tested infrastructure
◀You want the broader community ecosystem today, not multiplying value over time
Key takeaways
- Hermes Proxy leads OpenRouter’s global daily ranking with 224 billion daily tokens versus OpenClaw’s 186 billion as of May 10, 2026; OpenClaw leads the all-time GPA at 9.17T versus 6.35T
- OpenClaw founder Peter Steinberger joined OpenAI in February 2026; OpenClaw operates as an independent open source foundation with OpenAI as a sponsor
- Hermes Agent: 114,000 GitHub stars, MIT license, 40+ built-in tools, 20 messaging platforms supported as of version 0.13.0
- OpenClaw: 370,000 GitHub stars, 44,000+ ClawHub skills (April 2026), 50+ messaging channels
- Hermes latest version: v0.13.0 “Tenacity” (May 7, 2026) – 864 commits, 588 PR, 295 contributors, 8 security fixes P0
- CVE-2026-25253 (CVSS 8.8) and a set of nine CVEs in March 2026 remain the primary security risk flags for OpenClaw; Hermes CVE-2026-7113 (CVSS 3.x: 5.6 MEDIUM) only affects version 0.8.0
Feel free to follow us twitter Don’t forget to join us 150k+ mil SubReddit And subscribe to Our newsletter. I am waiting! Are you on telegram? Now you can join us on Telegram too.
Do you need to partner with us to promote your GitHub Repo page, face hug page, product release, webinar, etc.? Contact us
