The open-source AI agent space has a new leader. As of May 10, 2026, Hermes Agent — built by Nous Research — has overtaken OpenClaw to hold the #1 position on OpenRouter’s global daily app and agent rankings. Hermes is currently generating 224 billion daily tokens on OpenRouter versus OpenClaw’s 186 billion, making it the most actively used open-source AI agent by current inference volume.
The milestone is more significant than a simple leaderboard swap. OpenClaw’s founder, Peter Steinberger, joined OpenAI in February 2026, while OpenClaw moved to an independent open-source foundation with OpenAI as a sponsor.
Two Different Bets on What an Agent Should Be
The rivalry between Hermes and OpenClaw comes down to a fundamental architectural disagreement. OpenClaw is organized around a central WebSocket Gateway — a persistent routing layer that connects 50+ messaging channels (Telegram, Discord, Slack, WhatsApp, Signal, and more) to an agent runtime. Its design optimizes for reach: how many surfaces the agent can operate across simultaneously.
Hermes Agent takes the opposite approach. Built under an MIT license, it centers on a “do, learn, improve” execution loop. After completing a task, the agent enters a reflective phase where it analyzes its own performance and autonomously generates reusable skill files for future use. Memory is handled through three layers: a persistent snapshot of user and agent identity, a SQLite FTS5 full-text search database of every past session, and procedural skill files that capture repeatable task logic. The design is built for compounding value over time — the longer you run Hermes, the more optimized it becomes for your specific workflows.
A Rapid Release Cadence
Hermes has shipped a confirmed major release regularly since its February 2026 launch. The v0.9.0 “Everywhere” release brought Android/Termux support, iMessage via BlueBubbles, WeChat and WeCom adapters, and a local web dashboard, pushing Hermes to 16 supported messaging platforms. The v0.11.0 “Interface” release delivered a full React/Ink TUI rewrite, native AWS Bedrock support, five new inference paths including NVIDIA NIM and Vercel ai-gateway, GPT-5.5 access via Codex OAuth, and a 17th platform via QQBot — across 1,556 commits and 761 merged PRs.
The v0.13.0 “Tenacity” release, shipped May 7, 2026, is the current latest. It introduces Kanban as a durable multi-agent task board with heartbeat monitoring, zombie detection, and hallucination recovery; a /goal command that locks the agent on a target across turns; Checkpoints v2 with real state pruning; gateway auto-resume after restart; and Google Chat as the 20th supported messaging platform.
Security: A Contrast Worth Noting
OpenClaw’s scale has come with security costs. CVE-2026-25253, assigned a CVSS score of 8.8, exposed the gateway to remote exploitation. In a four-day window in March 2026, nine CVEs were disclosed — one scoring 9.9. A Koi Security audit of 2,857 ClawHub skills found 341 malicious entries, with 335 tied to a single campaign, and broader third-party security scans flagged over 800 suspicious entries during the same period. SecurityScorecard reported tens of thousands of publicly exposed OpenClaw instances.
Hermes Agent’s security record is shorter by virtue of its age, but not clean. NVD lists multiple CVEs published April 27–29, 2026, including CVE-2026-7113, a missing authentication issue in the webhooks endpoint of version 0.8.0, scoring 5.6 MEDIUM on CVSS 3.x and 2.9 LOW on CVSS 4.0. The v0.13.0 Tenacity release addressed 8 P0 security issues, including enabling redaction by default, guild-scoped Discord role allowlists, WhatsApp stranger rejection, and TOCTOU patches across auth.json and MCP OAuth flows.
Migration and the Path Forward
For developers running OpenClaw who want to evaluate Hermes, the transition is designed to be low-friction. Hermes detects an existing ~/.openclaw directory during setup and offers to import settings, memories, skills, and API keys automatically. The hermes claw migrate command supports dry-run previews, selective migration presets, and conflict overwrite controls.
The two frameworks are also increasingly being run in parallel, with OpenClaw handling orchestration and multi-channel routing while Hermes executes repeatable task loops — coordinated via the Agent Communication Protocol (ACP).
The broader signal from the OpenRouter rankings is that the open-source agent market is not consolidating around one tool. It is bifurcating around two different philosophies: breadth of reach versus depth of learning. Hermes Agent’s move to #1 on daily usage suggests that, at least for now, a meaningful portion of the developer community is betting on depth.
224B
Hermes Daily Tokens
#1 on OpenRouter
186B
OpenClaw Daily Tokens
#2 on OpenRouter
6.35T
Hermes All-Time
vs 9.17T OpenClaw
v0.13.0
Latest Release
May 7, 2026
Head-to-Head
| Hermes Agent | OpenClaw | |
|---|---|---|
| Creator | Nous Research (MIT) | Peter Steinberger / Foundation (OpenAI sponsor) |
| Launched | February 2026 | Late 2025 |
| GitHub Stars | 114,000+ | 370,000+ |
| Daily Tokens | 224B (#1 OpenRouter) | 186B (#2 OpenRouter) |
| All-Time Tokens | 6.35T | 9.17T |
| Architecture | Self-improving execution loop; do–learn–improve | WebSocket Gateway; central routing controller |
| Memory | SQLite FTS5 + persistent identity + auto-generated skills | Markdown-based; human-authored skills via ClawHub |
| Skill Ecosystem | 40+ built-in tools; agentskills.io standard; auto-generates skills | 44,000+ ClawHub skills (April 2026) |
| Platforms | 20 (incl. Google Chat, QQBot, WeChat, iMessage) | 50+ channels |
| Model Support | 200+ via OpenRouter; NVIDIA NIM; AWS Bedrock; Ollama; local | OpenAI-compatible; OpenRouter; Ollama |
| Latest Version | v0.13.0 — May 7, 2026 | Active (LTS announced May 2026) |
| CVE Count | 4 CVEs (Apr 27–29; affect v0.8.0) | 9 CVEs in 4 days (Mar 2026); one CVSS 9.9 |
| Migration | hermes claw migrate imports OpenClaw config automatically | — |
Hermes Agent Release Cadence
v0.13.0 — The Tenacity Release
Latest
May 7, 2026
Kanban multi-agent board with zombie detection and hallucination recovery. /goal locks agent on target across turns. Checkpoints v2 with real state pruning. Gateway auto-resumes after restart. 8 P0 security fixes: redaction on by default, Discord guild-scoped allowlists, WhatsApp stranger rejection, TOCTOU patches. Google Chat = 20th platform. Seven i18n locales ship.
v0.12.0 — The Curator Release
Apr 30, 2026
Autonomous background Curator grades, prunes, and consolidates the skill library. Four new inference providers. Teams plugin = 19th platform. Native Spotify and Google Meet integrations. ComfyUI and TouchDesigner-MCP bundled. ~57% reduction in TUI cold start time.
v0.11.0 — The Interface Release
Apr 23, 2026
Full React/Ink TUI rewrite. Native AWS Bedrock support. 5 new inference paths: NVIDIA NIM, Arcee AI, Google Gemini CLI OAuth, Vercel ai-gateway, Step Plan. GPT-5.5 via Codex OAuth. QQBot = 17th platform. Plugin surface dramatically expanded. Dashboard with i18n (English + Chinese).
v0.10.0 — The Tool Gateway Release
Apr 16, 2026
Nous Portal subscribers get web search (Firecrawl), image generation (FAL/FLUX 2 Pro), TTS (OpenAI TTS), and browser automation (Browser Use) — zero additional API keys required.
v0.9.0 — The Everywhere Release
Apr 13, 2026
Android/Termux support. iMessage via BlueBubbles. WeChat and WeCom adapters. Local web dashboard. Fast Mode for OpenAI and Anthropic priority queues. Background process monitoring via watch_patterns. 16 supported platforms. Deep security hardening pass.
CVE Tracker
CVE-2026-25253 — OpenClaw
CVSS 8.8 HIGH
Remote exploitation of the OpenClaw gateway. Single malicious link could hand over full machine control. Patched; update required. SecurityScorecard reported tens of thousands of exposed instances.
March 2026 Cluster — OpenClaw
9 CVEs / 4 Days
Mar 18–21, 2026: nine CVEs disclosed in four days. One scored CVSS 9.9. Koi Security audit of 2,857 ClawHub skills found 341 malicious entries (11.9%), with 335 tied to a single campaign. Broader scans flagged 800+ suspicious entries.
CVE-2026-7113 — Hermes Agent
CVSS 3.x: 5.6 MEDIUM
CVSS 4.0: 2.9 LOW
Missing authentication in webhooks endpoint (gateway/platforms/webhook.py). Affects hermes-agent v0.8.0 only. High attack complexity; difficult to exploit. Published Apr 27, 2026. Verify version before assuming unaffected.
v0.13.0 Security Wave — Hermes
8 P0 Fixes
Tenacity release (May 7) closed 8 P0 security issues: redaction ON by default, Discord role-allowlists now guild-scoped, WhatsApp rejects strangers by default, TOCTOU windows closed across auth.json and MCP OAuth flows.
Choose Your Stack
Hermes Agent
Nous Research — MIT License
▶You want an agent that improves on repeated workflows over time
▶Long-horizon tasks where cross-session memory matters
▶Need AWS Bedrock, NVIDIA NIM, or 200+ model flexibility
▶Security-first deployment (fewer CVEs, tighter defaults)
▶Migrating from OpenClaw (hermes claw migrate)
▶Serverless, SSH, or HPC deployment environments
OpenClaw
Independent Foundation — OpenAI Sponsor
▶Maximum messaging channel reach (50+ platforms)
▶Instant access to 44,000+ community-built skills via ClawHub
▶Multi-agent orchestration as the primary workflow
▶Large team deployments needing mature, battle-tested infrastructure
▶You want the broader community ecosystem today, not compounding value over time
Key Takeaways
- Hermes Agent leads OpenRouter’s global daily rankings with 224B daily tokens vs. OpenClaw’s 186B as of May 10, 2026; OpenClaw leads cumulative all-time at 9.17T vs. 6.35T
- OpenClaw founder Peter Steinberger joined OpenAI in February 2026; OpenClaw operates as an independent open-source foundation with OpenAI as a sponsor
- Hermes Agent: 114,000 GitHub stars, MIT license, 40+ built-in tools, 20 supported messaging platforms as of v0.13.0
- OpenClaw: 370,000 GitHub stars, 44,000+ ClawHub skills (April 2026), 50+ messaging channels
- Latest Hermes release: v0.13.0 “Tenacity” (May 7, 2026) — 864 commits, 588 PRs, 295 contributors, 8 P0 security fixes
- CVE-2026-25253 (CVSS 8.8) and a cluster of nine CVEs in March 2026 remain the primary OpenClaw security risk markers; Hermes CVE-2026-7113 (CVSS 3.x: 5.6 MEDIUM) affects version 0.8.0 only
Feel free to follow us on Twitter and don’t forget to join our 150k+ ML SubReddit and Subscribe to our Newsletter. Wait! are you on telegram? now you can join us on telegram as well.
Need to partner with us for promoting your GitHub Repo OR Hugging Face Page OR Product Release OR Webinar etc.? Connect with us
Michal Sutter is a data science professional with a Master of Science in Data Science from the University of Padova. With a solid foundation in statistical analysis, machine learning, and data engineering, Michal excels at transforming complex datasets into actionable insights.