# Hermes / Codex / Antigravity Unified Memory Audit
Audit time: 2026-05-30 12:55 Asia/Shanghai
Scope: local read-only audit of Hermes, Codex, Antigravity, Telegram bridge, Report Center, VPS inventory, DR/backup and SSL-related memory surfaces.
Safety: no Hermes/Codex/Antigravity memory, context, log, session, inbox or changelog files were modified, merged, deleted, consumed or rewritten. Secrets are not printed; secret-bearing locations are identified by path and type only.
Current conclusion: 部分可用
Availability score: 5 / 10
The current unified memory mode has useful building blocks: Hermes profile memories, memory_tencentdb, a Hermes changelog inbox, a VPS inventory source-of-truth, CCTB completion mirrors, startup contexts, restart contexts and Report Center outputs. However, it is not yet a reliable unified memory system. There is no single enforced canonical memory source for Hermes + Codex + Antigravity together, recent facts are split across inbox/TencentDB/VPS inventory/reports, Codex long-term memory and SYSTEM_FULL_MANUAL.md are stale, Antigravity knowledge is older and unsynchronized, and CCTB mirrors are write-only best-effort rather than a full handoff protocol.
Largest blocker: canonical-source split-brain. The same facts are maintained in inventory.json, Hermes changelog inbox, Codex long-term memory, SYSTEM_FULL_MANUAL.md, Hermes TencentDB memory and Antigravity knowledge with different freshness.
Largest risk: silent stale recovery. A restarted Codex/Antigravity/Hermes agent can restore from old inventory or old service topology and act on obsolete assumptions, especially around VPS list, US/TK status, Ollama, CLIProxyAPI, Hermes Web UI and agent naming.
Minimum viable fix: freeze one explicit cross-system canonical index, make all systems read it at startup, and add an append-only handoff ledger with consumption acknowledgements. Do not start by merging all memories; start by defining boundaries and freshness checks.
| Evidence | Path / Source | Finding |
|---|---|---|
| Hermes inbox | /root/.hermes/HERMES_CHANGELOG_INBOX.md | Non-empty, modified 2026-05-30 10:55, contains recent durable changes not folded into Codex memory/manual. |
| Codex long-term memory | /root/.codex/LONG_TERM_MEMORY.md | Modified 2026-05-26; header says last updated 2026-05-24; stale on VPS fleet and service facts. |
| System manual | /root/SYSTEM_FULL_MANUAL.md | Modified 2026-05-24; still references old fleet, Ollama, older CLIProxyAPI, Hermes Web UI. |
| Hermes startup context | /root/.hermes/STARTUP_CONTEXT.md | Modified 2026-05-12; useful routing rules but stale on current profile set and services. |
| VPS inventory | /root/.hermes/vps_inventory/inventory.json and README.md | Current VPS source of truth, modified 2026-05-30 09:00; active US is 186.241.84.19; TK removed from current inventory. |
| Hermes runtime memory | /root/.memory-tencentdb/*/memory-tdai/ | Current high-value runtime memory for Master/Worker/Network/Health/Stock, but not universal and not automatically read by Codex/Antigravity startup. |
| CCTB Codex | cctb-codex.service, /root/.cctb/codex/config.json | Telegram to Codex bridge is running; approval mode is bypass; completed turns are mirrored to Master TDAI. |
| CCTB Antigravity | cctb-antigravity.service, /usr/local/bin/agy-codex-wrapper | Telegram to Antigravity wrapper is running; uses Antigravity CLI state and mirrors completed turns to Master TDAI. |
| Antigravity knowledge | /root/.gemini/antigravity/knowledge/*/metadata.json | Last modified 2026-05-05; contains stale Hermes topology and old agent names. |
| Report Center | /var/www/reports/, /var/lib/report-center/metadata.jsonl | Reports are actively produced, but no evidence of systematic folding into canonical memory. |
| Area | Paths / Sources Reviewed | Result |
|---|---|---|
| Hermes home and profiles | /root/.hermes/, /root/.hermes/profiles/*/ | Active profiles are default/Master, Worker, Network, News, Health, Stock and Sub. |
| Hermes agent source and units | /root/.hermes/hermes-agent/, hermes-gateway*.service | systemd starts python -m hermes_cli.main ... gateway run --replace; source/config supports profile-scoped gateways. |
| Hermes startup/manual/changelog | /root/.hermes/STARTUP_CONTEXT.md, /root/SYSTEM_FULL_MANUAL.md, /root/.hermes/HERMES_CHANGELOG_INBOX.md | Startup/manual are stale relative to inbox and inventory; inbox is unconsumed. |
| Hermes long-term/runtime memory | /root/.hermes/memories/, /root/.memory-tencentdb/, Hermes state DBs | Runtime memory is fresh but split by profile and not a universal startup source. |
| Hermes logs/audit/session/run state | /root/.hermes/logs/, state.db, gateway_state.json, systemd journal samples | API server pause, Telegram polling/timeouts and memory gateway recovery issues observed. |
| Hermes reports | /var/www/reports/, /var/lib/report-center/metadata.jsonl | Recent reports exist for health, worker, news, network, ops, stock and sub. |
| Hermes inbox/outbox/task queue | Changelog inbox, cron/task records from Hermes state, Report Center outputs | Inbox and reports are produced, but no global consumption acknowledgement exists. |
| Codex | /root/.codex/, cctb-codex.service, Codex process list | Codex memory is stale; CCTB Codex is active and bypass mode is present. |
| Antigravity | /root/.gemini/antigravity/, /root/.gemini/antigravity-cli/, cctb-antigravity.service, /usr/local/bin/agy-codex-wrapper | Legacy knowledge is stale; CCTB wrapper is active but best-effort and timeout-prone. |
flowchart TD
TG[Telegram Bridge / Hermes gateways] --> M[Hermes Master / default]
TG --> W[Worker]
TG --> N[Network]
TG --> NEWS[News]
TG --> H[Health]
TG --> S[Stock]
TG --> SUB[Sub]
M --> RT[/Report Center /var/www/reports/]
W --> RT
N --> RT
NEWS --> RT
H --> RT
S --> RT
SUB --> RT
M --> CHG[/Hermes changelog inbox/]
W --> CHG
N --> CHG
NEWS --> CHG
H --> CHG
S --> CHG
SUB --> CHG
M <--> MT[/memory_tencentdb master/]
W <--> MWT[/memory_tencentdb worker/]
N <--> MNT[/memory_tencentdb network/]
H <--> MHT[/memory_tencentdb health/]
S <--> MST[/memory_tencentdb stock/]
NEWS -. no TencentDB provider observed .-> NL[/local state/logs/]
SUB -. no TencentDB provider observed .-> SL[/local state/logs/]
N --> VPS[/VPS inventory inventory.json/]
M --> VPS
VPS --> N
CCTBC[CCTB Codex] --> COD[Codex CLI]
CCTBA[CCTB Antigravity] --> AGY[Antigravity CLI wrapper]
COD --> MT
AGY --> MT
CXL[/Codex LONG_TERM_MEMORY.md/] --> COD
HIN[/Hermes CHANGELOG_INBOX.md/] --> COD
COD -. intended fold, currently not performed in this audit .-> CXL
COD -. intended manual update .-> MAN[/SYSTEM_FULL_MANUAL.md/]
AGK[/Antigravity knowledge/session/] --> AGY
AGY -. completed turns via CCTB only .-> MT
DR[DR / backup scripts] --> RT
SSL[SSL / nginx / CLIProxy facts] --> MAN
SSL --> CHG
SSL --> MT
Relationship summary:
/root/.hermes/vps_inventory/inventory.json as the operational source of truth.| Agent | Role | Input Sources | Output Targets | Reads Memory | Writes Memory | Depends On | Consumed By | Recent Work | Risk Notes |
|---|---|---|---|---|---|---|---|---|---|
| Master / default | Complex local planning, deep troubleshooting, cross-system coordination, report publishing | Telegram gateway, local system files, Hermes state, CCTB mirrors, reports, Codex handoffs | Report Center, Hermes changelog inbox, Master TDAI memory, logs | /root/.hermes/SOUL.md, /root/.hermes/STARTUP_CONTEXT.md, /root/.hermes/memories/*, /root/.memory-tencentdb/master, selected system files | /root/.memory-tencentdb/master, /root/.hermes/HERMES_CHANGELOG_INBOX.md, reports/logs | Hermes gateway, CLIProxyAPI, Report Center, memory_tencentdb | User, Codex via memory/inbox, other agents indirectly | Clipoxy panel/Codex linkage, US IP/subscription update, Ollama cleanup, project update audit, system memory analysis | Recent facts are richer than Codex LTM/manual; if not folded, recovery diverges. |
| Worker | Routine local AR operations, email/daily checks, non-invasive local tasks | Telegram gateway, local project files, cron jobs | Report Center, Worker TDAI memory, logs, possible changelog entries | Worker SOUL, startup context, Worker config, /root/.memory-tencentdb/worker | Worker TDAI memory, reports/logs | Hermes gateway, local filesystem, Report Center | User and Master by report reading | Daily email inspector, project zip delivery, local project updates | Role overlaps with Master for local tasks unless routing remains enforced. |
| Network | Remote VPS maintenance and inspection, VPS model sync, inventory accuracy | Telegram gateway, /root/.hermes/vps_inventory/, network cron tasks, SSH config | Network reports, inventory updates when authorized, Network TDAI memory, changelog entries | Network SOUL, startup context, VPS inventory, /root/.memory-tencentdb/network | Network TDAI memory, reports, inventory when instructed | VPS inventory, SSH key path, Hermes gateway, Report Center | User, Master, Codex audit workflows | US IP whitelist sync, VPS list inspection, /cliusage add/remove verification, non-AR VPS update checks | Inventory is current, but other memory layers still disagree. SG notes contain minor internal contradiction. |
| Artist | Former profile name for remote/VPS ops | Historical Antigravity knowledge and older docs | None observed as active service | Stale references only | None observed | N/A | N/A | No active service observed; renamed/replaced by Network | Stale Antigravity knowledge still references Artist and may misroute tasks. |
| News | Daily finance/news/AI briefing bot | Telegram gateway, scheduled news cron, web/news sources, local config | /var/www/reports/news/, logs, Telegram replies | News SOUL, startup context, local state/logs | Reports/logs; no TencentDB provider observed in current config | Hermes gateway, Report Center, model provider | User and Report Center readers | Daily finance briefing, AI news briefing | Recent missing bs4 error; memory persistence weaker than TencentDB-backed agents. |
| Health | Health records, reminders, summaries | Telegram gateway, health data, health cron tasks | Health reports, Health TDAI memory, logs | Health SOUL, startup context, /root/.memory-tencentdb/health | Health TDAI memory, reports/logs | Hermes gateway, Report Center | User | Weight update, breakfast nutrition analysis, health daily cron, iOS health data repair | Contains personal health data; should remain scoped and not be folded into broad ops memory except metadata. |
| Stock | Agricultural inventory/supply and project stock reports | Telegram gateway, stock project files, agricultural inventory records | /var/www/reports/stock/, Stock TDAI memory, logs | Stock SOUL, startup context, /root/.memory-tencentdb/stock | Stock TDAI memory, reports/logs | Hermes gateway, Report Center | User/project ops | Fertilizer arrival gap, seed demand and inventory checks | Domain-specific memory should not be mixed into system ops canonical memory except task index. |
| Sub | Loveason /sub/ project data maintenance | Telegram gateway, Sub project files, SQLite/backend/frontend context | /var/www/reports/sub/, logs, project outputs | Sub SOUL, startup context, local project context | Reports/logs/project files when authorized; no TencentDB provider observed | Hermes gateway, Report Center, project database/files | User and project workflow | JD Plus renewal note, Sub project sessions | No TencentDB provider observed; project state can diverge from broader memory if only in sessions/reports. |
| Hermes gateway | Telegram/API gateway for profiles | systemd units, profile configs, bot env vars, Telegram API | Agent sessions/messages/logs, gateway state | Profile configs/env, gateway state | state.db, gateway_state.json, logs | Telegram, profile processes | All Hermes agents | Active for all profiles; API server side paused | Repeated API_SERVER_KEY is required; Telegram polling conflicts/timeouts observed. |
| Report Center | HTML/report publishing and metadata index | Reports from Hermes agents, metadata writer | /var/www/reports/, /var/lib/report-center/metadata.jsonl | Report metadata and static files | Report metadata/static reports | nginx, reportcenter service | User, agents, Codex auditors | Active service and recent reports across health/worker/news/network/ops/stock | Valuable outputs lack guaranteed ingestion into durable canonical memory. |
| CCTB Codex | Telegram-to-Codex execution bridge | Telegram messages, .cctb/codex config/env, Codex CLI | Codex session output, CCTB logs/audit, Master TDAI completed-turn mirror | CCTB config/agent.md, Codex state | CCTB runtime logs; Master TDAI mirror via gateway | Codex CLI, Telegram, Master TDAI gateway | User, Master memory readers | Service active; completed turns mirror enabled | Approval mode bypass; mirror is not a full sync or acknowledgement protocol. |
| CCTB Antigravity | Telegram-to-Antigravity execution bridge | Telegram messages, .cctb/antigravity config/env, agy-codex-wrapper | Antigravity CLI output, wrapper logs, Master TDAI completed-turn mirror | CCTB config/agent.md, Antigravity CLI state | CCTB/wrapper logs; Master TDAI mirror via gateway | Antigravity CLI, Telegram, Master TDAI gateway | User, Master memory readers | Service active; some 30-minute inactive timeouts | Antigravity legacy knowledge remains stale; wrapper best-effort output extraction is fragile. |
| Path | Owner | Reader | Writer | Purpose | Last Modified | Approx Size | Contains Secrets | Canonical | Risk Notes |
|---|---|---|---|---|---|---|---|---|---|
/root/.hermes/vps_inventory/inventory.json | Hermes Network / operator | Network, Master, audits | Network/operator when authorized | VPS operational inventory | 2026-05-30 09:00 | 10 KB | no | yes, for VPS inventory | Current source of truth; other memory layers disagree. |
/root/.hermes/vps_inventory/README.md | Hermes Network / operator | Network, Master, audits | Network/operator when authorized | Human inventory summary | 2026-05-30 09:00 | 2.6 KB | no | yes, summary only | Says inventory.json is source of truth. |
/root/.hermes/HERMES_CHANGELOG_INBOX.md | Hermes agents | Codex startup, operator | Hermes agents | Durable change handoff inbox | 2026-05-30 10:55 | 8 KB | suspected | no, handoff queue | Non-empty and unconsumed; proves handoff backlog. |
/root/.codex/LONG_TERM_MEMORY.md | Codex/operator | Codex startup | Codex when allowed | Codex durable operating memory | 2026-05-26 22:41 | 51 KB | suspected | intended for Codex only | Stale vs inbox/inventory; not current canonical truth. |
/root/SYSTEM_FULL_MANUAL.md | Operator/Codex | Humans/agents | Codex/operator when allowed | System manual | 2026-05-24 10:48 | 33 KB | suspected | no | Still has old fleet/service topology. |
/root/.hermes/STARTUP_CONTEXT.md | Hermes/operator | Hermes agents | Operator/Codex when allowed | Hermes startup routing and conventions | 2026-05-12 15:03 | 6 KB | no | partial | Helpful but stale and not enough for current state recovery. |
/root/.hermes/memories/MEMORY.md | Hermes built-in memory | Hermes agents | Hermes/operator | Compact Hermes memory index | 2026-05-29 14:07 | 2.2 KB | suspected | partial | Useful but missing some 2026-05-30 facts. |
/root/.hermes/memories/USER.md | Hermes built-in memory | Hermes agents | Hermes/operator | User preferences | 2026-05-29 10:32 | 2.0 KB | no | partial | Good scope; should not carry operational topology. |
/root/.memory-tencentdb/master/memory-tdai/ | Master memory provider | Master; CCTB writes through gateway | Master, CCTB completion mirror | Master semantic/runtime memory | active 2026-05-30 | directory | suspected | partial | High freshness but not a universal startup source. |
/root/.memory-tencentdb/worker/memory-tdai/ | Worker memory provider | Worker | Worker | Worker runtime memory | active 2026-05-30 | directory | suspected | partial | Profile-scoped only. |
/root/.memory-tencentdb/network/memory-tdai/ | Network memory provider | Network | Network | Network/VPS runtime memory | active 2026-05-30 | directory | suspected | partial | Must reconcile to inventory, not replace it. |
/root/.memory-tencentdb/health/memory-tdai/ | Health memory provider | Health | Health | Health runtime memory | active 2026-05-30 | directory | suspected personal | partial | Sensitive personal-data boundary needed. |
/root/.memory-tencentdb/stock/memory-tdai/ | Stock memory provider | Stock | Stock | Stock runtime memory | active 2026-05-29/30 | directory | suspected | partial | Domain-specific; should not pollute system ops memory. |
/root/.hermes/state.db | Hermes gateway | Hermes agents/gateway | Hermes gateway | Sessions/messages/runtime state | 2026-05-30 10:55 | 434 MB | suspected | no | Very large; not suitable as startup memory. |
/root/.hermes/profiles/*/state.db | Hermes profile gateways | Profile agents | Profile gateways | Profile sessions/messages | active 2026-05-30 | 16-93 MB each | suspected | no | Useful audit trail; high read cost. |
/root/.hermes/restart-context/ | Hermes agents/operator | Hermes startup/manual recovery | Hermes agents/operator | Restart/handoff context files | active | directory | suspected | no | Many files; lacks enforced freshness/consumption status. |
/root/.hermes/logs/ | Hermes services | Operators/auditors | Hermes services | Runtime logs and errors | active | MB-scale | suspected | no | Contains errors and prompts; not a memory source. |
/root/.hermes/SOUL.md and /root/.hermes/profiles/*/SOUL.md | Hermes/operator | Hermes agents | Operator/Codex when allowed | Agent identity/routing rules | mixed 2026-05-12 to 2026-05-16 | KB-scale | no | yes, for agent role | Role canonical, but older external knowledge still conflicts. |
/root/.cctb/codex/config.json | CCTB Codex | CCTB service | Operator | Telegram bridge runtime config | active | small | no | yes, for bridge config | Shows bypass mode; no memory completeness guarantee. |
/root/.cctb/codex/.env | CCTB Codex | CCTB service | Operator | Bot/env secrets | active | small | yes | no | Secret-bearing; keep out of reports. |
/root/.cctb/antigravity/config.json | CCTB Antigravity | CCTB service | Operator | Telegram bridge runtime config | active | small | no | yes, for bridge config | Uses Antigravity wrapper; bypass mode. |
/root/.cctb/antigravity/.env | CCTB Antigravity | CCTB service | Operator | Bot/env secrets | active | small | yes | no | Secret-bearing; keep out of reports. |
/root/.gemini/antigravity/knowledge/ | Antigravity legacy knowledge | Antigravity legacy flows/audits | Antigravity/operator | Knowledge entries | 2026-05-05 | directory | suspected | no | Stale Hermes topology; one audit report contains a plaintext Nezha secret value. |
/root/.gemini/antigravity-cli/ | Antigravity CLI | Antigravity CLI/wrapper | Antigravity CLI | Current Antigravity settings/logs/conversations | active 2026-05-29/30 | directory | yes/suspected | no | Contains token/settings/conversation state; not folded into unified memory. |
/root/.codex/auth.json and backups | Codex/CLIProxy sync | Codex CLI | CLIProxy sync/watchers/operator | Codex auth credentials | active | files | yes | no | Multiple backups raise retention/leakage risk. |
/root/.codex/sessions/ | Codex CLI | Codex/auditors | Codex CLI | Codex session history | active | directory | suspected | no | Useful audit trail; not summarized into canonical memory. |
/var/www/reports/ | Report Center / agents | Users/agents/auditors | Hermes agents/Report Center | Published reports | active 2026-05-30 | directory | suspected | no | Valuable facts can remain unconsumed. |
/var/lib/report-center/metadata.jsonl | Report Center | Report Center/auditors | Report Center | Report index | 2026-05-30 10:23 | 108 KB | suspected | no | Good index, but no canonical ingestion step. |
/root/.config/local-dr/restic-password | DR backup | Restic scripts | Operator | Backup secret | active | small | yes | no | Secret-bearing; exclude from memory. |
/root/.config/local-dr/restic-rest-auth | DR backup | Restic scripts | Operator | Backup auth | active | small | yes | no | Secret-bearing; exclude from memory. |
/opt/report-center/.env | Report Center | Report Center service | Operator | Service env/secrets | active | small | yes | no | Secret-bearing. |
/root/cliproxyapi/config.yaml and backups | CLIProxyAPI | CLIProxyAPI/Codex sync | Operator/service | Provider/model/auth config | active | files | yes | no | High-value secret/config surface; do not fold raw content. |
| Source System | Target System | Interaction Type | Evidence Path | Direction | Frequency | Reliability | Risk |
|---|---|---|---|---|---|---|---|
| Hermes | Codex | Changelog handoff intended for Codex startup consumption | /root/.hermes/HERMES_CHANGELOG_INBOX.md, /root/.codex/AGENTS.md | Hermes -> Codex | Event-driven | Weak currently | Inbox is non-empty and not folded during this audit by user constraint. |
| Codex | Hermes | Reads Hermes inbox/memory per startup policy; can generate audits/reports | /root/.codex/AGENTS.md, this report path | Codex -> Hermes/operator | Session startup/manual | Partial | Codex LTM stale if inbox not consumed. |
| CCTB Codex | Codex | Telegram task execution through Codex CLI | cctb-codex.service, /root/.cctb/codex/config.json | Telegram -> Codex | On Telegram tasks | Medium | Approval bypass enabled; session outputs not guaranteed canonical. |
| CCTB Codex | Hermes Master memory | Completed-turn mirror to Master TDAI gateway | cctb-codex.service env CCTB_TDAI_MIRROR_ENABLED=1 | Codex -> Hermes | Per completed turn | Best-effort | No consumption acknowledgement or conflict resolution. |
| CCTB Antigravity | Antigravity CLI | Telegram task execution via wrapper | cctb-antigravity.service, /usr/local/bin/agy-codex-wrapper | Telegram -> Antigravity | On Telegram tasks | Medium/fragile | Wrapper uses output extraction fallback; observed inactive timeouts. |
| CCTB Antigravity | Hermes Master memory | Completed-turn mirror to Master TDAI gateway | cctb-antigravity.service env CCTB_TDAI_MIRROR_ENABLED=1 | Antigravity -> Hermes | Per completed turn | Best-effort | Does not sync Antigravity knowledge/session state broadly. |
| Antigravity legacy knowledge | Hermes understanding | Stale reference knowledge about Hermes agents/topology | /root/.gemini/antigravity/knowledge/*/metadata.json | Antigravity -> operator/agent reasoning | On Antigravity use | Low | References old Artist role and old fleet facts. |
| Hermes Network | VPS inventory | Read/write operational VPS source of truth | /root/.hermes/vps_inventory/inventory.json | Network <-> inventory | During VPS tasks | High locally | Other systems still carry stale copies. |
| Report Center | Hermes/Codex/user | Publishes long reports and indexes | /var/www/reports/, /var/lib/report-center/metadata.jsonl | Agents -> reports -> readers | Frequent | Medium | Reports are not automatically reduced into canonical memory. |
| DR/backup scripts | Report Center / logs | Backup scope review and backup status reports | root cron, local-dr timers/logs | DR -> reports/logs | Timed | Mixed | Weekly review skipped because missing skill; old backup facts may persist. |
| SSL/nginx/CLIProxy facts | Hermes/Codex memory | Operational facts captured in reports/inbox/manual | Hermes inbox, TDAI, SYSTEM_FULL_MANUAL.md | Ops -> memory layers | Event-driven | Mixed | Manual stale on Ollama, CLIProxyAPI and Hermes Web UI. |
| CLIProxyAPI | Codex auth | Auth sync into Codex CLI credentials | cliproxy-codex-cli-auth-sync.*, codex-auth-autosync-watcher.service | CLIProxy -> Codex | Watch/event-driven | Medium | Multiple credential backups; secret retention risk. |
| Telegram bridge | Hermes profiles | User-facing agent trigger and transport | hermes-gateway*.service, gateway state/logs | Telegram -> Hermes | Continuous | Medium | Polling conflicts/timeouts and API server pause observed. |
There is no single canonical memory source for the whole Hermes + Codex + Antigravity ecosystem.
Narrow canonical sources do exist:
/root/.hermes/vps_inventory/inventory.json./root/.hermes/SOUL.md and /root/.hermes/profiles/*/SOUL.md./root/.codex/LONG_TERM_MEMORY.md, but it is stale and should not be treated as globally canonical./root/.memory-tencentdb/*/memory-tdai/, but it is profile-scoped and not read automatically by Codex/Antigravity startup./root/.hermes/HERMES_CHANGELOG_INBOX.md, but it is a queue, not a canonical state document.Current write/read ownership is therefore fragmented:
Shared facts are inconsistent.
186.241.84.19; Codex LTM and SYSTEM_FULL_MANUAL.md still carry older fleet facts including TK/old US information; Antigravity knowledge is older.SYSTEM_FULL_MANUAL.md still includes stale Hermes Web UI and Ollama facts.Split-brain is present.
Concrete examples:
inventory.json and README.md identify current US as 186.241.84.19 and remove TK; Codex LTM/manual still reference older fleet state.SYSTEM_FULL_MANUAL.md still describes Ollama and Hermes Web UI as active/important even though recent inbox/runtime memory says they were removed or retired.Decay is present.
STARTUP_CONTEXT.md is still useful but old enough to miss newer agents and service changes.SYSTEM_FULL_MANUAL.md is stale on fleet, Ollama, CLIProxyAPI version and Hermes Web UI.Overload is present but manageable.
/root/.hermes/state.db is about 434 MB./root/.hermes is multi-GB scale.Leakage risk is high. This audit did not print secret values.
Confirmed or suspected secret-bearing paths:
/root/.hermes/.env, /root/.hermes/profiles/*/.env, Hermes auth/config backups./root/.codex/auth.json, /root/.codex/backups/auth.json*, /root/.codex/cliproxy-active-auth.json./root/.cctb/codex/.env, /root/.cctb/antigravity/.env./root/.gemini/oauth_creds.json, /root/.gemini/antigravity-cli/antigravity-oauth-token./root/.antigravity-server/.15487b3041e65228cae24980a3f796c905ef582c.token./root/.config/local-dr/restic-password, /root/.config/local-dr/restic-rest-auth./opt/report-center/.env./root/cliproxyapi/config.yaml and CLIProxyAPI backups./root/.gemini/antigravity/brain/c9bcfda6-0b78-4b43-b4fb-f166735d46c9/audit_report.md contains a plaintext Nezha secret value in a report and should be treated as a memory/report leakage finding.Sampled shell history did not reveal a clear token value, but history remains in scope for periodic scanning.
Handoff failure is present.
The unified memory mode is 部分可用:
| Area | Evidence | Risk |
|---|---|---|
| Hermes API server platform | Hermes journal/logs show repeated API_SERVER_KEY is required, then API server platform paused | Non-Telegram integrations may be unavailable or silently stale. |
| Telegram transport | Hermes/CCTB logs show polling conflicts, network errors and read timeouts | Duplicate polling or transient outages can create missed/duplicated tasks. |
| memory_tencentdb | Logs show gateway-down resurrection and earlier import/symlink issues | Runtime memory is important but had recent availability issues. |
| Curator/model calls | Logs show HTTP 401 invalid API key for one model path | Some scheduled model-dependent tasks may silently fail. |
| News dependencies | Logs show missing bs4 in a news path | Scheduled news job reliability issue. |
| DR scope review | Cron skipped because required skill was missing | Backup scope review report pipeline is not fully reliable. |
| Antigravity wrapper | Wrapper logs show fallback output extraction; CCTB Antigravity had 30-minute inactive timeouts | Antigravity task outputs can be incomplete or delayed. |
| Codex/CCTB approval | Current Codex process and CCTB configs show bypass/auto-approve style execution | High blast radius if stale memory triggers wrong action. |
This is a proposal only. No memory files were changed.
Create a small, explicit canonical memory index:
/root/.unified-memory/CANONICAL_STATE.md or /root/.hermes/unified-memory/CANONICAL_STATE.md.Canonical sub-sources:
/root/.hermes/vps_inventory/inventory.json./root/.hermes/SOUL.md and /root/.hermes/profiles/*/SOUL.md.| Layer | Purpose | Example Path | Rule |
|---|---|---|---|
| Canonical state | Current truth only | proposed CANONICAL_STATE.md | Small, versioned, no secrets, every fact has owner/freshness. |
| Source-of-truth data | Domain canonical files | vps_inventory/inventory.json, SOUL files | Owned by domain agent/operator. |
| Inbox/changelog | Pending durable changes | HERMES_CHANGELOG_INBOX.md | Append-only; must be consumed or explicitly deferred with ack. |
| Handoff ledger | Task transfer state | proposed HANDOFF_LEDGER.jsonl | Each item has producer, consumer, status, timestamp, evidence path. |
| Restart context | Short recovery context | restart-context/ | Latest pointer only in canonical state; old files archived. |
| Long-term memory | Agent-specific durable memory | Codex LTM, Hermes TDAI, Antigravity knowledge | Agent-specific; should link to canonical state rather than duplicate current facts. |
| Reports/logs/sessions | Evidence and history | /var/www/reports/, state DBs, logs | Read-only audit trail; summarize before memory ingestion. |
| System / Agent | Should Read | May Write | Should Not Write |
|---|---|---|---|
| Hermes Master | Canonical state, Hermes startup context, Master TDAI, handoff ledger, reports | Master TDAI, reports, changelog inbox, handoff proposals | VPS inventory except through explicit operator-approved updates. |
| Hermes Network | Canonical state, VPS inventory, Network TDAI, handoff ledger | VPS inventory, Network TDAI, network reports, changelog inbox | Codex LTM, Antigravity knowledge, unrelated profile memories. |
| Worker | Canonical state, Worker TDAI, startup context | Worker TDAI, local reports, changelog entries for durable local changes | VPS inventory, Codex LTM, Antigravity knowledge. |
| News | Canonical state, News config/context, report index | News reports/logs, changelog only for durable service changes | System topology memory, VPS inventory. |
| Health | Canonical state, Health memory/context | Health TDAI/reports | Shared ops memory with personal detail. |
| Stock | Canonical state, Stock memory/context | Stock TDAI/reports | Shared ops memory with detailed project records unless summarized. |
| Sub | Canonical state, Sub project context | Sub reports/project files when authorized | Shared ops memory with raw project/session detail. |
| Codex | Canonical state, Codex LTM, Hermes inbox, handoff ledger | Codex LTM only when allowed, reports under audit dirs, handoff ack/proposals | Hermes/Codex/Antigravity raw memory during read-only audits. |
| Antigravity | Canonical state, Antigravity session/knowledge | Antigravity session outputs and handoff proposals | Hermes memory and Codex LTM directly. |
| CCTB bridges | Bridge config, canonical routing summary | Runtime logs and completed-turn handoff events | Canonical state directly, unless through a validated handoff writer. |
/root/.codex/LONG_TERM_MEMORY.md except Codex memory-maintenance turns./root/SYSTEM_FULL_MANUAL.md except manual-maintenance turns./root/.gemini/antigravity/knowledge/ except Antigravity knowledge-maintenance turns.1. Every current fact in canonical state must have exactly one owner and one source path.
2. Duplicated facts in Codex LTM/manual/Antigravity knowledge should become links or summaries, not independent copies.
3. Startup should check freshness: if inbox or handoff ledger has unconsumed durable changes newer than canonical state, agent should warn before acting.
4. VPS tasks must always read /root/.hermes/vps_inventory/inventory.json first.
5. Agent identity/routing tasks must always read SOUL files first.
1. Secret-bearing paths must be tagged as “never ingest raw”.
2. Reports must redact token/API key/cookie/session/SSH/restic/Telegram/database credentials before publication.
3. Add a periodic local redaction audit for memory/report/session files.
4. Move any discovered secret-in-report incident to a restricted remediation queue without printing the value.
5. Avoid copying auth/config backups into general reports or long-term memory.
Recommended handoff JSONL fields:
{"id":"20260530-001","source":"Hermes Network","target":"Codex","type":"durable_change","summary":"US IP changed to current inventory value","evidence":["/root/.hermes/vps_inventory/inventory.json"],"status":"pending","created_at":"2026-05-30T02:00:00Z","consumed_at":null,"consumer_ack":null}Required states:
pending: produced but not consumed.consumed: target has read and incorporated or explicitly linked it.deferred: target saw it and left a reason.rejected: target found conflict and left evidence.superseded: newer item replaced it.This would make changelog inbox, restart context, Codex reports and Antigravity sessions traceable without merging raw memories.
1. Generate a read-only canonical-state draft from current sources and review it manually.
2. Add a handoff ledger next to the existing inbox without deleting the inbox.
3. Add a startup freshness check that warns if inbox/ledger is newer than canonical state.
4. Add a report ingestion index that records “summarized / not summarized / ignored with reason”.
5. Mark secret-bearing paths in a denylist for memory ingestion and report generation.
6. Update Antigravity knowledge by adding a current-state pointer instead of copying all Hermes facts.
1. Rotate any credentials found in published memory/report files, especially the plaintext Nezha secret incident.
2. Prune or restrict old auth backups after confirming rollback needs.
3. Rebuild stale Antigravity knowledge and remove obsolete Artist/VPS topology entries.
4. Normalize Codex LTM and SYSTEM_FULL_MANUAL.md to reference canonical state instead of duplicating current facts.
5. Compact old Hermes restart contexts and profile session summaries into dated archives.
6. Validate CCTB mirror reliability and add acknowledgement/error reporting for failed TDAI writes.
The system has the right primitives but lacks enforced memory ownership and consumption tracking. For a careful human operator, it is recoverable. For autonomous multi-agent continuity, it is currently only partially usable because stale memory can override current inventory and runtime facts. The safest next move is a small canonical-state layer plus handoff acknowledgements, not a large memory merge.