ClawHub
Code Pluginsource linked

Hivemindv0.7.69

Hivemind — cloud-backed persistent shared memory for AI agents, powered by DeepLake

hivemind·runtime hivemind·by @kaghni
Community code plugin. Review compatibility and verification before install.
openclaw plugins install clawhub:hivemind
Latest release: v0.7.69Download zip

Capabilities

Tags
executes-codeartifact:npm-packnpm-mirror:available
configSchema
Yes
Executes code
Yes
HTTP routes
0
Runtime ID
hivemind

Compatibility

Built With Open Claw Version
2026.3.22
Min Gateway Version
>=2026.3.22
Plugin Api Range
>=1.0.0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
Cloud-backed shared memory, auto-capture, and team recall are coherent with the stated purpose and disclosed in the README, but automatic skill mining, delegated agent execution, and global skill writes expand the capability beyond ordinary memory storage.
!
Instruction Scope
The injected agent context encourages use of org-shared summaries and raw session data across teammates, and the skill-mining documentation in the embedded prompt conflicts with code that auto-spawns a mining worker after captured sessions.
Install Mechanism
The npm package does not show a postinstall-style execution path, and OpenClaw config edits are tied to explicit commands with backups; however those commands rewrite allowlists and update settings without an interactive diff or confirmation inside the code path.
!
Credentials
Sending every user and assistant message to api.deeplake.ai is purpose-aligned and README-disclosed, but it is broad, default-on after authentication, team-visible, and lacks evident redaction or per-message controls.
!
Persistence & Privilege
The plugin stores a long-lived Deeplake token, modifies OpenClaw config, spawns a detached skill-mining worker, writes local state/logs, stores derived skills remotely, and can write generated SKILL.md files under the user's global Claude skills directory.
Scan Findings in Context
[VirusTotal] expected: VirusTotal telemetry is clean and does not support a malicious verdict.
[staticScan] expected: The static scan reported clean; artifact review still found high-impact behavior that warrants Review rather than automatic release.
[SDI-2] expected: The allowlist and autoUpdate config writes are tied to documented slash commands and backups, so they are not hidden install-time changes, but they still alter trust and update policy with coarse user control.
[SDI-1] unexpected: The code auto-spawns skill mining after captured sessions, while embedded guidance says OpenClaw itself does not run sessions to mine; this mismatch is a material disclosure problem.
[SDI-4] unexpected: The session-mining contradiction is supported by artifact code and materially affects user expectations about secondary processing of conversations.
[SDI-2] unexpected: The skillify worker delegates mined session content to local agent CLIs using bypassPermissions, dangerously-bypass-approvals-and-sandbox, or yolo-style flags; this is high-impact and under-scoped for automatic background processing.
[SDI-4] unexpected: The scanner's specific global-read-only merge claim is only partially supported, but the worker is configured for global installs and can create or merge persistent SKILL.md files under the user's global skills path.
[SQP-2] expected: Remote auto-capture of conversations is disclosed in the README and matches the memory purpose, but the breadth, default-on behavior after login, and team visibility keep it a Review concern.
[SQP-2] unexpected: Remote storage of derived skill content and SQL queries from mined sessions is real, but the skill-mining data flow is less clearly disclosed than the core memory capture flow.
[SQP-1] expected: The manifest mentions auto-capture, auto-recall, and teammates, but the README carries most of the actual privacy disclosure; users relying only on install metadata would not see enough scope detail.
[SSD-3] expected: The auth URL exposure is part of the login flow, but placing a live link into model-visible context increases leakage risk through transcripts or logs.
[SSD-3] expected: Org-shared memory access is the advertised product behavior, but raw cross-user session search/read needs clear administrative access controls and user expectations.
What to consider before installing
Install only if you are comfortable with Deeplake receiving and retaining agent conversations for your org, including possible teammate access. Before enabling it, confirm capture can be paused or disabled, decide whether global skill mining is acceptable, and review the effects of /hivemind_setup, /hivemind_autoupdate, and any generated skills under ~/.claude/skills.

Verification

Tier
source linked
Scope
artifact only
Summary
Validated package structure and linked the release to source metadata.
Source
github.com/activeloopai/hivemind
Commit
39fc31c288d6
Tag
39fc31c288d6b659b42329358cabb4766b57b76d
Provenance
No
Scan status
suspicious

Tags

latest
0.7.69
test
0.0.1-test

Hivemind

Cloud-backed shared memory for AI agents. Install once, memory persists across sessions, machines, and channels — and is shared with every teammate in your Deeplake org.

Powered by Deeplake.

Install

openclaw plugins install clawhub:hivemind

Then in chat:

/hivemind_login

Click the auth link, sign in, send another message. That's it.

What it does

  • Auto-recall — before each agent turn, relevant memories surface automatically via keyword search.
  • Auto-capture — after each turn, the conversation is stored to your Deeplake workspace.
  • Cross-platform — same memory accessible from Claude Code, Codex CLI, and OpenClaw plugins.
  • Team-wide — every user in your Deeplake org shares the same memory.

Commands

CommandWhat it does
/hivemind_loginSign in via device flow
/hivemind_setupAdd hivemind to OpenClaw's tool allowlist (one-time, after install)
/hivemind_captureToggle conversation capture on/off
/hivemind_whoamiShow current org and workspace
/hivemind_orgsList organizations
/hivemind_switch_org <name>Switch organization
/hivemind_workspacesList workspaces
/hivemind_switch_workspace <id>Switch workspace
/hivemind_versionShow installed version and check ClawHub for a newer one
/hivemind_updateShow how to install the latest version
/hivemind_autoupdate [on|off]Toggle the agent-facing update nudge (on by default)

You can also just ask the agent naturally — "switch org to activeloop", "list my orgs", "invite alice@example.com as admin", etc.

Privacy & data

  • What's captured: every user message and assistant reply, sent to api.deeplake.ai.
  • Where credentials live: a long-lived API token at ~/.deeplake/credentials.json (file permissions 0600).
  • Where it sends data: api.deeplake.ai (memory storage) and clawhub.ai (version check on session start and via /hivemind_version).
  • How to pause: run /hivemind_capture to stop capture; run it again to resume.
  • How to fully sign out: delete ~/.deeplake/credentials.json and revoke the token in the Deeplake dashboard.

OpenClaw config changes

The plugin modifies ~/.openclaw/openclaw.json in two places, both triggered by explicit user commands and both with timestamped backups:

  • /hivemind_setup appends "hivemind" to tools.alsoAllow so OpenClaw admits the plugin's agent tools. OpenClaw's default coding profile only exposes core tools (read/write/exec/etc.) to agents; plugin-registered tools are filtered out unless explicitly allowed.
  • /hivemind_autoupdate [on|off] sets plugins.entries.hivemind.config.autoUpdate. When on, the plugin adds a short line to the system prompt when a newer version is available on ClawHub; the actual install runs through the agent's existing exec tool or via openclaw plugins update hivemind in a terminal.

The plugin does not replace the built-in memory plugin. It runs alongside memory-core via lifecycle hooks, so memory-core's dreaming cron and other memory-slot jobs keep working.

Troubleshooting

Hivemind feels slow or makes tools hang. Check agents.defaults.model in ~/.openclaw/openclaw.json. Memory-heavy workflows issue many small tool calls; a large reasoning model feels sluggish. Recommended default is anthropic/claude-haiku-4-5-20251001.

Model switch rejected as "not allowed". OpenClaw's allowlist wants <provider>/<exact-dated-id>. Use anthropic/claude-haiku-4-5-20251001 or anthropic/claude-sonnet-4-6. Bare IDs and -latest suffixes are rejected.

openclaw model <id> fails with "plugins.allow excludes model". The CLI is disabled by default. Edit ~/.openclaw/openclaw.json under agents.defaults.model and restart the gateway: systemctl --user restart openclaw-gateway.service.

Telegram-triggered sudo npm i -g openclaw@latest fails with "elevated is not available". tools.elevated.allowFrom.telegram isn't set. Run the upgrade in a local shell instead.

Sharing memory with teammates

Invite teammates to your Deeplake org:

invite alice@example.com as admin

Their agents will see your memory; your agents will see theirs.

Source

github.com/activeloopai/hivemind