OpenClaw Control Plane in Jorvis - Hermes Bounded Copilot Layer

Architecture View Only

Public supporting references live in Runtime Overview, OpenClaw Control Plane, and Operations Overview.

1. Current Control Plane

Current

flowchart LR U["User"] --> W["Open WebUI"] W --> F["openclaw_agent"] F --> B["openclaw_bridge.py"] B --> O["jorvis-openclaw"] B --> A["Admin-copilot non-mutating snapshot"] O --> C["Chat lane"] O --> M["Memory-search lane"] B --> J["Jorvis internal memory API"] B -. "ENABLE_GUARD_CORE_COMPAT" .-> CP["Compat pre-flight endpoint"] CP -. gated .-> O

The bridge currently owns session key construction, role/capability detection, secret refusal/redaction, and admin-context enrichment. Hermes adds memory continuity and reusable skills above that bridge layer. PR #443 added a bounded compat bridge path: openclaw_bridge.py calls the compat pre-flight endpoint behind ENABLE_GUARD_CORE_COMPAT (default False).

2. Current Runtime Lanes

Current

Chat lane

Primary: gemini-flash-latest
Fallback chain: gemini-3.1-pro-preview → gemini-2.5-pro → ollama/jorvis-4b-256k
Purpose: assistant/copilot chat generation
Canonical source: openclaw.json

Memory-search lane

Provider: gemini
Model: gemini-embedding-001
Fallback: none
Purpose: embedding/search, not chat generation

Local fallback lane

Local model/fallback policy is a separate Jorvis lane and must not be conflated with OpenClaw memory-search embeddings.

3. Current Mode Boundaries

Current

Mode	State	Meaning
User Assistant	Active	Help/reference, explainer, personal/work assistant behavior.
Admin Observer	Active	Non-mutating monitoring/improvement advisory behavior.
Admin Planner	Partial	Advisory planning exists, but no guarded execution gateway yet.
Compat Bridge	Gated	Pre-flight compat endpoint via `ENABLE_GUARD_CORE_COMPAT` (default `False`). PR `#443`.
Admin Operator	Planned	Future only; requires approval, audit, and rollback contracts.

Hard boundary: OpenClaw is not gatekeeper, merge authority, or release authority.

4. Ops Copilot Use

Current

Allowed now: onboarding help, docs/KG retrieval, runtime explanation, smoke planning, evidence summarization.
Useful for: Architect, Executor, Gatekeeper, Tester, and Coordinator support.
Not allowed: final GO/NO-GO, merge approval, release approval, raw shell execution.
Current stance: non-mutating and advisory first; dry-run/apply are future control-plane work.

5. Current Security and Isolation

Current

Secret refusal/redaction happens before or during bridge/output handling.
Tenant-aware session scoping exists in the bridge/session-memory path.
Admin-context enrichment is read-only.
Current memory-search contract and operational policy are related but not identical.
Public Open WebUI behavior must be checked separately from direct OpenClaw gateway health.

6. Planned Expansion

Planned

flowchart TD A["Current thin bridge + normalized runtime lanes"] --> AB["Bounded compat bridge (PR #443, gated)"] AB --> B["typed Jorvis-side capability/control surface"] B --> C["guarded tool gateway"] C --> D["admin planner / operator split"] D --> E["optional multi-agent expansion"]

Planned items are architectural direction, not current production truth.
Security-first sequencing applies: normalize contracts before adding tool or operator surface.
Future operator behavior must be approval-gated and auditable.