23. Glossary

Plain-language definitions, alphabetical. Each term points at the chapter where it is treated in full.

Access level. Public, protected, or private — the gate that decides who can start a session at all. → Ch. 13.

Adapter. Code that plugs a channel into the gateway. There is a Telegram adapter, a Slack adapter, and so on. → Ch. 17.

Agent. The persistent thing — model + instructions + memory + skills + MCP connections + workspace. The unit you configure and share. → Ch. 3.

Approval. A policy effect that pauses a tool call until the owner says yes or no. → Ch. 15.

Channel. A transport for messages: CLI, web, Telegram, Discord, Slack. → Ch. 17.

Cron. Recurring schedule expression. → Ch. 11.

Effect. What a policy rule does: allow, deny, or require_approval. → Ch. 15.

Gateway. The OpenHermit server. Runs your agents, holds their data, exposes the web UI and APIs.

Guest. Lowest-privilege role. Read-only by default, no memory writes, no exec. → Ch. 5.

Identity. A tuple of (channel, channel_user_id) resolving to one user record. A user can have several. → Ch. 5.

Instructions. Rules pinned to the agent’s system prompt. Owner-only. → Ch. 7.

MCP (Model Context Protocol). Standard for exposing external tools to an agent. → Ch. 9.

Memory. Facts and preferences the agent stores and recalls. Three layers: session, working, long-term. → Ch. 6.

Model. The LLM driving the agent’s replies. Swap-able without losing memory. → Ch. 16.

Observe. The web UI tab for read-only inspection of agent activity. → Ch. 20.

Owner. Top-privilege role. Manages users, policy, secrets, instructions. → Ch. 5.

Policy. Per-tool rules layered below role. → Ch. 15.

Role. Owner, user, or guest. Determines default capability. → Ch. 5.

Sandbox. The isolated environment in which the agent’s workspace lives — Docker, E2B, Daytona, depending on operator choice. → Ch. 10.

Schedule. A saved prompt that fires on cron or at a one-off time. → Ch. 11.

Secret. A named credential stored separately from configs and substituted at runtime. → Ch. 18.

Session. One conversation with the agent. → Ch. 3, Ch. 4.

Skill. A folder with a SKILL.md and optional helpers that extends what the agent can do. → Ch. 8.

Tool. A function the agent can call — file read/write, exec, MCP-exposed APIs, memory ops, etc.

User. Standard role between guest and owner. Full chat + tools, no admin. → Ch. 5.

Workspace. The agent’s filesystem inside its sandbox. → Ch. 10.

23.1 Pointers

• Start at the top → Chapter 1 · What OpenHermit Is.
• Or jump to the chapter that matches what you are trying to do → README.