Most MangoTart configuration lives on the device, not in your account on mangot.art. The local console is the place to choose a model, connect accounts and tools, manage the agent's memory and schedules, and control device-level settings.
This guide is the map of those controls. For the underlying data boundary, read Privacy, security, and permissions.
Where settings live
MangoTart has two management surfaces with different jobs:
| Surface | What it manages | What it does not manage |
|---|---|---|
| Local MangoTart Console | Agent, provider, connection, browser, network, security, update, and backup settings | Orders, account ownership, or cloud-backup downloads for a damaged device |
Your account on mangot.art | Account and device ownership, orders, device status, and encrypted cloud-backup downloads | Your model selection, API keys, bot tokens, browser sessions, memory, or schedules |
If the device is offline, the website cannot remotely edit its agent configuration. Provider and connection credentials are entered through the local console and remain part of the device's local state unless a configured external service receives them as part of its own authorization flow.
Configuration map
The console groups daily controls by purpose:
| Console page | What you control | Important boundary |
|---|---|---|
| Model provider | Provider login or API key, active model, and connection test | Model requests and relevant context go to the provider you select |
| Voice | Speech-to-text provider and its required key | Audio sent for transcription follows that provider's policy |
| Skills | Installed skills, enabled state, and optional official skills | A skill may require a separate key or external account |
| Memory | Agent identity, long-term memory, and user-profile files | This is user content that can directly affect future responses |
| Schedules | Recurring jobs, timing, and delivery target | Time zone and destination must be correct for unattended work |
| Messaging | Chat platforms, bot/account credentials, pairing, and allowed users | Different chats still use one underlying agent trust boundary |
| Mailboxes and provider-specific app passwords or authorization codes | Connect only mailboxes the agent is allowed to read and act on | |
| SMS | Twilio account, sender identity, drafts, approvals, and replies | Carrier, registration, and per-message charges remain with Twilio |
| Browser | Signed-in website sessions in the built-in browser | Browser cookies and sessions are powerful credentials and are not in Hermes backups |
| MCP | MCP servers, transport details, enabled state, tests, and removal | A connected server can receive the data required by its tool calls |
| Keys | API keys used by tools and skills | The page shows configuration status without acting as a raw secret-file editor |
| Wi-Fi | Wireless region, saved networks, and active connection | Changing networks can immediately disconnect the console you are using |
| SSH keys | Public keys allowed to access the device | Never upload or paste an SSH private key |
| System | Versions, time zone, command approval, session expiry, backups, PIN, dashboard lock, restarts, and reset | Some actions pause the agent, disconnect the device, or permanently erase local state |
The Overview page is the quickest place to confirm whether the agent, provider, browser, and messaging connection are healthy before changing anything.
Credentials and secret values
Use the dedicated page for each kind of credential:
- model login and model API keys belong on Model provider;
- bot tokens and messaging-account secrets belong on Messaging;
- mailbox and Twilio credentials belong on Email and SMS;
- tool and skill API keys belong on Keys; and
- website logins stay inside the Browser profile.
The console deliberately does not provide a general-purpose editor for Hermes config.yaml or .env. Dedicated forms restrict changes to supported settings, and secret fields should not be treated as a way to retrieve a stored key later.
If a credential may have leaked, replace or revoke it at the issuing provider—not only on MangoTart—then enter the replacement on the correct console page and test the connection.
Support never needs your secret values
Do not send API keys, OAuth codes, bot tokens, mailbox passwords, Twilio auth tokens, your management PIN, pairing codes, cloud-backup password, browser cookies, an SSH private key, or a backup archive to support.
What a backup carries
Hermes backups preserve supported agent state, including memory, skills, chat state, schedules, agent configuration, and credentials held in Hermes state. This makes a backup sensitive even when its filename looks ordinary.
They do not carry the browser profile or signed-in website sessions. Device-level state—such as MangoTart identity, Wi-Fi, the management PIN and dashboard lock, SSH access, the operating system, and the private support-network identity—is also separate from the Hermes backup.
After a restore, test the model and messaging connections, review schedules and security controls, and sign back into required websites. See Backup, restore, and migration for the complete procedure.
Before making changes
For a provider switch, migration, or other change that affects several workflows:
- Confirm the current agent is healthy on Overview.
- Note the active provider, model, time zone, connected channels, and important schedules. Do not copy secret values into your notes.
- Create a fresh backup before a high-impact change.
- Change one area at a time and use the page's test action when available.
- Restart the agent only when the console asks you to or the changed setting requires it.
- Send a simple test message and verify one scheduled or tool-based workflow before considering the change complete.
This sequence makes it much easier to identify which change caused a failure.
What to send support
Useful, non-secret diagnostic information includes:
- device serial and hostname;
- MangoTart and Hermes versions shown in System;
- provider and model names, without the key or authorization code;
- the affected console page, messaging platform, tool, or skill;
- the exact error text and the time it happened, including your time zone;
- the steps that reproduce the issue; and
- a screenshot after cropping or covering credentials, personal messages, email addresses, phone numbers, and account identifiers.
Share conversation content or files only when they are necessary to reproduce the problem and you have checked what personal information they contain. Start with the smallest useful example.
What MangoTart deliberately does not expose
The console is not a generic Hermes configuration editor. It exposes settings that are understandable and safe to manage as dedicated controls, while deployment, sandbox, internal timeout, routing, and other operator-level parameters remain managed by the Agent OS.
MCP is broader because it has a dedicated connection manager, but it still uses structured fields and supported actions rather than raw file editing. This boundary reduces invalid combinations, accidental secret disclosure, and upgrades that fail because of an old hand-edited setting.
If a guide tells you to edit raw Hermes files over SSH, check with MangoTart support before applying it to a production device. The upstream option may be valid while still conflicting with the supported Agent OS baseline.
A simple review routine
Every month—and after changing a provider or important account—check:
- Overview for failed services or disconnected components.
- Model provider and your main messaging channel with a real test.
- Schedules for stale jobs, destinations, and time zone.
- Skills, MCP, and Keys for connections you no longer use.
- Browser for signed-in accounts the agent no longer needs.
- System for backup success, command-approval mode, dashboard lock, and available updates.
Remove unused access instead of leaving it configured indefinitely. If something fails, use Troubleshooting before resetting or restoring the device.