fix(openviking): plugin uses non-existent API endpoints, browse/read tools broken

[catbusconductor]

Bug Description

The OpenViking memory provider plugin (plugins/memory/openviking/__init__.py) uses API endpoints that don't exist on the actual OpenViking server, causing viking_browse and viking_read tool calls to fail.

Issues

1. Wrong endpoint paths and HTTP methods

Tool	Current (broken)	Correct
viking_browse	POST /api/v1/browse	GET /api/v1/fs/ls?uri= / GET /api/v1/fs/tree?uri=
viking_read (abstract)	POST /api/v1/read/abstract	GET /api/v1/content/abstract?uri=
viking_read (read)	POST /api/v1/read	GET /api/v1/content/read?uri=
viking_read (overview)	POST /api/v1/read	GET /api/v1/content/overview?uri=

2. Wrong response parsing

• result.get("children", 0) → API returns a list, should be len(result)
• e.get("is_dir") → API uses camelCase: e.get("isDir")
• result.get("content", "") → content endpoints return the string directly

3. Missing auth headers for trusted mode

The _VikingClient doesn't send X-OpenViking-Account or X-OpenViking-User headers, which are required when the server runs in auth_mode: trusted.

4. Background threads don't propagate auth

Client instances created in background threads (search, sync, write) only receive (endpoint, api_key) but not the account/user headers.

Steps to Reproduce

1. Set up OpenViking server with auth_mode: trusted
2. Configure memory.provider: openviking in Hermes
3. Try viking_browse viking:// → fails with 404 or method not allowed
4. Try viking_read on any URI → fails similarly

Environment

• Hermes Agent v0.6.0 (commit 3659e1f)
• OpenViking v0.3.2
• Plugin added in PR feat(memory): pluggable memory provider interface with profile isolation, review fixes, and honcho CLI restoration #4623

[alt-glitch]

This appears to have been fixed by merged PR #5078 (correct API endpoint paths and response parsing). If the issue persists on a newer OpenViking version, please reopen with updated details.

[alt-glitch]

This appears to have been fixed by merged PR #5078.

[konsisumer]

This issue appears to describe the same problem as #10124.
Maintainer might want to consolidate or pick one as canonical.

[teknium1]

All four issues described here are fixed on main — automated hermes-sweeper review.

• Wrong endpoints / HTTP methods — fixed in commit e09e485: viking_browse now uses GET /api/v1/fs/{ls,tree,stat}?uri= and viking_read uses GET /api/v1/content/{abstract,overview,read}?uri=. Response parsing also corrected (len(result) for list, isDir camelCase, direct string from content endpoints).
• Missing auth headers for trusted mode — fixed in commit 14e8732 (fix(openviking memory): send tenant headers for multi-tenant OpenViking #4825): _VikingClient._headers() now includes X-OpenViking-Account and X-OpenViking-User on every request.
• Background thread auth propagation — fixed in commit 5082a9f: all four _VikingClient(...) instantiation sites (initialize, prefetch, sync_turn, on_memory_write) now receive account, user, and agent parameters.

The fixes from contributor PRs #4742 and #4770 (both now closed) were incorporated into main through the commits above. Current code in plugins/memory/openviking/__init__.py matches the corrected behavior.

Note: PR #12937 describes a follow-on issue (file vs. directory URI routing for viking_read returning 412) — that is a separate bug and remains open.