{"skill":{"slug":"hermes-traffic-guardian","displayName":"hermes-traffic-guardian","summary":"Hermes runtime traffic monitoring baseline for opt-in proxy inspection, egress detection, and attestation-aware traffic posture.","description":"---\nname: hermes-traffic-guardian\nversion: 0.0.1-beta2\ndescription: Hermes runtime traffic monitoring baseline for opt-in proxy inspection, egress detection, and attestation-aware traffic posture.\nhomepage: https://clawsec.prompt.security\nauthor: prompt-security\nlicense: AGPL-3.0-or-later\nhermes:\n  emoji: \"TG\"\n  requires:\n    bins: [node, python3]\n---\n\n# Hermes Traffic Guardian\n\nThis is a baseline specification skill. It intentionally does not ship a proxy or runtime implementation yet.\n\n\n## Release Artifact Verification\n\nFor standalone installs, verify the signed release manifest before trusting `SKILL.md`, `skill.json`, or the archive. The `skill.json` file is the package metadata/SBOM source, and the release pipeline signs `checksums.json` with the ClawSec release key.\n\n```bash\nset -euo pipefail\n\nSKILL_NAME=\"hermes-traffic-guardian\"\nVERSION=\"0.0.1-beta2\"\nREPO=\"prompt-security/clawsec\"\nTAG=\"${SKILL_NAME}-v${VERSION}\"\nBASE=\"https://github.com/${REPO}/releases/download/${TAG}\"\nZIP_NAME=\"${SKILL_NAME}-v${VERSION}.zip\"\nTMP_DIR=\"$(mktemp -d)\"\ntrap 'rm -rf \"$TMP_DIR\"' EXIT\n\nRELEASE_PUBKEY_SHA256=\"711424e4535f84093fefb024cd1ca4ec87439e53907b305b79a631d5befba9c8\"\n\ncurl -fsSL \"$BASE/checksums.json\" -o \"$TMP_DIR/checksums.json\"\ncurl -fsSL \"$BASE/checksums.sig\" -o \"$TMP_DIR/checksums.sig\"\ncurl -fsSL \"$BASE/signing-public.pem\" -o \"$TMP_DIR/signing-public.pem\"\ncurl -fsSL \"$BASE/$ZIP_NAME\" -o \"$TMP_DIR/$ZIP_NAME\"\ncurl -fsSL \"$BASE/SKILL.md\" -o \"$TMP_DIR/SKILL.md\"\ncurl -fsSL \"$BASE/skill.json\" -o \"$TMP_DIR/skill.json\"\n\nACTUAL_PUBKEY_SHA256=\"$(openssl pkey -pubin -in \"$TMP_DIR/signing-public.pem\" -outform DER | shasum -a 256 | awk '{print $1}')\"\nif [ \"$ACTUAL_PUBKEY_SHA256\" != \"$RELEASE_PUBKEY_SHA256\" ]; then\n  echo \"ERROR: signing-public.pem fingerprint mismatch\" >&2\n  exit 1\nfi\n\nopenssl base64 -d -A -in \"$TMP_DIR/checksums.sig\" -out \"$TMP_DIR/checksums.sig.bin\"\nopenssl pkeyutl -verify -rawin -pubin \\\n  -inkey \"$TMP_DIR/signing-public.pem\" \\\n  -sigfile \"$TMP_DIR/checksums.sig.bin\" \\\n  -in \"$TMP_DIR/checksums.json\" >/dev/null\n\nhash_file() {\n  if command -v shasum >/dev/null 2>&1; then\n    shasum -a 256 \"$1\" | awk '{print $1}'\n  else\n    sha256sum \"$1\" | awk '{print $1}'\n  fi\n}\n\nverify_manifest_file() {\n  asset=\"$1\"\n  path=\"$2\"\n  expected=\"$(jq -r --arg asset \"$asset\" '.files[$asset].sha256 // empty' \"$TMP_DIR/checksums.json\")\"\n  if [ -z \"$expected\" ]; then\n    echo \"ERROR: checksums.json missing $asset\" >&2\n    exit 1\n  fi\n  actual=\"$(hash_file \"$path\")\"\n  if [ \"$actual\" != \"$expected\" ]; then\n    echo \"ERROR: checksum mismatch for $asset\" >&2\n    exit 1\n  fi\n}\n\nexpected_archive=\"$(jq -r '.archive.sha256 // empty' \"$TMP_DIR/checksums.json\")\"\nif [ -z \"$expected_archive\" ]; then\n  echo \"ERROR: checksums.json missing archive.sha256\" >&2\n  exit 1\nfi\nactual_archive=\"$(hash_file \"$TMP_DIR/$ZIP_NAME\")\"\nif [ \"$actual_archive\" != \"$expected_archive\" ]; then\n  echo \"ERROR: archive checksum mismatch\" >&2\n  exit 1\nfi\n\nverify_manifest_file \"SKILL.md\" \"$TMP_DIR/SKILL.md\"\nverify_manifest_file \"skill.json\" \"$TMP_DIR/skill.json\"\n\necho \"Signed release manifest, archive, SKILL.md, and skill.json verified.\"\n```\n\nOnly install or extract the archive after this verification succeeds.\n\n## Scope\n\nBuilders should use this skill as the Hermes landing zone for runtime traffic monitoring:\n\n- operator-scoped HTTP proxy inspection\n- optional HTTPS inspection with per-process CA trust\n- outbound exfiltration detection\n- inbound injection detection\n- redacted local threat logs\n- status export for `hermes-attestation-guardian`\n\nDo not add proxy runtime ownership to `hermes-attestation-guardian`. That skill should attest this monitor's status and configuration, not run it.\n\n## Safety Contract\n\n- Opt-in only.\n- Detect-and-log by default.\n- No automatic system CA installation.\n- No global proxy environment changes.\n- No blocking in the first implementation.\n- Redact secrets before logs, summaries, or attestation-linked outputs.\n- Keep all state under `HERMES_TRAFFIC_GUARDIAN_HOME` or `$HERMES_HOME/security/traffic-guardian`.\n\n## Builder Entry Points\n\nRead `SPEC.md` before implementing. Use the placeholder folders as follows:\n\n| Path | Intended use |\n|---|---|\n| `lib/` | Detector rules, redaction, posture export, report formatting |\n| `scripts/` | Start, stop, status, config validation, log query, attestation export helpers |\n| `test/` | Unit tests, proxy fixture tests, redaction tests, attestation export tests |\n\n## Required First Implementation Behavior\n\n1. Validate config without starting the proxy.\n2. Start monitor in foreground or explicit background mode.\n3. Scope proxy environment variables to the target Hermes service or CLI process.\n4. Inspect HTTP request/response text up to a bounded byte limit.\n5. Support optional HTTPS MITM only when the operator supplies per-process trust configuration.\n6. Emit JSONL findings with redacted snippets.\n7. Export a small posture JSON file that `hermes-attestation-guardian` can include as a trust anchor or watched file.\n\n## Out of Scope for v0.0.1 Implementation\n\n- automatic system trust-store mutation\n- transparent network interception\n- default blocking\n- sending traffic to external services\n- collecting full request/response bodies\n\n","tags":{"latest":"0.0.1-beta2"},"stats":{"comments":0,"downloads":400,"installsAllTime":15,"installsCurrent":0,"stars":0,"versions":2},"createdAt":1778414788061,"updatedAt":1778759508554},"latestVersion":{"version":"0.0.1-beta2","createdAt":1778758982687,"changelog":"Release 0.0.1-beta2 via CI","license":"MIT-0"},"metadata":{"setup":[],"os":null,"systems":null},"owner":{"handle":"davida-ps","userId":"s17ewxqmthh68xc4bv5vc6f30183jsf1","displayName":"davida-ps","image":"https://avatars.githubusercontent.com/u/232346510?v=4"},"moderation":null}