Back to skill
Skillv1.0.3
ClawScan security
hermes agent skill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 17, 2026, 8:23 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, runtime instructions, and requested environment access are consistent with its stated purpose (multi-agent routing, local memory, and skill-evolution) and do not demand unrelated credentials or external installs.
- Guidance
- This skill appears to be what it claims: a pure-Python multi-agent router, local insight DB (SQLite/FTS5), and a local skill-evolution component. Key things to check before installing: 1) Confirm the skill source (SKILL.md mentions a GitHub URL placeholder). 2) Persistence is off by default — only enable HERMES_PERSISTENCE_ENABLED if you accept local disk storage at ~/.hermes/*.db. 3) The sessions integration calls sessions_send to deliver fallback records; check what sessions_send does in your OpenClaw environment (where it sends logs) and set HERMES_SESSION_LOG_LEVEL to 'summary' or 'off' if you want to avoid sending payloads. 4) Keep HERMES_SENSITIVE_FILTER_ENABLED=true if you want automatic filtering of tokens/emails/etc. If you need higher assurance, review the sessions_send implementation used by your platform and inspect the on-disk DB files after enabling persistence.
Review Dimensions
- Purpose & Capability
- okName/description (multi-agent scheduling, memory, GEPA evolution) match the provided Python modules: router, workflow scheduler, sessions integration, insight DB, and evolution engine. Declared zero required binaries/credentials is proportionate because the implementation uses only the Python stdlib and SQLite.
- Instruction Scope
- noteSKILL.md and code keep persistence disabled by default and require an explicit env var or API call to enable disk writes. The sessions integration forwards lightweight records to sessions_send; by default log level 'summary' avoids sending payloads, but if configured to 'full' the handler will include payloads. Users should verify what sessions_send does in their environment before enabling full logging or persistence.
- Install Mechanism
- okNo install spec is included in registry metadata; the package is delivered as code files in the skill bundle (no network download at install time). SKILL.md suggests installing from a GitHub repo but that's informational. No URL-based downloads or opaque installers are part of the skill bundle.
- Credentials
- okThe skill does not require secrets or third‑party credentials. It documents optional HERMES_* environment variables that control local persistence, DB paths, extraction and filtering behavior — all relevant to the skill's functionality. No unrelated env vars or credentials are requested.
- Persistence & Privilege
- okPersistence writes are local (~/.hermes/*.db) and are explicitly disabled by default; enabling requires setting HERMES_PERSISTENCE_ENABLED=true or an explicit API call. The skill does not request permanent platform-wide privileges (always is false) and does not modify other skills' configs.