Skillv1.0.3

ClawScan security

hermes multiagent skill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 17, 2026, 7:42 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The package implements a local Python in-process pub/sub router and a sessions_spawn integration that matches the skill's stated purpose; requirements and behavior are coherent with the description.
Guidance: This package is a local, in-memory pub/sub router and the code matches the documentation. Before installing consider: (1) handlers you register will be executed on background threads—ensure they are thread-safe and do not run untrusted code; (2) the router keeps an in-memory message pool (default pool_max 1000) and pending task map — a flood of messages or very large payloads could exhaust memory or cause delays; (3) the sessions_spawn integration assumes an external sessions_spawn API is available — confirm that integration point and its trust boundary; (4) the skill does not perform network calls or store credentials by itself, but if you pass external callbacks or integrate with remote session managers those components may introduce network I/O or require credentials. As usual, review and run in a restricted environment before trusting with sensitive data.

Purpose & Capability: okName/description describe a multi-agent, high-concurrency message router; included Python modules implement HermesRouter, HermesAgent, and a sessions_spawn integration. No unrelated credentials, binaries, or downloads are requested.
Instruction Scope: noteSKILL.md documents only local API usage and sessions_spawn integration. It does require an external sessions_spawn API to exist for the optional integration; otherwise the HermesRouter/HermesAgent APIs operate locally. The instructions do not ask the agent to read files, env vars, or contact external network endpoints by default.
Install Mechanism: okThere is no external install spec or network download; the skill is an instruction+source bundle. All code is included in the package and uses only the Python standard library.
Credentials: okThe skill declares no required environment variables or external credentials and the code does not access environment secrets. No disproportionate credential/system access is requested.
Persistence & Privilege: okalways is false and the skill does not request persistent platform privileges or modify other skills' configuration. It keeps in-memory state only and exposes lifecycle methods to register/unregister agents.