hermes-traffic-guardian
PassAudited by ClawScan on May 10, 2026.
Overview
This is a non-executing specification scaffold for opt-in Hermes traffic monitoring, with sensitive future proxy capabilities clearly disclosed and safety limits stated.
This version appears safe as an instruction-only scaffold with no runtime code. If a future implementation is added, review it separately for proxy scope, HTTPS CA handling, log redaction, log retention, and protection of the posture export file.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If a future implementation is installed, it may inspect selected Hermes traffic, including HTTPS only when explicitly configured.
Proxy and HTTPS inspection are powerful capabilities that can expose traffic contents, but the artifact frames them as planned, opt-in, and process-scoped.
- operator-scoped HTTP proxy inspection - optional HTTPS inspection with per-process CA trust
Before using a future runtime version, confirm proxy scope, CA trust handling, byte limits, and that inspection is enabled only for the intended Hermes process.
Traffic-derived security logs could still reveal limited contextual information even after redaction.
The planned monitor would persist local findings derived from traffic, which can be sensitive; the specification requires redaction and bounded scanning.
- Snippets must be redacted before persistence. - Maximum scan bytes must be configurable and bounded.
Store logs in a protected location, review retention settings, and verify redaction tests before relying on any future implementation.
Another component may rely on this monitor's posture file when assessing trust state.
The skill plans a data flow to another Hermes component for attestation; the exported schema appears limited to status and hashes rather than full traffic.
Export a small posture JSON file that `hermes-attestation-guardian` can include as a trust anchor or watched file.
Ensure the posture file path is protected from tampering and that attestation consumers treat it as status data, not as proof of full traffic safety.