Back to skill
Skillv1.0.0
VirusTotal security
hermes-agent 平替 openclaw 自进化技能 · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 16, 2026, 4:46 PM
- Hash
- 69bb8c5a5ff108fcbcdd5f8f360c5173ea31eed7586288ca1f5073b0de11cbfc
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: hermes-skill Version: 1.0.0 The skill bundle implements a 'self-evolving' AI system that includes a highly risky 'GitHub Sync Rule' in SKILL.md and README.md, instructing the agent to automatically perform 'git push' operations to a public repository (github.com/devrobbin/hermes-skill) whenever the skill 'evolves.' This creates a direct path for data exfiltration if the agent incorporates sensitive local information into auto-generated skills via auto_skill_creator.py. Additionally, upstream_tracker.py performs external network requests to the GitHub API, and the system maintains broad file-system access to manage its multi-tier memory and skill directories.
- External report
- View on VirusTotal