Skillv1.1.0

ClawScan security

Hermes Doctor · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 30, 2026, 2:19 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is an instruction-only troubleshooting guide for Hermes Agent and its requested actions and references are coherent with that purpose, though it instructs sensitive system and credential edits so proceed with explicit user consent and backups.
Guidance: This skill is coherent with its stated purpose: it is a step-by-step, high-impact ops playbook for diagnosing and fixing Hermes Agent auth/config issues. Before using it: (1) confirm the real HERMES_HOME (the skill emphasizes this), (2) always make the backups it recommends before editing auth.json/.env/config.yaml or deleting files/locks, (3) explicitly authorize any destructive actions (the skill lists them), (4) do not paste API keys or secrets into public logs or chat — prefer running the commands yourself or pasting secrets only into local .env/auth.json after an explicit consent, and (5) prefer `hermes auth` CLI commands when available rather than manual edits; if unsure, escalate to an administrator or SRE. If you want the agent to act autonomously with this skill, be aware it could perform sensitive file/registry edits if allowed — only grant that when you fully trust the agent and environment.
Findings: [no_code_files] expected: The regex scanner had nothing to analyze because this is an instruction-only skill; that is expected for a documentation-style troubleshooting skill.

Review Dimensions

Purpose & Capability: okName/description (Hermes troubleshooting) align with the contents: SKILL.md and references focus on HERMES_HOME, .env, auth.json, request_dump, hermes CLI commands, registry on Windows, backup/restore and known GitHub issues. Nothing requested or instructed appears unrelated to diagnosing/fixing Hermes.
Instruction Scope: noteInstructions legitimately include reading/writing HERMES_HOME files, querying HKCU\Environment, running `hermes dump/doctor/auth` and editing .env/auth.json/config.yaml and removing locks/WAL or restarting/ reinstalling hermes; these are necessary for the stated purpose but are high-impact operations (editing credential stores, deleting WAL/state, removing registry entries). The SKILL.md explicitly calls out that destructive actions require user authorization, which mitigates but does not remove the sensitivity.
Install Mechanism: okNo install spec and no code files — instruction-only skill. That minimizes installation risk (nothing will be downloaded or written by an installer).
Credentials: noteThe skill does not request environment variables or credentials from the registry metadata, but the instructions tell operators to add/write API keys into .env and auth.json and to operate on credentials. That is proportionate to troubleshooting Hermes but is sensitive: keys and registry edits are involved, so agents or humans following these steps must handle secrets carefully and avoid pasting them into public channels.
Persistence & Privilege: okalways:false and no installable components; the skill does not request persistent agent privileges or modify other skills. Autonomous invocation is allowed (platform default) but not combined with elevated persistence, so risk is limited to the runtime instructions being followed.