ClawHub

Hermes Agent Bridge

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed bridge to a local Hermes agent, but it gives another terminal-capable agent prompts through a raw shell command without clear consent, escaping, or data-handling boundaries.

Install only if you already trust the local Hermes CLI and understand that prompts may be processed by a separate agent with its own tools and behavior. Avoid sending secrets or private files through this bridge, and prefer explicit approval plus safer non-shell argument passing before using it for sensitive or action-taking work.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The skill uses broad trigger phrases like 'see what Hermes thinks about this' that could match normal conversational requests and cause unintended delegation to an external local CLI agent. Because activation results in command execution and prompt forwarding to another agent, accidental invocation materially increases the chance of unreviewed data disclosure or tool use outside the user's expectations.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill instructs the agent to run a local CLI command and pass the user's prompt to a separate agent, but it does not warn the user that their input will be forwarded externally within the system boundary to another executable. This lack of transparency is dangerous because users may share sensitive content without realizing it will be processed by a different agent with its own tools, policies, and side effects.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal