Hermes Skills
ReviewAudited by ClawScan on May 13, 2026.
Overview
This skill is not obviously malicious, but it tells the agent to persist conversation summaries and new skills without clearly defining user approval, storage, retention, or rollback controls.
Install only if you are comfortable with the agent saving conversation summaries and creating persistent skills. Before using it, decide where memories and generated skills will be stored, require your approval before writes, and make sure you can inspect and delete anything it saves.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Private or sensitive conversation details could be saved and reused in later tasks, and a bad or poisoned summary could influence future agent behavior.
This instructs the agent to persist a conversation summary automatically, but the artifact does not define the memory store, retention, exclusions, review step, or deletion controls.
# When context hits 50% capacity: # 1. Compress recent conversation # 2. Keep first 3 + last 4 messages # 3. Summary → memory system
Require explicit user confirmation before each memory write, define where memory is stored, limit what can be saved, and provide review and deletion controls.
The agent could accumulate new behavioral instructions over time without the user clearly reviewing what was added or how it will affect later work.
The skill directs the agent to create persistent skills based on activity, which can change future behavior, but it does not specify human review, allowed locations, provenance, or rollback.
| Skills Tracker | Every 15 tool calls | Save discovered techniques | ... "Did we develop a new technique worth saving?" # If yes → save as skill
Make skill creation user-approved only, store generated skills in a clearly scoped location, record provenance, and provide a simple way to review, disable, or roll back saved skills.
The package appears partly documented beyond what was supplied, so users cannot review the referenced helper implementations from these artifacts.
The documentation references helper scripts that are not included in the supplied file manifest, which only provides SKILL.md and scripts/hermes_test.py.
scripts/ │ ├── hermes_nudge.py # Memory Nudge │ ├── hermes_flash.py # Memory Flash │ ├── hermes_tracker.py # Skills Tracker │ └── hermes_gate.py # Programmatic Gate
Publish the referenced files or update the documentation to match the shipped package; review any later-added helper scripts before relying on them.