Back to skill

Security audit

Hermes Agent

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only Hermes Agent guide; it describes powerful agent features and a risky convenience installer, but the behavior is disclosed and aligned with the stated purpose.

Install this skill only if you intend to work with Hermes Agent. Before running the quick-start installer, review or pin the installer source where possible, avoid approval-bypass modes on important systems, and keep credentials, gateways, memory, cron jobs, and spawned agents scoped to trusted environments.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The quick-start documentation instructs users to execute a remote script directly with `curl ... | bash`, which removes the opportunity to inspect the downloaded code before execution. In a skill for an autonomous agent framework with terminal access, this is especially dangerous because users may copy it verbatim and the fetched script could be modified upstream, intercepted in a compromised environment, or simply contain unintended destructive behavior.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The documentation exposes `--yolo` as a flag that skips dangerous command approval, but does not pair it with an immediate warning about disabling a key safety control. In the context of an agent that can run tools and shell commands, normalizing approval bypass materially increases the chance of unsafe or unintended command execution.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.