ClawHub

Hermes Agent Integration

Security checks across malware telemetry and agentic risk

Overview

This skill is an instruction-only Hermes integration guide, but it promotes persistent memory, user modeling, scheduled automation, auto-spawned agents, and unverified external installers without enough safeguards.

Review the external installer scripts before running them, prefer pinned or verified releases, and keep memory, user modeling, scheduler jobs, and autoSpawn disabled until you know what data is stored, how to delete it, and how to stop background work. Treat chat bot tokens as secrets and use minimal permissions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
76% confidence
Finding
The trigger list is very broad and includes common concepts like Hermes, Nous, self-improving, and multi-agent phrases, which can cause the skill to activate in contexts where the user did not intend to install or use this integration. In a skill that promotes auto-spawning agents and external tooling, unintended invocation increases the chance of risky suggestions or automation being surfaced without clear user consent.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill prominently advertises cross-session memory search and user modeling without warning users that these features may retain, search, and profile prior interactions. In an agent integration context, omission of disclosure and consent guidance can lead to unexpected collection or reuse of sensitive data across sessions.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill describes built-in scheduling and isolated subagent spawning but does not warn users that these capabilities can execute actions asynchronously or in parallel beyond the immediate prompt context. In practice, that can lead to unintended automated operations, expanded privileges, or reduced oversight if users assume only a single synchronous assistant response.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal