ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Hermes Evolution

v1.0.0

Hermes Evolution enhances OpenClaw with fast PM routing, proactive self-check, auto skill generation, user profiling, layered memory, and continuous learning.

0· 77·1 current·1 all-time
by@wuritu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description match the included modules: routing (intent-router, sensen-pm-router), task store/DAG, self-improvement, frozen memory, auto-skill generation, scheduler, Feishu notifier and logger. The code files implement the advertised features rather than unrelated capabilities.
!
Instruction Scope
SKILL.md instructs copying the provided .js modules into skills/sensen-pm-router/ and running tests. Those runtime instructions modify the agent's skills folder and run arbitrary JS code locally. The docs also instruct copying tasks/rules/corrections data (potentially sensitive) into the skills tree. The AutoSkillGenerator is intended to observe tool calls and will log and act at runtime — so the instructions permit automatons that read runtime activity and produce new artifacts.
Install Mechanism
There is no external download/install spec (no network installer), and all code is included. That limits supply-chain download risk, but the package expects you to copy many files into runtime directories which is a manual install step that changes the agent environment.
!
Credentials
The skill declares no required environment variables or primary credential, yet it contains a Feishu notifier and scheduler that normally require channel credentials/configuration. The documentation assumes a preconfigured Feishu Channel but does not declare or require those secrets, which is a mismatch. Additionally, modules read/write local data directories (tasks/, corrections/, rules/) and the auto-generator writes logs and skill files — access to these local paths and any channel tokens should be considered sensitive.
!
Persistence & Privilege
AutoSkillGenerator writes generated skill JSON files into ../../skills/auto-generated and appends a .tool-calls.jsonl log; EnhancedSkill can save skill files to the global skills directory. There is also a 'spawner' module for spawning agents. Combined with the platform default that allows autonomous invocation, this means the skill can create new skills/artifacts on disk and potentially extend the agent's capabilities without explicit user review — a significant persistence/privilege vector.
What to consider before installing
This package implements the advertised enhancements, but exercise caution before installing on production. Key checks: 1) Review the auto-skill-generator and spawner code — they write to skills/ and can create new skills automatically; if you don't want that, remove/disable these modules or set minFrequency very high. 2) Run everything in an isolated sandbox/container and mount a disposable skills directory to observe file writes before allowing it to modify your real environment. 3) Back up your existing skills and configs (the docs recommend this) and verify restore works. 4) Do not supply production channel credentials (Feishu tokens, etc.) until you’ve audited where and how they’re used; prefer ephemeral test credentials. 5) Audit any auto-generated skills before enabling autonomous invocation or auto-loading them into the runtime. 6) If you lack capacity for a full code review, avoid installing or restrict the skill’s filesystem and network permissions (e.g., run with limited user, no outbound network) until vetted.
modules/sensen-feishu-notifier.js:75
Environment variable access combined with network send.
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk977e34d8426ee0nea8b4axtgh84na4m

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments