hermes-remote-deploy
Fail
Audited by Gen Agent Trust Hub on Jun 19, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCREDENTIALS_UNSAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill's installation instructions in
SKILL.mdand the automated deployment scriptscripts/deploy.shboth utilize thecurl | bashpattern to install the Hermes Agent. Specifically, it downloads a script fromhttps://hermes-agent.nousresearch.com/install.shand pipes it directly into the bash shell. This execution method is high-risk because it lacks integrity verification and executes remote code without prior inspection. - [CREDENTIALS_UNSAFE]: The
scripts/deploy.shscript is designed to accept sensitive API keys (e.g., for DeepSeek, OpenAI, Anthropic) as positional command-line arguments. This practice is insecure as command-line arguments are typically recorded in the system's shell history files (such as~/.bash_history) and can be viewed by other users on the system using process monitoring tools likepsortop. - [COMMAND_EXECUTION]: The skill performs remote command execution using SSH with the
StrictHostKeyChecking=accept-newoption enabled. This setting automatically accepts new host fingerprints and adds them to the user'sknown_hostsfile without manual verification, which increases the risk of man-in-the-middle (MITM) attacks if the first connection occurs in an untrusted network environment. - [EXTERNAL_DOWNLOADS]: The skill fetches the Hermes Agent installation script from the official project domain at
hermes-agent.nousresearch.comand provides instructions for cloning repositories from GitHub.
Recommendations
- HIGH: Downloads and executes remote code from: https://hermes-agent.nousresearch.com/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata