hermes-remote-deploy

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs passing API keys as command-line arguments and using commands like hermes config set DEEPSEEK_API_KEY sk-xxxx and bash scripts/deploy.sh <user@host> <provider> <api-key>, which requires embedding secret values verbatim in generated commands/config, creating an exfiltration risk.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The deploy script directly runs remote code at runtime via "curl -fsSL https://hermes-agent.nousresearch.com/install.sh | bash" (and offers an alternative runtime fetch via "git clone https://github.com/NousResearch/hermes-agent.git"), which executes code fetched from those URLs, so this is a required runtime external dependency that executes remote code.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The prompt directs executing remote install scripts (curl | bash) over SSH and installing system-wide dependencies (Python, Node, ffmpeg, etc.) which modify system files and likely require root/sudo access, thereby changing the host's state.