hermes-dispatch

Pass

Audited by Gen Agent Trust Hub on Jul 6, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes a local Python script, tools/hermes_watch.py, to monitor task status in the background. This script is part of the skill package and is executed to provide real-time updates without blocking the main agent session.
  • [DATA_EXPOSURE]: The skill accesses a local configuration file at ~/.hermes/.env to retrieve the HERMES_MCP_TOKEN. This is a standard and recommended practice for managing sensitive credentials securely on the local filesystem rather than hardcoding them or passing them in cleartext prompts.
  • [EXTERNAL_DOWNLOADS]: The hermes_watch.py script performs network requests to a user-defined HERMES_MCP_URL using standard Python libraries. This network activity is restricted to communication with the configured bridge for the purpose of checking task status and retrieving results.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes data from an external source (the Hermes bridge). It effectively mitigates potential injection risks by implementing an 'Evidence Tier' framework and an 'Oracle' verification loop, ensuring that claims made by the external worker are verified against raw tool evidence before being accepted.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 6, 2026, 07:02 PM