Skills
skills/ar9av/obsidian-wiki/hermes-history-ingest/Gen Agent Trust Hub

hermes-history-ingest

Pass

Audited by Gen Agent Trust Hub on May 7, 2026

Risk Level: SAFE
Full Analysis
  • [DATA_EXFILTRATION]: The skill instructions direct the agent to read local configuration files (.env) and the Hermes data directory (~/.hermes/) to identify and process historical session data. This access is necessary for the skill's primary purpose. The skill includes a 'Critical privacy filter' requiring the agent to remove API keys, tokens, and passwords from any ingested content before writing it to the wiki.
  • [PROMPT_INJECTION]: The skill processes external data sources (Hermes session logs and memories) which could contain untrusted instructions.
  • Ingestion points: File reading from ~/.hermes/memories/ and ~/.hermes/sessions/**/*.jsonl as described in Step 1-3 of SKILL.md.
  • Boundary markers: No explicit boundary markers are used in the prompt templates to distinguish ingested content.
  • Capability inventory: The agent uses file system tools to read from history paths and write to the Obsidian vault. No network access or shell execution tools are invoked.
  • Sanitization: The instructions explicitly mandate summarization rather than verbatim quoting and require the redaction of sensitive identifiers and credentials, which mitigates the risk of indirect prompt injection.
Audit Metadata
Risk Level
SAFE
Analyzed
May 7, 2026, 02:36 AM