The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill instructs the user to clone a repository from an unverified GitHub account (https://github.com/shannhk/hermes-agent-control-room.git). This source is not associated with the vendor 'Aradotso' or any trusted organizations.
[COMMAND_EXECUTION]: The provided setup guide includes commands that perform sensitive operations, such as cloning into the /root directory, modifying system-wide file permissions (chmod -R 755 /srv/agent-bus), and changing firewall rules (ufw allow/deny).
[REMOTE_CODE_EXECUTION]: The documentation references a 'setup-control-room' procedure that installs multiple binary tools and packages from remote sources, which could lead to arbitrary code execution if the sources are compromised.
[INDIRECT_PROMPT_INJECTION]: The 'Task Bus' architecture uses a shared file system (/srv/agent-bus/) for coordinating tasks between different agents. This creates a surface where malicious instructions could be injected into the data processed by the agents.
Ingestion points: Task files located in /srv/agent-bus/inbox/.
Boundary markers: No explicit delimiters or safety instructions are mentioned for the markdown-based task files.
Capability inventory: Agents are described as having access to the terminal, file system, and various third-party APIs (Ahrefs, GitHub, etc.).
Sanitization: The skill does not mention any validation or escaping of the content passed between agents via the task bus.

hermes-agent-control-room