Skills
skills/aradotso/hermes-skills/hermes-atlas-ecosystem-map/Gen Agent Trust Hub

hermes-atlas-ecosystem-map

Pass

Audited by Gen Agent Trust Hub on May 17, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: Instructions guide the user to execute shell commands for environment setup, including git clone, npm install, and running Node.js scripts for data processing and testing.
  • [EXTERNAL_DOWNLOADS]: The skill downloads the project source code from GitHub and installs dependencies from the NPM registry, which are well-known services for hosting development resources.
  • [PROMPT_INJECTION]: The skill operates a RAG (Retrieval-Augmented Generation) pipeline that ingests external markdown research files and project catalog data. This architecture is vulnerable to indirect prompt injection if malicious instructions are present in the ingested data.
  • Ingestion points: Untrusted data enters the context via files in the research/ directory and the data/repos.json file.
  • Boundary markers: There are no specified delimiters or instructions to ignore embedded commands within the retrieval process.
  • Capability inventory: The associated scripts perform file system operations (write to chunks.json) and network communication with the OpenRouter and GitHub APIs.
  • Sanitization: The skill lacks explicit sanitization or validation logic for the content processed from external sources.
Audit Metadata
Risk Level
SAFE
Analyzed
May 17, 2026, 03:49 PM
Security Audit — agent-trust-hub — hermes-atlas-ecosystem-map