oh-my-hermes-workflow
Fail
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill instructs users to install software by piping a remote script directly into the shell using
curl -fsSL https://raw.githubusercontent.com/salomondiei08/oh-my-hermes/main/install.sh | bash. This is a critical security risk as it allows the remote source to execute arbitrary commands with the user's privileges. - [COMMAND_EXECUTION]: The skill relies on executing several bash scripts downloaded from an external repository, including
bootstrap.shandverify.sh. Additionally, it configures automated tasks using cron jobs in~/.hermes/cron.d/, which creates a persistence mechanism for executing potentially malicious scripts on a recurring schedule. - [EXTERNAL_DOWNLOADS]: The skill clones and downloads resources from a third-party GitHub repository (
salomondiei08/oh-my-hermes) that does not belong to the skill's stated author or a recognized service provider. This increases the risk of supply chain attacks. - [COMMAND_EXECUTION]: The skill provides instructions for managing system services via
systemctl restart hermes, which may lead to unauthorized privilege escalation if the environment is not properly restricted.
Recommendations
- HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/salomondiei08/oh-my-hermes/main/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata