hermes-marketing-dashboard
Warn
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires cloning a repository from
https://github.com/builderz-labs/marketing-dashboard.git, which is an external source not verified as a trusted vendor. - [COMMAND_EXECUTION]: The installation process involves executing shell commands such as
pnpm installandpnpm env:bootstrap, which run arbitrary code from the downloaded external repository during the build and setup phases. - [DATA_EXPOSURE]: The dashboard processes external data from CRM leads, outreach messages, and agent configurations (
agent.json). This creates an attack surface for indirect prompt injection where malicious instructions could be embedded in lead metadata or content titles. - Ingestion points: Data enters through API routes (
/api/crm/leads) and local file system reads of agent configurations in theHERMES_OPENCLAW_HOMEdirectory. - Boundary markers: No specific boundary markers or 'ignore' instructions are used when interpolating this data into agent context.
- Capability inventory: The skill utilizes file system access (
readdir,readFile) and database operations viabetter-sqlite3. - Sanitization: While SQL parameterization is used to prevent SQL injection, there is no evidence of sanitization for natural language instructions that could influence agent behavior.
Audit Metadata