The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The installation instructions direct the user to clone the plugin source code from an external repository located at https://github.com/stainlu/hermes-labyrinth.git.
[COMMAND_EXECUTION]: The skill provides instructions for several shell commands, including git clone for installation, npm run build for compiling assets, and curl for interacting with the local Hermes dashboard API.
[PROMPT_INJECTION]: The skill processes untrusted data from agent crossings (including prompts, tool calls, and results), which serves as an attack surface for indirect prompt injection.
Ingestion points: Reads agent journey history and message logs from the local Hermes state.db and session files.
Boundary markers: The skill includes documentation regarding built-in secret redaction for its reports and previews.
Capability inventory: The plugin is described as read-only, focusing on visualization and reporting; no evidence was found of log data being used to trigger subsequent tool execution or shell commands.
Sanitization: Redaction is applied to sensitive data fields before they are rendered in the dashboard or exported in reports.

hermes-labyrinth-observability