hermes-agent
Warn
Audited by Snyk on May 10, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The skill documentation explicitly describes fetching and ingesting public third-party content—e.g., web_search/web_extract and browser_navigate in references/features/tools.md and the web backend settings in references/configuration/configuration.md, plus installing/reading community skills from registries like skills-sh, well-known URLs and GitHub in references/features/skills.md—which the agent is expected to read and can materially influence its tool use and actions.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The docs include a one-line installer that directly fetches and executes remote code at runtime (curl -fsSL https://raw.githubusercontent.com/NousResearch/hermes-agent/main/scripts/install.sh | bash), which is a high-risk remote-execution dependency.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata