Skills
skills/nousresearch/hermes-agent/spike/Gen Agent Trust Hub

spike

Pass

Audited by Gen Agent Trust Hub on May 17, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill facilitates an indirect prompt injection surface by researching via web_search and web_extract and then building prototypes using write_file and terminal.
  • Ingestion points: Untrusted content from the web is retrieved using web_search and web_extract (SKILL.md).
  • Boundary markers: The instructions do not specify any markers to separate untrusted web data or instructions to ignore commands within that data.
  • Capability inventory: The agent uses terminal for execution and write_file for creating prototype scripts (SKILL.md).
  • Sanitization: There is no evidence of sanitization or validation of external content before use.
  • [COMMAND_EXECUTION]: The skill workflow involves using the terminal tool for filesystem operations and script execution (e.g., mkdir, python3).
Audit Metadata
Risk Level
SAFE
Analyzed
May 17, 2026, 10:14 PM
Security Audit — agent-trust-hub — spike