hermes-agent

Fail

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The SKILL.md file explicitly instructs users to install the agent via curl -fsSL https://raw.githubusercontent.com/NousResearch/hermes-agent/main/scripts/install.sh | bash. This pattern is highly dangerous as it executes unverified code from a remote source directly with the user's shell privileges. Additionally, the skill includes patterns for generating and executing Python code at runtime to perform configuration updates.
  • [EXTERNAL_DOWNLOADS]: The skill documentation frequently references downloading software and skill packages from external, non-trusted repositories (e.g., git clone for Aegis or the Hermes source) and utilizes various remote messaging platforms.
  • [COMMAND_EXECUTION]: The skill relies heavily on the terminal toolset for complex operations, including managing background processes with tmux, interacting with system supervisors like launchctl and s6-overlay, and configuring persistent cron jobs. It also includes a --yolo flag designed to bypass safety confirmations for potentially dangerous operations.
  • [CREDENTIALS_UNSAFE]: The skill contains detailed procedures for the manual handling and bulk insertion of sensitive API keys and OAuth tokens into configuration files like auth.json and .env. This involves the manipulation of secrets in plain text and the maintenance of large credential pools.
  • [PROMPT_INJECTION]: The skill documentation includes complex routing and indexing instructions that allow for overriding agent behavior through custom trigger mappings and alias resolution, which can be leveraged to alter intended agent logic.
Recommendations
  • HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/NousResearch/hermes-agent/main/scripts/install.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Jun 23, 2026, 01:57 PM
Security Audit — agent-trust-hub — hermes-agent