hermes-attestation-guardian
Enables runtime security attestation and drift detection for Hermes infrastructure, ensuring integrity and trust in deployments.
Install this skill
Security score
The hermes-attestation-guardian skill was audited on May 25, 2026 and we found 11 security issues across 3 threat categories. Review the findings below before installing.
Categories Tested
Security Issues
Template literal with variable interpolation in command context
| 23 | ```bash |
Access to hidden dotfiles in home directory
| 109 | # Generate attestation (default output: ~/.hermes/security/attestations/current.json) |
Access to hidden dotfiles in home directory
| 114 | --policy ~/.hermes/security/attestation-policy.json \ |
Access to hidden dotfiles in home directory
| 119 | node scripts/verify_attestation.mjs --input ~/.hermes/security/attestations/current.json |
Access to hidden dotfiles in home directory
| 123 | --input ~/.hermes/security/attestations/current.json \ |
Access to hidden dotfiles in home directory
| 124 | --baseline ~/.hermes/security/attestations/baseline.json \ |
Access to hidden dotfiles in home directory
| 130 | --input ~/.hermes/security/attestations/current.json \ |
Access to hidden dotfiles in home directory
| 131 | --signature ~/.hermes/security/attestations/current.json.sig \ |
Access to hidden dotfiles in home directory
| 132 | --public-key ~/.hermes/security/keys/attestation-public.pem |
Access to hidden dotfiles in home directory
| 226 | - Default output root is `~/.hermes/security/attestations/`. |
External URL reference
| 5 | homepage: https://clawsec.prompt.security |