hermes-attestation-guardian
Enables runtime security attestation and drift detection for Hermes infrastructure, ensuring integrity and trust in deployments.
Install this skill
Security score
The hermes-attestation-guardian skill was audited on Jun 11, 2026 and we found 11 security issues across 3 threat categories. Review the findings below before installing.
Categories Tested
Security Issues
Template literal with variable interpolation in command context
| 30 | ```bash |
Access to hidden dotfiles in home directory
| 116 | # Generate attestation (default output: ~/.hermes/security/attestations/current.json) |
Access to hidden dotfiles in home directory
| 121 | --policy ~/.hermes/security/attestation-policy.json \ |
Access to hidden dotfiles in home directory
| 126 | node scripts/verify_attestation.mjs --input ~/.hermes/security/attestations/current.json |
Access to hidden dotfiles in home directory
| 130 | --input ~/.hermes/security/attestations/current.json \ |
Access to hidden dotfiles in home directory
| 131 | --baseline ~/.hermes/security/attestations/baseline.json \ |
Access to hidden dotfiles in home directory
| 137 | --input ~/.hermes/security/attestations/current.json \ |
Access to hidden dotfiles in home directory
| 138 | --signature ~/.hermes/security/attestations/current.json.sig \ |
Access to hidden dotfiles in home directory
| 139 | --public-key ~/.hermes/security/keys/attestation-public.pem |
Access to hidden dotfiles in home directory
| 233 | - Default output root is `~/.hermes/security/attestations/`. |
External URL reference
| 5 | homepage: https://clawsec.prompt.security |