hermes-tweet

Automates X platform interactions like posting, searching, and monitoring tweets using Xquik from Hermes Agent.

Install this skill

80/100

Security score

The hermes-tweet skill was audited on Jun 13, 2026 and we found 4 security issues across 2 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 41

Webhook reference - potential data exfiltration

SourceSKILL.md

41	webhook, extraction job, giveaway draw, or media operation that requires action

medium line 85

Webhook reference - potential data exfiltration

SourceSKILL.md

85	- For posting, deleting, following, DMs, profile changes, monitors, webhooks, extraction jobs, and draws, summarize the action before calling `tweet_action`.

medium line 111

Access to hidden dotfiles in home directory

SourceSKILL.md

111	- Put `XQUIK_API_KEY` in the runtime environment or `~/.hermes/.env`.

medium line 111

Access to .env file

SourceSKILL.md

111	- Put `XQUIK_API_KEY` in the runtime environment or `~/.hermes/.env`.

Scanned on Jun 13, 2026

View Security Dashboard

Installation guide →

GitHub Stars 9

Rate this skill

Categorymarketing

UpdatedJune 15, 2026

hermes frontend docx api testing social-media-manager influencer-marketer content-marketer marketing

Xquik-dev/hermes-tweet