Skills
skills/nousresearch/hermes-agent/github-auth/Gen Agent Trust Hub

github-auth

Warn

Audited by Gen Agent Trust Hub on Apr 27, 2026

Risk Level: MEDIUMCREDENTIALS_UNSAFEDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The skill recommends practices that result in the storage of sensitive Personal Access Tokens (PATs) in plaintext on the local filesystem.
  • Evidence: Recommends git config --global credential.helper store, which saves credentials to ~/.git-credentials without encryption.
  • Evidence: Recommends embedding the token directly in the remote URL via git remote set-url origin https://<username>:<token>@github.com/..., which stores the secret in the repository's .git/config file and may leak it into shell history.
  • [DATA_EXFILTRATION]: The skill and its associated scripts programmatically access sensitive file paths containing authentication secrets.
  • Evidence: Accesses ~/.git-credentials to extract tokens using grep and sed in SKILL.md and scripts/gh-env.sh.
  • Evidence: Accesses .env files (specifically ~/.hermes/.env) to read GITHUB_TOKEN values.
  • Evidence: Performs read operations on SSH private key paths (e.g., ls -la ~/.ssh/id_*.pub).
  • [COMMAND_EXECUTION]: Uses shell pipelines to parse and extract authentication tokens from files, which can be brittle and involves processing sensitive data through multiple subprocesses.
  • Evidence: grep "github.com" ~/.git-credentials | head -1 | sed 's|https://[^:]*:\([^@]*\)@.*|\1|' used to programmatically retrieve stored tokens.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 27, 2026, 07:07 AM