Skills
skills/nousresearch/hermes-agent/neuroskill-bci/Gen Agent Trust Hub

neuroskill-bci

Pass

Audited by Gen Agent Trust Hub on Apr 4, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes the npx neuroskill command to communicate with a locally running NeuroSkill server. This interaction is used to retrieve biometric snapshots, stream live events, and manage historical neural data.
  • [EXTERNAL_DOWNLOADS]: The skill depends on the neuroskill package from the npm registry, which is the official tool for this integration. The documentation links to legitimate research and open-source project repositories associated with the author context.
  • [DATA_EXFILTRATION]: Analysis of the API and documentation shows that biometric data (EEG, PPG, HRV) and user-defined labels are stored in a local SQLite database (~/.skill/). No patterns of sending this sensitive data to external servers were identified.
  • [SAFE]: The skill demonstrates best practices by explicitly mentioning that the data remains local and by providing clear instructions for secure metric interpretation without external cloud dependencies.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 4, 2026, 05:50 PM