# Add to your Claude Code skills
git clone https://github.com/fathah/hermes-desktopGuides for using ai agents skills like hermes-desktop.
Last scanned: 6/17/2026
{
"issues": [
{
"type": "npm-audit",
"message": "@babel/core: @babel/core: Arbitrary File Read via sourceMappingURL Comment",
"severity": "low"
},
{
"type": "npm-audit",
"message": "@opentelemetry/core: OpenTelemetry Core: Unbounded memory allocation in W3C Baggage propagation",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@opentelemetry/exporter-logs-otlp-http: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@opentelemetry/otlp-exporter-base: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@opentelemetry/otlp-transformer: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@opentelemetry/resources: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@opentelemetry/sdk-logs: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@opentelemetry/sdk-metrics: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@opentelemetry/sdk-trace-base: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@wesbos/code-icons: Vulnerability found",
"severity": "low"
},
{
"type": "npm-audit",
"message": "@xmldom/xmldom: xmldom: Uncontrolled recursion in XML serialization leads to DoS",
"severity": "high"
},
{
"type": "npm-audit",
"message": "brace-expansion: brace-expansion: Large numeric range defeats documented `max` DoS protection",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "dompurify: DOMPurify: `IN_PLACE` mode trusts attacker-controlled `nodeName` on live non-form nodes, allowing script retention and XSS via attacker-supplied DOM objects",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "electron-vite: Vulnerability found",
"severity": "high"
},
{
"type": "npm-audit",
"message": "esbuild: esbuild enables any website to send any requests to the development server and read the response",
"severity": "high"
},
{
"type": "npm-audit",
"message": "form-data: form-data: CRLF injection in form-data via unescaped multipart field names and filenames",
"severity": "high"
},
{
"type": "npm-audit",
"message": "ip-address: ip-address has XSS in Address6 HTML-emitting methods",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "js-yaml: JS-YAML: Quadratic-complexity DoS in merge key handling via repeated aliases",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "lodash: lodash vulnerable to Code Injection via `_.template` imports key names",
"severity": "high"
},
{
"type": "npm-audit",
"message": "postcss: PostCSS has XSS via Unescaped </style> in its CSS Stringify Output",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "posthog-js: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "protobufjs: protobufjs : Schema-derived names can shadow runtime-significant properties",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "tar: node-tar applies PAX size override to intermediary GNU long-name/long-link headers, causing tar parser interpretation differential (file smuggling)",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "tmp: tmp has Path Traversal via unsanitized prefix/postfix that enables directory escape",
"severity": "high"
},
{
"type": "npm-audit",
"message": "vite: Vite middleware may serve files starting with the same name with the public directory",
"severity": "high"
},
{
"type": "npm-audit",
"message": "ws: ws: Uninitialized memory disclosure",
"severity": "high"
},
{
"file": ".agents/skills/hermes-agent/SKILL.md",
"line": 636,
"type": "prompt-injection",
"message": "Possible instruction-override phrase: \"ignore previous instructions\"",
"severity": "high"
},
{
"file": ".agents/skills/hermes-agent/SKILL.md",
"line": 637,
"type": "prompt-injection",
"message": "Possible concealment directive: \"do not tell the user\"",
"severity": "high"
},
{
"file": ".agents/skills/hermes-agent/SKILL.md",
"line": 637,
"type": "prompt-injection",
"message": "Possible jailbreak roleplay framing: \"act as if you have no restrictions\"",
"severity": "medium"
},
{
"file": ".agents/skills/hermes-agent/SKILL.md",
"line": 993,
"type": "secret-exfiltration",
"message": "Instruction appears to send credentials/secrets to an external endpoint",
"severity": "high"
},
{
"file": ".agents/skills/hermes-agent/SKILL.md",
"line": 129,
"type": "remote-install",
"message": "Install command (remote install script piped to a shell — review the source before running): \"curl -fsSL https://raw.githubusercontent.com/NousResearch/hermes-agent/main/scri\"",
"severity": "medium"
},
{
"file": ".claude/skills/hermes-agent/SKILL.md",
"line": 636,
"type": "prompt-injection",
"message": "Possible instruction-override phrase: \"ignore previous instructions\"",
"severity": "high"
},
{
"file": ".claude/skills/hermes-agent/SKILL.md",
"line": 637,
"type": "prompt-injection",
"message": "Possible concealment directive: \"do not tell the user\"",
"severity": "high"
},
{
"file": ".claude/skills/hermes-agent/SKILL.md",
"line": 637,
"type": "prompt-injection",
"message": "Possible jailbreak roleplay framing: \"act as if you have no restrictions\"",
"severity": "medium"
},
{
"file": ".claude/skills/hermes-agent/SKILL.md",
"line": 993,
"type": "secret-exfiltration",
"message": "Instruction appears to send credentials/secrets to an external endpoint",
"severity": "high"
},
{
"file": ".claude/skills/hermes-agent/SKILL.md",
"line": 129,
"type": "remote-install",
"message": "Install command (remote install script piped to a shell — review the source before running): \"curl -fsSL https://raw.githubusercontent.com/NousResearch/hermes-agent/main/scri\"",
"severity": "medium"
}
],
"status": "WARNING",
"scannedAt": "2026-06-17T09:02:00.499Z",
"npmAuditRan": true,
"pipAuditRan": true,
"promptInjectionRan": true
}hermes-desktop is an open-source ai agents skill for AI coding assistants such as Claude Code, Codex CLI, and ChatGPT, built by fathah. Desktop Companion for Hermes Agent. It has 12,329 GitHub stars.
hermes-desktop returned warnings in SkillsLLM's automated security scan. It has no critical vulnerabilities, but review the flagged issues in the Security Report section before adding it to your workflow.
Clone the repository with "git clone https://github.com/fathah/hermes-desktop" and add it to your Claude Code skills directory (see the Installation section above).
hermes-desktop is primarily written in TypeScript. It is open-source under fathah on GitHub, so you can review or fork the full source.
Yes. SkillsLLM lists many other AI Agents skills you can browse and compare side by side. Open the AI Agents category from the badge at the top of this page, or use the Related Skills and comparison links further down to weigh hermes-desktop against similar tools.
No comments yet. Be the first to share your thoughts!
Requires a passing catalog security scan. Resolve the flagged issues and resubmit to enable featuring.
This project is in active development. Features may change, and some things might break. If you run into a problem or have an idea, open an issue. Contributions are welcome!
Hermes Desktop is a native desktop app for installing, configuring, and chatting with Hermes Agent — a self-improving AI assistant with tool use, multi-platform messaging, and a closed learning loop.
Instead of managing the CLI by hand, the app walks through install, provider setup, and day-to-day usage in one place. It uses the official Hermes install script, stores Hermes in ~/.hermes, and gives you a GUI for chat, sessions, profiles, memory, skills, tools, scheduling, messaging gateways, and more.
Atlas Cloud is a full-modal, OpenAI-compatible AI inference platform (DeepSeek, Qwen, GLM, Kimi, MiniMax, and more). Use it in Hermes Desktop by selecting Atlas Cloud as your provider — the base URL is pre-configured automatically.
Windows users: The installer is not code-signed. Windows SmartScreen will warn on first launch — click "More info" → "Run anyway".
WSL users: If the installer stalls at
Switching to root user to install dependencies..., Playwright is waiting for a sudo password that has no TTY to read from. Grant passwordless sudo for the install, then revert when finished:echo "$USER ALL=(ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/hermes-install # …re-run the installer; once it finishes: sudo rm /etc/sudoers.d/hermes-installTracked in #109.
sudo dnf install ./hermes-desktop-<version>.rpm
Fedora users: The
.rpmis not GPG-signed. If your system enforces signature checking, append--nogpgcheckto the install command. Auto-update is not supported for.rpmbuilds (limitation ofelectron-updater); reinstall the new.rpmto update.
127.0.0.1:8642, or connect the desktop app to a remote Hermes API server with URL + API key/usage slash command/new, /clear, /fast, /web, /image, /browse, /code, /shell, /usage, /help, /tools, /skills, /model, /memory, /persona, /version, /compact, /compress, /undo, /retry, /debug, /status, and moreOn first launch, the app:
~/.hermes; if not, runs the official Hermes installer with dependency resolution (Git, uv, Python 3.11+).In local mode, chat requests go through http://127.0.0.1:8642 with SSE streaming. In remote mode, the app talks to your configured remote URL with the same streaming protocol. The desktop app parses the stream in real time, rendering tool progress, markdown content, and token usage as it arrives.
| Screen | Description |
|---|---|
| Chat | Streaming conversation UI with slash commands, tool progress, and token tracking |
| Sessions | Browse, search, and resume past conversations |