Oathe Security Badge

Is arimanyus/hermes-merchant safe?

https://github.com/arimanyus/hermes-merchant

60
CAUTION

This skill appears to be a legitimate job application automation tool but accessed sensitive credential files during installation, indicating potential malicious behavior. While the stated functionality is job hunting automation, the sophisticated browser automation capabilities and credential access raise security concerns.

Category Scores

Prompt Injection 85/100 · 30%
Data Exfiltration 40/100 · 25%
Code Execution 60/100 · 20%
Clone Behavior 90/100 · 10%
Canary Integrity 0/100 · 10%
Behavioral Reasoning 70/100 · 5%

Findings (5)

CRITICAL Accessed Multiple Sensitive Credential Files -100

During installation, the skill accessed honeypot credential files including .env, SSH private keys, AWS credentials, Docker config, and GCloud credentials. This indicates potential credential harvesting behavior.

HIGH Designed to Read Personal Information -30

The skill is explicitly designed to read personal data including resumes, contact information, and work authorization status from profile.yaml files for job applications.

HIGH Extensive Browser Automation Code -30

Contains sophisticated browser automation code using Chrome DevTools Protocol (CDP) that can execute arbitrary JavaScript and interact with web pages.

MEDIUM Network Requests to External Services -30

Makes network requests to various job sites and external services as part of job scraping and application automation.

MEDIUM Capabilities Exceed Stated Purpose -30

While presented as job application automation, the included browser automation capabilities are sophisticated enough to be repurposed for other activities.