polygraph.so
Login
A

hermesone

github/BankrBot/skills#hermesone

litmus-skill-v2 · 2026-06-25

graded at commit 9234164 · 2026-06-23

A static safety grade — a deterministic scan of the skill’s SKILL.md and bundled files. An A means static-clean, not behavioral proof: a skill’s instructions are interpreted by an agent at runtime.

S-01 Prompt-injection / context-poisoningpass
S-03 Data-exfiltration instructionspass
S-04 Dangerous bundled commandspass

no bundled executable scripts

content hash · 0xb7341e612d…3c76

Source · github.com/BankrBot/skills/tree/main/hermesone

Watch for changes

This grade is a snapshot of the skill’s files at one commit. Get an email when a new commit changes hermesone and polygraph re-runs the litmus — one message per change, one-click unsubscribe.

Monitor this skill

Reproduce this grade

The skill litmus is open and deterministic. Point it at the skill directory and compare the grade and content hash — a false grade is falsifiable, not merely disputable.

npx -p @polygraphso/litmus polygraphso-litmus-skill <skill-dir>

Embed this badge

Drop it in the skill’s README, docs, or listing. It always shows the current grade and links back here.

polygraph skill grade A
Markdown — badge
[![polygraph](https://polygraph.so/api/badge/skill?skill=github/BankrBot/skills/hermesone)](https://polygraph.so/skill/github/BankrBot/skills/hermesone)
HTML — badge
<a href="https://polygraph.so/skill/github/BankrBot/skills/hermesone"><img src="https://polygraph.so/api/badge/skill?skill=github/BankrBot/skills/hermesone" alt="polygraph grade"></a>
Markdown — card
[![polygraph](https://polygraph.so/api/badge/skill/card?skill=github/BankrBot/skills/hermesone)](https://polygraph.so/skill/github/BankrBot/skills/hermesone)

Questions

What does the A skill grade mean for hermesone?
It’s a static safety grade(A/B/D/F) from a deterministic scan of the skill’s SKILL.md and bundled files. An A means static-clean — not behavioral proof, since a skill’s instructions are interpreted by an agent at runtime.
What did polygraph check?
Three static checks: S-01 prompt-injection and context-poisoning, S-03 data-exfiltration instructions, and S-04 dangerous bundled commands. The full battery is in the methodology.
How do I reproduce this grade?
Run npx -p @polygraphso/litmus polygraphso-litmus-skill <skill-dir>. The scan is open and deterministic, anchored to the skill’s content hash, so the same directory yields the same grade.