Feature
Skill Marketplace — Install Skills in Seconds
Quick answer
The Hermes skill marketplace lets you browse, install, and share community skills with one command — `hermes skills install owner/skills/name`, which runs a security scan first. You can publish your own skills and get version-controlled updates, turning one person's workflow into everyone's.
Key Points
- ✓Browse community-built skills
- ✓One-command install
- ✓Publish your own skills
- ✓Version-controlled updates
- ✓Skill ratings and reviews
- ✓Free and paid skills
How It Works
- 1Browse skills at the marketplace
- 2Install with a single command
- 3Skill auto-configures in ~/.hermes/skills/
- 4Publish your own skills to share or sell
Real-World Use Cases
MLOps Workflow Skills
Install the axolotl skill for fine-tuning Llama models, the eval-suite skill for benchmark runs, or the model-registry skill for version tracking. Complex ML workflows become single slash commands without reinventing the playbook each time.
Team Knowledge Bases as Skills
Package your team's deployment runbook, incident response procedure, or onboarding checklist as a skill. Publish to a private GitHub repo or team ClawHub organization. Every team member's Hermes gets the same playbook with one install command.
API Integration Skills
Community skills cover popular APIs — Stripe, Notion, Linear, GitHub, Jira. Install a pre-built integration skill and Hermes knows how to authenticate, call the right endpoints, and handle errors — without you writing a single line of tool definition YAML.
Domain Expert Skills
Install skills from domain experts: a security researcher's pentest methodology, a data scientist's EDA workflow, a DevOps engineer's Kubernetes debugging playbook. Expertise encoded and transferable in a single file.
Under the Hood
The Skills Hub supports five source types: Official (optional bundled skills from the Hermes repo, full trust), skills.sh (Vercel's public directory), Well-known (URL-based discovery via /.well-known/skills/index.json), GitHub (direct repo/path installs with format org/repo/path), and ClawHub (the dedicated Hermes marketplace at clawhub.ai). Each source has a trust level that determines whether skills are auto-installed or require security scan confirmation.
Security is built into the install flow. Every skill from external sources is scanned for malicious patterns before installation: command injection in SKILL.md procedures, exfiltration attempts in tool definitions, credential harvesting in environment variable prompts. Suspicious skills land in ~/.hermes/skills/.hub/quarantine/ with an explanation. The audit log tracks install/uninstall history so you can trace when a skill was added and by what command.
Skills are versioned, and hermes skills check compares installed versions against the source for updates. The format is the agentskills.io open standard — a SKILL.md with YAML frontmatter for metadata plus Markdown body for the procedure. This means skills created for Hermes work in any agentskills-compatible agent, and skills built for other compatible agents install in Hermes. The ecosystem is not Hermes-proprietary; your skill investment is portable.
Frequently asked questions
How do I install a skill from the marketplace?
Run `hermes skills install owner/skills/name` (discover with `hermes skills browse` or `search`). Installation runs a security scan first because skills are executable code.
Can I publish my own skills?
Yes. The marketplace is contribution-driven — share custom Python skills so others can browse and install them, with version-controlled updates.
Are community skills safe?
Install runs a security scan, but skills execute on your machine, so review the source before granting tool access. Treat them like any third-party code you run.