Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

overthinkos/hermes-full

Name: hermes-full
Author: overthinkos

ov-hermes/skills/hermes-full-layer/SKILL.md

npx skillsauth add overthinkos/overthink-plugins hermes-full

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

Layer: hermes-full

Metalayer composing Hermes AI agent with a complete tool suite for standalone deployment. No browser included — use with selkies-desktop via cross-container env_provides: BROWSER_CDP_URL for shared browser automation.

Composition

layers:
  - hermes          # AI agent with browser tools, MCP, LLM auto-config
  - claude-code     # Anthropic Claude Code CLI
  - codex           # OpenAI Codex CLI
  - gemini          # Google Gemini CLI
  - dev-tools       # bat, ripgrep, neovim, gh, direnv, fd-find, htop, etc.
  - devops-tools    # AWS CLI, Scaleway, kubectx, OpenTofu, wrangler, jq, rsync
  - ov              # Overthink CLI for in-container management
  - tmux            # Terminal multiplexer for persistent sessions

Browser Integration

The hermes layer declares env_accepts: BROWSER_CDP_URL. When deployed alongside a selkies-desktop container, the chrome layer's env_provides injects BROWSER_CDP_URL=http://ov-selkies-desktop:9222 into the hermes quadlet via ov config --update-all. Hermes browser tools (browser_navigate, browser_click, browser_snapshot) then control the desktop Chrome across the container network.

Without a browser provider, hermes browser tools fall back to local headless mode (requires hermes-playwright layer) or are unavailable.

Usage

# image.yml
hermes:
  base: fedora
  layers:
    - agent-forwarding
    - hermes-full
    - dbus

Related Layers

/ov-hermes:hermes — Core Hermes agent (LLM providers, MCP, browser dispatch)
/ov-coder:claude-code — Anthropic Claude Code CLI
/ov-coder:codex — OpenAI Codex CLI
/ov-coder:gemini — Google Gemini CLI
/ov-coder:dev-tools — Developer CLI utilities
/ov-coder:devops-tools — Cloud and infrastructure tools
/ov-foundation:ov — Overthink CLI binary
/ov-foundation:tmux — Terminal multiplexer for persistent sessions (ov tmux commands)
/ov-selkies:chrome — Provides BROWSER_CDP_URL (cross-container, from selkies-desktop)
/ov-selkies:chrome-devtools-mcp — Chrome DevTools MCP server (auto-discovered via mcp_provides, 29 tools)
/ov-jupyter:jupyter-mcp — JupyterLab CRDT MCP server (auto-discovered via mcp_provides, 11 tools post-2026-05-06: notebook_/cell_ + notebook_list_users + room_list; auto-attach single-room invariant)
/ov-build:mcp — host-side MCP client (ov eval mcp ping|list-tools|call|...) to verify either of the above is alive and exposing the expected tool catalog before hermes tries to invoke them

Related Images

/ov-hermes:hermes — Standalone full-featured hermes image
/ov-hermes:hermes-playwright — Hermes with local Playwright Chromium

When to Use This Skill

Use when working with the hermes-full metalayer, full-featured standalone hermes deployments, or the composition of hermes with AI CLIs and developer tools.

/ov-build:layer — layer authoring reference (layer.yml schema, task verbs, service declarations)
/ov-build:eval — declarative testing (eval: block, ov eval image, ov eval live)

overthinkos/hermes-full

ov-hermes/skills/hermes-full-layer/SKILL.md

Hermes agent with AI CLIs (Claude Code, Codex, Gemini), developer tools, DevOps tools, and ov. Use when working with the hermes-full metalayer or full-featured standalone hermes deployments.

tools

Updated May 10, 2026

$ install --global

skillsauth

npx skillsauth add overthinkos/overthink-plugins hermes-full

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: May 10, 2026, 5:35 AM152.3s1 file scanned

SKILL.md

name:: hermes-full
description:: |

Layer: hermes-full

Composition

layers:
  - hermes          # AI agent with browser tools, MCP, LLM auto-config
  - claude-code     # Anthropic Claude Code CLI
  - codex           # OpenAI Codex CLI
  - gemini          # Google Gemini CLI
  - dev-tools       # bat, ripgrep, neovim, gh, direnv, fd-find, htop, etc.
  - devops-tools    # AWS CLI, Scaleway, kubectx, OpenTofu, wrangler, jq, rsync
  - ov              # Overthink CLI for in-container management
  - tmux            # Terminal multiplexer for persistent sessions

Browser Integration

Without a browser provider, hermes browser tools fall back to local headless mode (requires hermes-playwright layer) or are unavailable.

Usage

# image.yml
hermes:
  base: fedora
  layers:
    - agent-forwarding
    - hermes-full
    - dbus

Related Layers

/ov-hermes:hermes — Core Hermes agent (LLM providers, MCP, browser dispatch)
/ov-coder:claude-code — Anthropic Claude Code CLI
/ov-coder:codex — OpenAI Codex CLI
/ov-coder:gemini — Google Gemini CLI
/ov-coder:dev-tools — Developer CLI utilities
/ov-coder:devops-tools — Cloud and infrastructure tools
/ov-foundation:ov — Overthink CLI binary
/ov-foundation:tmux — Terminal multiplexer for persistent sessions (ov tmux commands)
/ov-selkies:chrome — Provides BROWSER_CDP_URL (cross-container, from selkies-desktop)
/ov-selkies:chrome-devtools-mcp — Chrome DevTools MCP server (auto-discovered via mcp_provides, 29 tools)
/ov-jupyter:jupyter-mcp — JupyterLab CRDT MCP server (auto-discovered via mcp_provides, 11 tools post-2026-05-06: notebook_/cell_ + notebook_list_users + room_list; auto-attach single-room invariant)
/ov-build:mcp — host-side MCP client (ov eval mcp ping|list-tools|call|...) to verify either of the above is alive and exposing the expected tool catalog before hermes tries to invoke them

Related Images

/ov-hermes:hermes — Standalone full-featured hermes image
/ov-hermes:hermes-playwright — Hermes with local Playwright Chromium

When to Use This Skill

Use when working with the hermes-full metalayer, full-featured standalone hermes deployments, or the composition of hermes with AI CLIs and developer tools.

/ov-build:layer — layer authoring reference (layer.yml schema, task verbs, service declarations)
/ov-build:eval — declarative testing (eval: block, ov eval image, ov eval live)

Related Skills

overthinkos/charly

tools

VerifiedTrustedCommunity

OpenCharly CLI (charly) binary installed into container/VM images for in-container use. Use when working with charly binary deployment inside containers, native D-Bus support, or the full charly toolchain (charly binary + virtualization + gocryptfs + socat).

SKILL.mdUpdated Jun 10, 2026

overthinkos/charly-cachyos

development

VerifiedTrustedCommunity

Operator CachyOS workstation profile — a kind:local template + target:local deploy that installs the full dev stack (30 candies) onto a CachyOS host via ShellExecutor. Lives in the overthinkos/cachyos submodule. MUST be invoked before editing or applying the charly-cachyos workstation profile.

SKILL.mdUpdated Jun 10, 2026

overthinkos/charly-cachyos

overthinkos/charly-fedora

tools

VerifiedTrustedCommunity

Fedora box with the full charly toolchain using shared candies. Rootless-first — runs as uid=1000 with passwordless sudo (no root, no cap_add: ALL). Same candy list as charly-arch. Includes NVIDIA GPU runtime. MUST be invoked before building, deploying, configuring, or troubleshooting the charly-fedora box.

SKILL.mdUpdated Jun 10, 2026

overthinkos/charly-fedora

overthinkos/charly-arch

tools

VerifiedTrustedCommunity

Arch Linux box with the full charly toolchain. Rootless-first — runs as uid=1000 with passwordless sudo (no root, no cap_add: ALL). Composes /charly-coder:charly-mcp so the box is reachable as an MCP gateway on port 18765. NVIDIA GPU runtime composed in. MUST be invoked before building, deploying, configuring, or troubleshooting the charly-arch box.

SKILL.mdUpdated Jun 10, 2026

overthinkos/charly-arch

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/overthinkos/overthink-plugins.git

# Copy into Claude Code skills folder (global)
cp -r overthink-plugins/ov-hermes/skills/hermes-full-layer ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

overthinkos/overthink-plugins

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT