dmux-workflows
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends the installation of the dmux utility from a third-party repository using 'npm install -g dmux'.
- [COMMAND_EXECUTION]: The orchestration workflow involves executing shell commands to manage tmux sessions and git worktrees, including running a local helper script: 'node scripts/orchestrate-worktrees.js plan.json --execute'.
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection through its processing of 'plan.json' files.
- Ingestion points: Orchestration plans (plan.json) define worker tasks and launcher commands.
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are specified in the provided templates.
- Capability inventory: The system executes launcher commands in parallel tmux panes and manages file system operations via git worktrees.
- Sanitization: The documentation does not specify sanitization or validation routines for the task descriptions or command templates provided in the JSON configuration.
Audit Metadata