dmux-workflows
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTIONNO_CODE
Full Analysis
- [EXTERNAL_DOWNLOADS]: Recommends the installation of the dmux utility via the npm registry to enable tmux-based pane management.
- [COMMAND_EXECUTION]: Includes example commands for local script execution (node scripts/orchestrate-worktrees.js) and git operations to manage parallel agent environments.
- [PROMPT_INJECTION]: Describes patterns for indirect prompt injection surfaces where output from one agent session is ingested by another. 1. Ingestion points: Shared output files such as /tmp/rate-limit-research.md and worker task files in .orchestration/. 2. Boundary markers: The provided templates do not specify delimiters or instructions to ignore embedded commands in shared data. 3. Capability inventory: The orchestration patterns involve package management (npm), shell execution (bash), and file system operations. 4. Sanitization: No explicit sanitization or validation of inter-agent communication is defined in the documentation.
- [NO_CODE]: No executable scripts or binary files are distributed with the skill; it provides workflow documentation and command templates.
Audit Metadata