tmux
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill uses the
tmuxbinary for session management and sending keystrokes, which is standard and necessary for its intended purpose. - PROMPT_INJECTION (LOW): The skill exhibits an indirect prompt injection surface by design. 1. Ingestion points: Untrusted data enters the context via
tmux capture-paneinSKILL.md. 2. Boundary markers: Absent; there are no instructions provided to wrap or delimit captured output to distinguish it from the agent's internal logic. 3. Capability inventory: The agent possesses powerful capabilities throughtmux send-keysinSKILL.md, allowing it to execute arbitrary commands in the terminal. 4. Sanitization: Absent; the skill does not include or suggest any sanitization, filtering, or validation of the terminal output before the agent processes it.
Audit Metadata