Skills
skills/anyoneanderson/agent-skills/cmux-fork/Gen Agent Trust Hub

cmux-fork

Warn

Audited by Gen Agent Trust Hub on Mar 26, 2026

Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the cmux send command to inject and execute shell commands into separate terminal surfaces. This capability allows the agent to start processes in other panes or workspaces, potentially outside the user's immediate focus.
  • [COMMAND_EXECUTION]: The instructions explicitly direct the agent to use the --dangerously-skip-permissions flag as the default mode for forking sessions. This flag is specifically designed to bypass human-in-the-loop (HITL) security prompts for tool execution, significantly increasing the risk of unauthorized or unreviewed tool usage in the forked session.
  • [COMMAND_EXECUTION]: The skill requires broad execution permissions for the cmux CLI (Bash(cmux *)), which provides the agent with the ability to read terminal contents (cmux read-screen) and control any terminal session managed by the cmux socket.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 26, 2026, 10:41 AM