wterm-web-terminal
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The terminal emulator processes untrusted data streams from a WebSocket PTY backend. This is an ingestion surface for indirect prompt injection, where malicious output from the terminal could attempt to influence the agent's behavior or decision-making.
- Ingestion points: Data stream from external WebSocket PTY server specified in the
wsUrlparameter inSKILL.md. - Boundary markers: None identified; output from the terminal is typically processed as raw stream data.
- Capability inventory: The skill is designed to interact with shells (bash, etc.) via PTY backends, granting it potential access to file system operations and system commands.
- Sanitization: Uses a Zig-compiled WASM core for near-native VT100/VT220/xterm sequence parsing.
Audit Metadata