terminal-title
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (LOW): The skill executes a local bash script (
scripts/set_title.sh) to update the terminal window title. This is the core functionality and is used as intended.\n- PROMPT_INJECTION (LOW): The skill processes user-provided task descriptions to generate terminal titles, creating a potential indirect injection surface.\n - Ingestion points: Task summaries derived from user prompts in
SKILL.md.\n - Boundary markers: Absent in the script execution call.\n
- Capability inventory: Execution of a local shell script and writing to a specific file in the home directory (
~/.claude/terminal_title).\n - Sanitization: The
set_title.shscript mitigates risk by removing all control characters (including the ESC character\033) usingtr -d '\000-\037'and truncating input to 80 characters, preventing terminal escape sequence injection.\n- DATA_EXPOSURE (LOW): The script reads the current directory name and home directory path. This data is used locally to format the terminal title and manage state. No data is transmitted externally.
Audit Metadata