tmux
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- SAFE (SAFE): The skill is composed entirely of informational markdown files for agent reference. It does not include any standalone scripts, binaries, or automated installation procedures.
- Indirect Prompt Injection (SAFE): The skill documents standard tmux features such as 'capture-pane' to read terminal history. This capability allows the agent to ingest untrusted data from a terminal environment, which is a common surface for indirect prompt injection; however, this is a necessary feature for terminal management and no malicious instructions were found in the skill's own content. Evidence Chain: 1. Ingestion points: tmux capture-pane (scripting.md). 2. Boundary markers: None specified. 3. Capability inventory: tmux send-keys and run-shell commands. 4. Sanitization: None specified.
- Command Execution (SAFE): The skill guides the agent on how to use standard tmux commands for session, window, and pane management. These operations are within the expected scope of a terminal multiplexer tool.
Audit Metadata