terminal-session
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides instructions for using
tmux send-keysto execute arbitrary commands and interact with terminal-based programs. - [DATA_EXFILTRATION]: The skill uses
tmux capture-paneto read the contents of terminal windows, which may contain sensitive information from logs, processes, or remote sessions. - [PROMPT_INJECTION]: The skill establishes an indirect prompt injection surface by reading output from external processes that could contain malicious instructions.
- Ingestion points: Terminal output captured via
tmux capture-panethroughoutSKILL.md. - Boundary markers: Absent.
- Capability inventory: Unrestricted shell access and input injection via
tmux send-keysand theexectool. - Sanitization: No sanitization or validation of the captured terminal output is performed.
Audit Metadata