Skills
skills/d0lim/claude-code-spawner-skill/ghostty-spawn/Gen Agent Trust Hub

ghostty-spawn

Pass

Audited by Gen Agent Trust Hub on Feb 25, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local bash script (scripts/spawn.sh) that dynamically generates a temporary wrapper script in /tmp. This wrapper is then used to launch the Claude Code CLI in a new terminal window to maintain session isolation.
  • [COMMAND_EXECUTION]: On macOS, the skill utilizes osascript (AppleScript) to automate iTerm2 and the open command for Ghostty and Terminal.app. On Linux, it interacts with the ghostty CLI using standard system calls.
  • [COMMAND_EXECUTION]: The script includes security checks to verify that a target directory is already trusted by Claude Code (checking for the existence of trust metadata in ~/.claude/projects/) before attempting to spawn a session.
  • [EXTERNAL_DOWNLOADS]: The skill requires the Claude Code CLI and supported terminal emulators to be pre-installed by the user. It does not perform any hidden or unauthorized remote downloads or executions.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 25, 2026, 06:03 PM