tmux-control
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses standard tmux commands such as
send-keys,new-window, andsplit-windowto interact with shell environments. These capabilities are consistent with the skill's stated purpose of providing programmatic tmux control. - [PROMPT_INJECTION]: The skill processes output from terminal panes, which constitutes a surface for indirect prompt injection. This is inherent to the skill's primary function of terminal interaction and is mitigated by the recommended use of unique markers.
- Ingestion points: Terminal output is ingested via
tmux capture-paneand thetmux-watch.shpolling script. - Boundary markers: The
tmux-run.shscript utilizes unique markers and synchronization channels to help identify command output boundaries. - Capability inventory: The skill provides a comprehensive set of tools for managing tmux sessions and executing commands.
- Sanitization: Captured output is not explicitly sanitized by the skill's internal logic, relying on the agent's interpretation of the terminal buffer.
Audit Metadata