tuistory
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION] (HIGH): The 'tuistory launch ' function allows the agent to execute arbitrary shell commands on the host system. This can be used to run malicious binaries or scripts.\n- [INDIRECT_PROMPT_INJECTION] (HIGH): The skill ingests untrusted data from the terminal buffer using the 'snapshot' and 'wait' commands. There are no boundary markers or sanitization processes. If the application being automated (e.g., a web scraper or chat interface) displays malicious instructions, the agent may follow them.\n- [EXTERNAL_DOWNLOADS] (MEDIUM): The documentation instructs the user to install the 'tuistory' package globally from npm or bun. This package is from an unverifiable source and is not on the trusted repositories list.\n- [DATA_EXPOSURE] (MEDIUM): The 'snapshot' command captures all text displayed in the terminal. This can lead to the accidental exposure of sensitive information, such as API keys, session tokens, or private data that might be rendered by the TUI.
Recommendations
- AI detected serious security threats
Audit Metadata