tui-clone
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes
tmuxto interact with and analyze other terminal applications. It executes commands to launch sessions (tmux_start), simulate user input (tmux_send), and capture the visual state of the terminal (tmux_capture). This is a legitimate use of command execution for the skill's stated purpose of UI documentation.\n- [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection (Category 8) as it ingests and processes data from external terminal applications.\n - Ingestion points: Terminal screens are captured using
tmux_captureandtmux_capture_ansias described inSKILL.md.\n - Boundary markers: The captured terminal output is enclosed within markdown code blocks in the generated analysis files.\n
- Capability inventory: The skill possesses the capability to launch arbitrary TUI applications, send keystrokes to them, and write captured results to the local filesystem.\n
- Sanitization: The skill does not perform sanitization on the captured terminal content; however, the data is treated as static text for documentation purposes rather than being executed as instructions.\n- [SAFE]: The skill does not perform any network operations, access sensitive system files like SSH keys or credentials, or attempt to persist across sessions via shell profiles. All operations are local and triggered by user-initiated analysis tasks.
Audit Metadata