Skills
skills/gyumaruya/agent_self_reborn/reload/Gen Agent Trust Hub

reload

Warn

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses tmux send-keys to programmatically inject and execute commands in terminal panes, including directory changes and process execution.
  • [COMMAND_EXECUTION]: It performs process management by identifying PIDs through pgrep and tmux display-message, then terminating them using kill and kill -9.
  • [REMOTE_CODE_EXECUTION]: The skill dynamically creates a shell script in /tmp using mktemp and executes it in a new tmux window. This pattern of generating and then executing a script at runtime is a significant security vector.
  • [PROMPT_INJECTION]: It implements a handoff mechanism where instructions are written to .claude/self-reborn/handoff.md. Upon restart, the agent is directed to read this file and follow the 'Next Steps' defined within it, which could be exploited to persist malicious instructions across session boundaries.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 10, 2026, 04:52 AM