tmux
Pass
Audited by Gen Agent Trust Hub on Apr 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill facilitates the execution of arbitrary commands in terminal panes through
tmux send-keysand thebin/send-tmuxscript. This is the core functionality intended for managing shell environments. - [DATA_EXFILTRATION]: The skill includes functionality to capture and read the output of tmux panes using
bin/read-tmux. While this grants the agent access to potentially sensitive information displayed in a terminal, no evidence was found of instructions to exfiltrate this data to external systems. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads untrusted content from terminal panes.
- Ingestion points: Pane output read via
bin/read-tmux. - Boundary markers: Absent; output is passed to the agent without explicit delimiters.
- Capability inventory: Sending keys (
bin/send-tmux), managing panes, and session control. - Sanitization: Output is capped but not sanitized for instruction-like content.
Audit Metadata