tmux
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides the ability to send arbitrary keystrokes and shell commands to a tmux session via the
send-keyscommand. This is the primary intended function of the skill for managing interactive terminal tasks. - [PROMPT_INJECTION]: The skill exposes an attack surface for indirect prompt injection because it reads and processes raw terminal output that could be influenced by untrusted data.
- Ingestion points: Terminal output is ingested using
tmux capture-paneinSKILL.mdand thescripts/wait-for-text.shscript. - Boundary markers: Absent; the skill does not use delimiters to distinguish between command output and potentially malicious instructions embedded in the terminal buffer.
- Capability inventory: The skill possesses capabilities to execute shell commands (
send-keys), list sessions, and terminate servers. - Sanitization: Captured terminal text is processed as raw data without sanitization or instruction-filtering before being returned to the agent context.
Audit Metadata