terminal-title
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill executes a local shell script (
scripts/set_title.sh) to update terminal window titles via ANSI escape sequences. The script employs standard shell utilities (echo,tr,printf) and uses double-quoting for variable expansion, effectively mitigating shell injection risks within the script's execution context. - [DATA_EXFILTRATION] (SAFE): File operations are limited to creating a local directory (
~/.claude/) and writing a temporary status file to store the current title. No sensitive credentials or system configuration files are accessed, and there are no network-bound operations. - [PROMPT_INJECTION] (SAFE): The instructions focus on logical task switching and title formatting. No patterns indicating attempts to bypass model safety filters, extract system prompts, or override core agent behavior were identified.
- [INDIRECT_PROMPT_INJECTION] (LOW):
- Ingestion points: The terminal title is generated from the high-level summary of the user's prompt.
- Boundary markers: The script is invoked via a standard bash call with the title passed as a quoted argument.
- Capability inventory: Script capabilities are restricted to writing to
~/.claude/and sending control sequences to stdout. - Sanitization: The script includes a robust sanitization step that removes control characters (
tr -d '\000-\037') and limits the title length to 80 characters, which prevents common terminal hijacking techniques using malicious escape characters.
Audit Metadata