cmux-debug-windows
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes xcodebuild and local bash scripts to manage application debugging and build processes.
- [DATA_EXFILTRATION]: The debug_windows_snapshot.sh script reads macOS defaults values. While intended for cmux application settings, the --domain flag allows the agent to read preferences from any installed application domain, which could expose configuration data.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface.
- Ingestion points: User instructions regarding the --domain parameter in scripts/debug_windows_snapshot.sh.
- Boundary markers: Absent; the script does not distinguish between developer-intended and attacker-supplied domains.
- Capability inventory: Executes shell commands (defaults read) and can copy output to the clipboard (pbcopy).
- Sanitization: Minimal; verifies the domain exists but does not restrict it to a whitelist.
Audit Metadata