superpowers-lab
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [Command Execution] (LOW): The
tmux-wrapper.shscript facilitates the execution of arbitrary interactive commands and keystrokes. While this is the skill's primary purpose, it provides a high-privilege interaction channel with the host system. - [Indirect Prompt Injection] (LOW): The skill is susceptible to indirect prompt injection from data ingested via terminal panes.
- Ingestion points:
skills/using-tmux-for-interactive-commands/tmux-wrapper.shusestmux capture-paneto feed terminal content back to the agent. - Boundary markers: Output is prefixed with a simple header but lacks robust delimiters or safety instructions.
- Capability inventory: The skill allows full terminal session control, including command execution and keystroke injection.
- Sanitization: No sanitization is performed on the captured terminal content.
Audit Metadata