Skills
skills/mitsuhiko/agent-commands/tmux/Gen Agent Trust Hub

tmux

Fail

Audited by Gen Agent Trust Hub on Feb 12, 2026

Risk Level: HIGHCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis

================================================================================

🔴 VERDICT: HIGH

This skill's core functionality involves executing arbitrary commands within a tmux session via tmux send-keys and capturing terminal output via tmux capture-pane. These capabilities, while intended, grant the agent significant control over the execution environment and access to potentially sensitive information displayed in the terminal. If the agent is compromised (e.g., via prompt injection), these features could be leveraged for malicious command execution or data exfiltration.

Total Findings: 2

🔴 HIGH Findings: • Command Execution

  • SKILL.md: The skill explicitly instructs the agent to use tmux send-keys to inject arbitrary commands (e.g., python3 -q, gdb) into a running shell within a tmux session. This allows the agent to execute any command with its current privileges. • Data Exfiltration
  • SKILL.md: The skill uses tmux capture-pane to read the output of a terminal pane. If sensitive data is displayed in the tmux session, this command can capture it, making it available to the agent for potential exfiltration.

================================================================================

Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 12, 2026, 05:55 PM