interminai
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides extensive capabilities to start, control, and monitor terminal processes via a local Unix socket. It allows for the execution of arbitrary commands, sending keyboard input (including raw escape sequences), and resizing the pseudo-terminal (PTY) environment.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it processes and presents output from external applications that may contain instructions designed to manipulate the agent.
- Ingestion points: Raw terminal output is read from the process PTY and returned to the agent via the
outputandwaitcommands in SKILL.md and reference.md. - Boundary markers: Terminal output is provided without explicit delimiters or instructional wrappers to distinguish application data from agent instructions.
- Capability inventory: The skill possesses broad command execution and terminal control capabilities through its core scripts.
- Sanitization: No sanitization is performed on the terminal output to filter out or neutralize potential natural language instructions embedded in the data stream.
Audit Metadata