Skills
skills/qverisai/qverisbot/tmux/Socket

tmux

Fail

Audited by Socket on Mar 6, 2026

1 alert found:

Obfuscated File
Obfuscated FileHIGH
SKILL.md

This package/document describes legitimate tmux control patterns used to automate interactive CLI sessions. It does not contain explicit malware constructs (no network callbacks, no hard-coded credentials, no download-and-execute). However, it exposes high-risk capabilities: reading pane output can leak secrets and injecting keystrokes can cause arbitrary command execution in targeted sessions. Use requires strict trust boundaries, input sanitization, explicit confirmation for destructive actions, and operational safeguards when an automated agent is authorized to act.

Confidence: 98%
Audit Metadata
Analyzed At
Mar 6, 2026, 01:24 AM
Package URL
pkg:socket/skills-sh/QVerisAI%2FQVerisBot%2Ftmux%2F@fe5794748cd8df81a85802357f34233531b3efd4