tmux
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill facilitates the execution of shell commands in isolated terminal sessions using 'tmux send-keys' via the Bash tool.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection.
- Ingestion points: Untrusted data enters the agent context through 'tmux capture-pane' commands which read the output of background processes in SKILL.md.
- Boundary markers: The instructions do not define delimiters or provide warnings to disregard instructions within the captured terminal output.
- Capability inventory: The skill uses the Bash tool to create windows, send commands, and read pane history.
- Sanitization: There is no logic provided to sanitize or filter the captured output before it is processed by the agent.
Audit Metadata