The Agent Skills Directory

[COMMAND_EXECUTION]: The skill makes extensive use of the tmux command to interact with the system shell. Specifically, it uses tmux send-keys to execute arbitrary commands within terminal panes. This is a high-privilege capability that allows the agent to run potentially dangerous shell commands on the user's behalf.
[DATA_EXFILTRATION]: The skill uses tmux capture-pane to read terminal output history. While intended for error detection and status reporting, this capability could lead to the exposure of sensitive data (such as API keys, environment variables, or private logs) that might be printed to the console by running services.
[PROMPT_INJECTION]: The skill exhibits an Indirect Prompt Injection surface (Category 8). 1. Ingestion points: The agent ingests untrusted data from the terminal via tmux capture-pane in SKILL.md. 2. Boundary markers: No explicit delimiters or instructions are provided to distinguish between the captured output and legitimate agent instructions. 3. Capability inventory: The skill has the ability to execute shell commands (tmux send-keys) and manage system resources (tmux new-window). 4. Sanitization: No sanitization or validation logic is present to filter or escape content from the captured process output before it is processed by the agent.

tmux-aware