tmux
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides scripts and instructions to send arbitrary keystrokes and shell commands to tmux terminal panes.
- [PROMPT_INJECTION]: The skill exposes an indirect prompt injection surface by capturing and acting upon data from terminal sessions. • Ingestion points: The
scripts/wait-for-text.shscript captures terminal pane history viatmux capture-panefor pattern matching. • Capability inventory: The agent usestmux send-keysthroughout the skill to execute commands and provide input to processes. • Boundary markers: Terminal output is not isolated or wrapped in delimiters, increasing the risk of the agent interpreting data as instructions. • Sanitization: The skill does not sanitize terminal output before processing it, allowing malicious text within a session to potentially influence agent behavior.
Audit Metadata