Skills
skills/terrylica/cc-skills/terminal-print/Gen Agent Trust Hub

terminal-print

Pass

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to unsafe interpolation of untrusted data in assets/print-terminal.sh during Markdown generation.
  • Ingestion points: Data is ingested from the system clipboard via pbpaste or from local files via cat in assets/print-terminal.sh.
  • Boundary markers: The content is wrapped in triple backticks (```text), but these markers are not escaped, allowing an attacker to escape the code block if the input contains triple backticks.
  • Capability inventory: The skill uses Bash to write to temporary files and executes pandoc, xelatex, and lpr.
  • Sanitization: While ANSI escape codes are stripped using sed, there is no escaping of Markdown or LaTeX special characters, which could lead to LaTeX injection when Pandoc processes the file.
  • [DATA_EXFILTRATION]: The skill reads from the system clipboard and arbitrary user-specified files. This represents a risk of exposing sensitive information (e.g., passwords or tokens recently copied to the clipboard) if the content is printed to a network printer.
  • [COMMAND_EXECUTION]: The skill executes various system commands and utilities, including pandoc for document processing, xelatex for PDF rendering, and lpr for communicating with the network printer.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 28, 2026, 03:55 AM