tmux
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill enables the execution of arbitrary shell commands within tmux panes using the
send-keyscommand.\n- [DATA_EXFILTRATION]: The skill captures terminal output viacapture-pane, which may lead to the exposure of sensitive information like environment variables or secrets displayed during the session.\n- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it ingests and processes untrusted terminal data without sanitization or boundary markers.\n - Ingestion points: Terminal content is read using
tmux capture-paneinSKILL.mdandscripts/wait-for-text.sh.\n - Boundary markers: No delimiters or instructions to ignore embedded commands are used when captured text is provided to the agent.\n
- Capability inventory: The skill can execute commands through
tmuxand perform file system operations via its helper scripts.\n - Sanitization: No evidence of filtering or escaping is found for data scraped from the terminal panes.
Audit Metadata