Skills
skills/yousufjoyian/claude-skills/using-tmux-for-interactive-commands/Gen Agent Trust Hub

using-tmux-for-interactive-commands

Pass

Audited by Gen Agent Trust Hub on Feb 19, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION] (LOW): The skill is vulnerable to Indirect Prompt Injection (Category 8) due to the way it processes terminal output.
  • Ingestion points: Untrusted data enters the agent's context through the capture command in tmux-wrapper.sh, which uses tmux capture-pane -t "$SESSION_NAME" -p to read the terminal state.
  • Boundary markers: The script uses a simple separator (---), but lacks explicit instructions or system-level delimiters to warn the agent that the following content is data and should not be interpreted as commands.
  • Capability inventory: The skill possesses significant capabilities, including the ability to start arbitrary subprocesses via tmux new-session and send input via tmux send-keys.
  • Sanitization: No sanitization, escaping, or validation is performed on the output captured from the terminal before it is presented to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 19, 2026, 08:30 PM