Skills
skills/arthur0824hao/skills/skill-system-tmux/Gen Agent Trust Hub

skill-system-tmux

Pass

Audited by Gen Agent Trust Hub on Apr 11, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes various system commands including tmux, ps, lsof, and kill to manage session lifecycles and resource cleanup as described in SKILL.md.
  • [DATA_EXFILTRATION]: Through the capture-pane operation, the skill can read terminal output. This provides a mechanism for the agent to ingest data displayed within the terminal environment, which may contain sensitive information depending on the task being performed.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface (Category 8).
  • Ingestion points: Terminal output is read into the agent context via the tmux capture-pane -p -t {session} command in SKILL.md.
  • Boundary markers: The skill suggests using shell prompt patterns (e.g., regex: /(\s*|>|#)\s*$/m) to detect command completion but lacks explicit security boundaries to prevent the agent from executing instructions potentially embedded in terminal output.
  • Capability inventory: All skill operations (route-command, manage-session, reclaim-resources) utilize proc.exec capabilities through shell execution tools as defined in SKILL.spec.yaml.
  • Sanitization: There are no instructions for sanitizing or escaping the content captured from the terminal before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 11, 2026, 12:55 AM