Skills
skills/briqt/agent-skills/pty-bridge/Gen Agent Trust Hub

pty-bridge

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill facilitates the execution of arbitrary interactive commands by spawning subprocesses with PTY support. This is the primary intended function of the tool and is handled through the node-pty library.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it ingests untrusted terminal output from external processes or remote servers.
  • Ingestion points: Terminal output is captured in src/session.ts and returned to the agent via the daemon in src/daemon.ts.
  • Boundary markers: None identified in the output streams to separate data from instructions.
  • Capability inventory: The skill can spawn arbitrary processes (ptyModule.spawn in src/session.ts) and send input/commands to active sessions (session.write in src/session.ts).
  • Sanitization: Raw terminal output is returned to the agent without sanitization or filtering of potential control sequences or embedded instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 08:57 AM