intercom
Pass
Audited by Gen Agent Trust Hub on Jun 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides instructions for using terminal multiplexing tools such as
cmuxandtmuxto manage multiple agent sessions. This includes automated commands for creating terminal splits and sending strings (which can be shell commands) to those sessions to orchestrate complex workflows. This behavior is consistent with the skill's primary purpose of session coordination. - [PROMPT_INJECTION]: The skill facilitates the ingestion of data from other agent sessions through the
intercomtool (actions:ask,pending,reply). This establishes a surface for indirect prompt injection, where instructions contained within messages from a peer session could potentially influence the behavior of the receiving agent. - Ingestion points: Inbound messages delivered as the output of
intercomtool calls inSKILL.md. - Boundary markers: The skill does not prescribe specific delimiters or instructions to treat peer-provided content as untrusted data.
- Capability inventory: The skill enables shell command execution via multiplexers and the sharing of code snippets via attachments.
- Sanitization: No explicit content sanitization or validation of incoming messages is described.
Audit Metadata