Skills
skills/ianphil/my-skills/tmux-tdd/Gen Agent Trust Hub

tmux-tdd

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to use tmux send-keys to interact with test runner panes (e.g., tmux send-keys -t 0.1 "your-test-command" C-m). This is a legitimate use of the tool for orchestrating development workflows.
  • [PROMPT_INJECTION]: The skill captures raw output from a tmux pane, which constitutes an indirect prompt injection surface if the content being read (such as error messages or test logs) contains malicious instructions.
  • Ingestion points: Captured output from tmux capture-pane -t 0.1 -p -S -50 in SKILL.md.
  • Boundary markers: None identified; output is processed directly by the agent.
  • Capability inventory: The skill facilitates file modifications and command execution via tmux send-keys.
  • Sanitization: No sanitization or validation of the captured pane data is implemented.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 03:29 AM