The Agent Skills Directory

[COMMAND_EXECUTION]: The skill provides the ability to send arbitrary text and commands to active WezTerm panes using the send-command.sh script. This allows the agent to execute any shell command within the user's environment.
[DATA_EXFILTRATION]: The pane-watcher.sh background daemon continuously scrapes the last 200 lines of every active terminal pane and saves them to /tmp/wezterm-panes/. If a terminal session displays sensitive data such as API keys, passwords, or private source code, this information is stored as plain text in a shared system directory.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. Because the agent is instructed to read and 'analyze' the contents of terminal panes to decide on its next action, an attacker could display malicious instructions in a pane (e.g., by cat-ing a malicious file or triggering a log message) that command the agent to run unauthorized terminal commands.
[EXTERNAL_DOWNLOADS]: The skill documentation refers to installing wezterm and jq as prerequisites. While these are well-known tools, the skill's reliance on external CLI tools for its core logic creates a dependency on the security of the local environment's binaries.

wezterm-terminal-pilot