ghostty-config
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: Potential surface for indirect prompt injection via terminal configuration files.
- Ingestion points: The skill directs the agent to read and modify configuration files located at
$XDG_CONFIG_HOME/ghostty/configor~/Library/Application Support/com.mitchellh.ghostty/config. - Boundary markers: Absent. The instructions do not specify how the agent should distinguish between configuration directives and malicious instructions embedded in comments or values.
- Capability inventory: The skill utilizes file system tools such as
Read,Edit,Write,Grep, andGlobto manage configuration state. - Sanitization: Absent. There is no mention of validating or escaping configuration content to prevent unintended instruction execution.
- [EXTERNAL_DOWNLOADS]: References a configuration schema from the author's GitHub repository.
- The documentation points to a JSON schema for syntax validation located at
https://raw.githubusercontent.com/sammcj/vscode-ghostty-config-syntax/refs/heads/main/schema/ghostty-config-syntax.schema.json. - [COMMAND_EXECUTION]: Documents administrative CLI commands for the Ghostty terminal.
- Provides guidance on using commands such as
ghostty +validate-config,ghostty +show-config, andghostty +edit-configfor terminal management.
Audit Metadata