supaterm

Warn

Audited by Gen Agent Trust Hub on May 24, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The sp tab new and sp pane split commands support a --script flag that enables the execution of arbitrary shell scripts for terminal environment setup.
  • [DATA_EXFILTRATION]: The sp pane capture command allows the agent to read the terminal's visible content and scrollback history, which may contain sensitive information or credentials previously printed to the screen.
  • [COMMAND_EXECUTION]: The sp pane send command provides a mechanism for the agent to inject text and commands directly into active terminal panes.
  • [COMMAND_EXECUTION]: The sp agent install-hook command modifies external application configuration files such as ~/.claude/settings.json and ~/.codex/hooks.json to facilitate integration.
  • [DATA_EXFILTRATION]: The skill is susceptible to indirect prompt injection via terminal output. Ingestion point: sp pane capture in references/pane.md. Boundary markers: None. Capability inventory: sp pane send, sp tab new --script, sp agent install-hook. Sanitization: None.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 24, 2026, 03:58 AM
Security Audit — agent-trust-hub — supaterm