supaterm
Warn
Audited by Gen Agent Trust Hub on May 24, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The
sp tab newandsp pane splitcommands support a--scriptflag that enables the execution of arbitrary shell scripts for terminal environment setup. - [DATA_EXFILTRATION]: The
sp pane capturecommand allows the agent to read the terminal's visible content and scrollback history, which may contain sensitive information or credentials previously printed to the screen. - [COMMAND_EXECUTION]: The
sp pane sendcommand provides a mechanism for the agent to inject text and commands directly into active terminal panes. - [COMMAND_EXECUTION]: The
sp agent install-hookcommand modifies external application configuration files such as~/.claude/settings.jsonand~/.codex/hooks.jsonto facilitate integration. - [DATA_EXFILTRATION]: The skill is susceptible to indirect prompt injection via terminal output. Ingestion point:
sp pane capturein references/pane.md. Boundary markers: None. Capability inventory:sp pane send,sp tab new --script,sp agent install-hook. Sanitization: None.
Audit Metadata