Tmux Remote Control

Security checks across malware telemetry and agentic risk

Overview

The skill is a transparent tmux helper, but it encourages running coding agents in unattended permission-bypassing modes without adequate guardrails.

Install only if you are comfortable with an agent controlling tmux sessions. Avoid the documented permission-bypass and full-auto flags except in disposable worktrees or sandboxes, inspect pane output before relying on it, and list or attach to `oc-` sessions before killing them.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The cleanup guidance includes commands that kill tmux sessions, including a bulk kill of all sessions matching the `oc-` prefix, without warning that this will immediately terminate any processes running inside those sessions. In this skill's context, tmux is explicitly used to run interactive coding agents and other long-running tasks, so an unsuspecting user or agent could cause data loss, interrupt active work, or terminate unrelated OpenClaw-managed jobs.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal