tmux-terminal
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This instruction-only skill transparently teaches tmux-based terminal control; the main things to watch are broad local command execution and cleanup of persistent sessions.
Install this skill only if you are comfortable letting the agent control local tmux sessions. Review commands before they run, especially destructive or privileged ones, and make sure sessions are stopped and killed when finished.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If misused, the agent could run unintended local commands, modify files, start services, or interact with prompts in a terminal session.
The skill teaches the agent how to send arbitrary commands into a tmux session. This is central to the skill's purpose, but it is broad local command execution.
tmux send-keys -t <name> "<command>" Enter
Use this skill only for intended terminal workflows, review destructive or privileged commands first, and avoid broad or irreversible commands unless explicitly desired.
Long-running commands, servers, or loops could keep running and consuming resources if not stopped.
The skill intentionally uses tmux persistence so processes can continue after a single interaction step. The same document also advises killing sessions when done.
tmux lets you send keystrokes, capture screen output, and keep processes running between steps.
Use short, unique session names and clean up with Ctrl-C and `tmux kill-session` after the workflow is finished.
The registry may not warn users that tmux must already be installed, so users need to ensure they are using a trusted tmux installation.
The skill depends on a local tmux binary, while the supplied metadata lists no required binaries and no install spec. This is a minor declaration gap rather than hidden code.
Prerequisites - `tmux` installed
Install tmux from a trusted package manager if needed, and declare tmux as a required binary in metadata for clearer installation checks.