ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Claude Code within tmux

v1.0.0

Manage Claude Code instances living inside tmux sessions. Users usually create separate tmux sessions for separate projects. Use this skill when you need to read the latest Claude Code response in a particular tmux session / project, send it a prompt and get the response, or run /compact directly via tmux (no extra scripts required).

0· 1.8k·13 current·13 all-time
by@paulrahul
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill is clearly intended to operate on tmux sessions running Claude Code, but the registry metadata declares no required binaries or config paths. SKILL.md relies entirely on the tmux binary and (optionally) non-default tmux sockets; the skill should have declared tmux as a required binary and noted socket access.
!
Instruction Scope
The runtime instructions tell the agent to capture pane contents (tmux capture-pane) and send keystrokes (tmux send-keys). That gives the agent the ability to read arbitrary tmux scrollback and inject input into live sessions. There are no built-in safeguards described (e.g., confirmation prompts, limits on which sessions to target, or checks for sensitive content) beyond a manual 'double-check' tip.
Install Mechanism
Instruction-only skill with no install steps or external downloads. This minimizes supply-chain risk because nothing is written to disk by the skill package itself.
Credentials
The skill requests no credentials or env vars, which is proportionate. However, the instructions access tmux sockets and pane buffers (potentially system-level artifacts) without declaring that dependency; this should be documented so users understand the access surface.
Persistence & Privilege
always:false (no forced inclusion). The skill can be invoked autonomously by the agent per platform default; combined with the instruction scope (ability to read/send to tmux), this increases potential blast radius but is not by itself an incoherence or over-privilege in the metadata.
What to consider before installing
This skill will read tmux pane contents and can inject keystrokes into live tmux sessions named 'claude'. Before installing or using it: (1) Ensure tmux is installed and that you trust any tmux sessions this agent can access — the skill can read past messages (which may include secrets) and send prompts. (2) Prefer running Claude sessions in private sockets or dedicated sessions so the agent can't accidentally target other users' or system sessions. (3) Ask the skill author to declare 'tmux' as a required binary and to add explicit confirmation steps before sending input into a session. (4) Avoid sending sensitive data through this skill, and require explicit user approval each time the agent will inject keystrokes into a live session.

Like a lobster shell, security has layers — review code before you run it.

latestvk972m1mhe02mt0kw87tyazpn4580znwa

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments