Tmux
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The tmux skill mostly matches its purpose, but it has an inconsistent socket boundary and promotes unattended coding-agent runs, so it deserves review before installation.
Install only if you are comfortable with the agent controlling tmux sessions. Use a private tmux socket, avoid unattended --yolo/full-auto coding-agent runs unless you explicitly approve them, review generated changes, and kill tmux sessions when finished.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
66/66 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Private command output, tokens, or other sensitive text from a tmux pane could be brought into the agent transcript if the helper targets the wrong or ambient tmux session.
The helper captures pane history without accepting the isolated socket path used elsewhere in SKILL.md, and prints the captured pane text on timeout. This can expose terminal output from an unintended tmux context.
tmux capture-pane -p -J -t "$target" -S "-${lines}" ... echo "Last ${lines} lines from $target:" >&2; printf '%s\n' "$pane_text" >&2Add explicit -S/--socket-path support to the helper, require the private socket in examples, and avoid printing full pane history by default on timeout.
Spawned coding agents may change files or run commands without step-by-step user confirmation.
The instructions explicitly promote running multiple coding agents through tmux in no-confirm or full-auto modes, without stating approval, diff review, rollback, or sandbox boundaries.
tmux -S "$SOCKET" send-keys -t agent-1 "cd /tmp/project1 && codex --yolo 'Fix bug X'" Enter ... Codex needs `--yolo` or `--full-auto` for non-interactive fixes
Use --yolo/--full-auto only after explicit user approval, in disposable worktrees or sandboxes, and require reviewing diffs and command output before accepting changes.
Processes started in tmux may continue consuming resources or making changes until explicitly stopped.
The skill creates detached tmux sessions that can keep running after the immediate task, although cleanup commands are documented.
tmux -S "$SOCKET" new -d -s "$SESSION" -n shell ... Kill a session: `tmux -S "$SOCKET" kill-session -t "$SESSION"`
Monitor active sessions and use the documented kill-session or kill-server cleanup commands when the task is complete.