{"id":"c7050553-e05c-4f04-8e48-4f6954a037ee","shortId":"t3H49a","kind":"skill","title":"terminal-pty-audit","tagline":"Use this skill to audit terminal, PTY, shell session, container exec, and WebSocket terminal backends. Do not use it for unrelated frontend UI review.","description":"# terminal-pty-audit\n\n## English\n\n### Purpose\n\nAudit terminal/PTY/shell/session backends.\n\n### When to use\n\n- Terminal backend code.\n- PTY allocation.\n- Shell or process spawning.\n- WebSocket terminal transport.\n- Container exec.\n\n### When not to use\n\n- General frontend UI.\n- Legal contracts.\n- Smart contracts.\n\n### Workflow\n\n1. Locate terminal/session/process/WebSocket code.\n2. Identify user-controlled inputs.\n3. Trace inputs into shell, PTY, filesystem, container, and logs.\n4. Check session ownership and reconnect/attach paths.\n5. Check cleanup and resource limits.\n6. Output high-confidence findings.\n\n### Safety rules\n\nDo not run exploit commands. Do not modify files in audit phase.\n\n\n### Canonical finding format\n\n```yaml\nid: F-001\nseverity: Critical | High | Medium | Low | Informational\nconfidence: High | Medium | Low\ncategory:\naffected_code:\nroot_cause:\nexploit_path:\npreconditions:\nimpact:\nevidence:\nminimal_fix:\nregression_test:\nauto_fix_suitability: Safe | Needs Human Review | Do Not Auto-Fix\nnotes:\n```\n\n### v0.6 operational guardrails\n\n- Keep the skill within its stated trigger conditions and the user's explicitly provided scope.\n- Preserve project safety boundaries: audit-only by default; Do not execute exploits, Do not auto-merge, Do not upload private source code or secrets, and do not scan unrelated repositories without explicit user request.\n- Ask for explicit human approval before patching high-risk auth, IAM, governance, funds, terminal, or agent-tooling behavior.\n- Report validation performed, files changed, residual risk, and any skipped future-phase work when finished.\n\n## 中文\n\n### 目的\n\n使用这个 skill 进行Terminal、PTY 与 Shell 会话审计。它应该帮助审查者把输入边界、风险证据、影响、修复建议和回归测试组织成可复核的安全输出。\n\n### 触发条件\n\n适用于 terminal backend、PTY allocation、process spawning、container exec、WebSocket terminal transport 和 session reconnect/attach。如果请求超出这些边界，先说明范围差异，并选择更合适的 prompt、skill 或人工 review 路径。\n\n### 不适用场景\n\n不要用于普通前端 UI、法律合同、智能合约或无 shell/session 逻辑的变更。不要把这个 skill 当作自动扫描整个仓库、执行 exploit、上传私有源码或 secrets、自动提交、自动推送或 auto-merge 的许可。\n\n### 操作流程\n\n1. 明确用户给出的目标、允许查看的材料和不能触碰的范围。\n2. 收集必要上下文，但只读取完成任务所需的文件、diff、workflow、fixture 或文档。\n3. 识别 trust boundary、privileged operation、sensitive data、preconditions 和 security impact。\n4. 只报告有 evidence 的 finding；缺少上下文时写 question 或 assumption。\n5. 为 confirmed issue 提出 minimal fix，并规划unauthorized attach、cross-workspace session、invalid command input、cleanup、reconnect 和 backpressure 测试。\n6. 完成后报告验证输出、残余风险和需要人工确认的事项。\n\n### 安全规则\n\n默认 audit-only。未经明确授权，不 patch、不 commit、不 push、不创建 PR、不 merge。不要执行 exploit，不要访问生产系统，不要打印 secrets。涉及 IAM、authz 模型、资金、治理、terminal 执行或 agent-tooling 权限的修复必须进入人工 review。\n\n### 输出要求\n\n使用 canonical finding format。每个 finding 都要包含 severity、confidence、category、affected_code、root_cause、exploit_path、preconditions、impact、evidence、minimal_fix、regression_test、auto_fix_suitability 和 notes。","tags":["terminal","pty","audit","security","playbook","edmund-xl","agent-skills","chatgpt","codex","devsecops","mcp","smart-contracts"],"capabilities":["skill","source-edmund-xl","skill-terminal-pty-audit","topic-agent-skills","topic-audit","topic-chatgpt","topic-codex","topic-devsecops","topic-mcp","topic-security","topic-smart-contracts"],"categories":["ai-security-audit-playbook"],"synonyms":[],"warnings":[],"endpointUrl":"https://skills.sh/edmund-xl/ai-security-audit-playbook/terminal-pty-audit","protocol":"skill","transport":"skills-sh","auth":{"type":"none","details":{"cli":"npx skills add edmund-xl/ai-security-audit-playbook","source_repo":"https://github.com/edmund-xl/ai-security-audit-playbook","install_from":"skills.sh"}},"qualityScore":"0.453","qualityRationale":"deterministic score 0.45 from registry signals: · indexed on github topic:agent-skills · 7 github stars · SKILL.md body (2,830 chars)","verified":false,"liveness":"unknown","lastLivenessCheck":null,"agentReviews":{"count":0,"score_avg":null,"cost_usd_avg":null,"success_rate":null,"latency_p50_ms":null,"narrative_summary":null,"summary_updated_at":null},"enrichmentModel":"deterministic:skill-github:v1","enrichmentVersion":1,"enrichedAt":"2026-05-18T19:13:44.372Z","embedding":null,"createdAt":"2026-05-18T13:21:30.051Z","updatedAt":"2026-05-18T19:13:44.372Z","lastSeenAt":"2026-05-18T19:13:44.372Z","tsv":"'-001':126 '1':67,312 '2':71,315 '3':77,322 '4':87,334 '5':94,343 '6':100,364 'affect':138,412 'agent':235,397 'agent-tool':234,396 'alloc':45,272 'approv':222 'ask':218 'assumpt':342 'attach':351 'audit':4,9,32,35,118,187,370 'audit-on':186,369 'auth':228 'authz':390 'auto':151,161,198,308,425 'auto-fix':160 'auto-merg':197,307 'backend':19,37,42,270 'backpressur':362 'behavior':237 'boundari':185,325 'canon':120,403 'categori':137,411 'caus':141,415 'chang':242 'check':88,95 'cleanup':96,359 'code':43,70,139,205,413 'command':112,357 'commit':376 'condit':174 'confid':104,133,410 'confirm':345 'contain':14,53,84,275 'contract':63,65 'control':75 'critic':128 'cross':353 'cross-workspac':352 'data':329 'default':190 'diff':318 'english':33 'evid':146,336,420 'exec':15,54,276 'execut':193 'explicit':179,215,220 'exploit':111,142,194,302,384,416 'f':125 'file':116,241 'filesystem':83 'find':105,121,338,404,407 'finish':253 'fix':148,152,162,349,422,426 'fixtur':320 'format':122,405 'frontend':26,60 'fund':231 'futur':249 'future-phas':248 'general':59 'govern':230 'guardrail':166 'high':103,129,134,226 'high-confid':102 'high-risk':225 'human':156,221 'iam':229,389 'id':124 'identifi':72 'impact':145,333,419 'inform':132 'input':76,79,358 'invalid':356 'issu':346 'keep':167 'legal':62 'limit':99 'locat':68 'log':86 'low':131,136 'medium':130,135 'merg':199,309,382 'minim':147,348,421 'modifi':115 'need':155 'note':163,429 'oper':165,327 'output':101 'ownership':90 'patch':224,374 'path':93,143,417 'perform':240 'phase':119,250 'pr':380 'precondit':144,330,418 'preserv':182 'privat':203 'privileg':326 'process':48,273 'project':183 'prompt':286 'provid':180 'pti':3,11,31,44,82,259,271 'purpos':34 'push':378 'question':340 'reconnect':360 'reconnect/attach':92,282 'regress':149,423 'report':238 'repositori':213 'request':217 'residu':243 'resourc':98 'review':28,157,289,400 'risk':227,244 'root':140,414 'rule':107 'run':110 'safe':154 'safeti':106,184 'scan':211 'scope':181 'secret':207,304,387 'secur':332 'sensit':328 'session':13,89,281,355 'sever':127,409 'shell':12,46,81,261 'shell/session':296 'skill':7,169,257,287,299 'skill-terminal-pty-audit' 'skip':247 'smart':64 'sourc':204 'source-edmund-xl' 'spawn':49,274 'state':172 'suitabl':153,427 'termin':2,10,18,30,41,51,232,269,278,394 'terminal-pty-audit':1,29 'terminal/pty/shell/session':36 'terminal/session/process/websocket':69 'test':150,424 'tool':236,398 'topic-agent-skills' 'topic-audit' 'topic-chatgpt' 'topic-codex' 'topic-devsecops' 'topic-mcp' 'topic-security' 'topic-smart-contracts' 'trace':78 'transport':52,279 'trigger':173 'trust':324 'ui':27,61,293 'unrel':25,212 'upload':202 'use':5,22,40,58 'user':74,177,216 'user-control':73 'v0.6':164 'valid':239 'websocket':17,50,277 'within':170 'without':214 'work':251 'workflow':66,319 'workspac':354 'yaml':123 '上传私有源码或':303 '不':373,375,377,381 '不创建':379 '不要打印':386 '不要执行':383 '不要把这个':298 '不要用于普通前端':292 '不要访问生产系统':385 '不适用场景':291 '与':260 '中文':254 '为':344 '会话审计':262 '但只读取完成任务所需的文件':317 '使用':402 '使用这个':256 '修复建议和回归测试组织成可复核的安全输出':266 '允许查看的材料和不能触碰的范围':314 '先说明范围差异':284 '只报告有':335 '和':280,331,361,428 '如果请求超出这些边界':283 '它应该帮助审查者把输入边界':263 '安全规则':367 '完成后报告验证输出':365 '并规划unauthor':350 '并选择更合适的':285 '当作自动扫描整个仓库':300 '影响':265 '或':341 '或人工':288 '或文档':321 '执行':301 '执行或':395 '提出':347 '操作流程':311 '收集必要上下文':316 '明确用户给出的目标':313 '智能合约或无':295 '未经明确授权':372 '权限的修复必须进入人工':399 '模型':391 '残余风险和需要人工确认的事项':366 '每个':406 '治理':393 '法律合同':294 '测试':363 '涉及':388 '的':337 '的许可':310 '目的':255 '缺少上下文时写':339 '自动推送或':306 '自动提交':305 '触发条件':267 '识别':323 '资金':392 '路径':290 '输出要求':401 '进行termin':258 '适用于':268 '逻辑的变更':297 '都要包含':408 '风险证据':264 '默认':368","prices":[{"id":"5498708f-5ce8-49c9-8bb0-d0a500016567","listingId":"c7050553-e05c-4f04-8e48-4f6954a037ee","amountUsd":"0","unit":"free","nativeCurrency":null,"nativeAmount":null,"chain":null,"payTo":null,"paymentMethod":"skill-free","isPrimary":true,"details":{"org":"edmund-xl","category":"ai-security-audit-playbook","install_from":"skills.sh"},"createdAt":"2026-05-18T13:21:30.051Z"}],"sources":[{"listingId":"c7050553-e05c-4f04-8e48-4f6954a037ee","source":"github","sourceId":"edmund-xl/ai-security-audit-playbook/terminal-pty-audit","sourceUrl":"https://github.com/edmund-xl/ai-security-audit-playbook/tree/main/skills/terminal-pty-audit","isPrimary":false,"firstSeenAt":"2026-05-18T13:21:30.051Z","lastSeenAt":"2026-05-18T19:13:44.372Z"}],"details":{"listingId":"c7050553-e05c-4f04-8e48-4f6954a037ee","quickStartSnippet":null,"exampleRequest":null,"exampleResponse":null,"schema":null,"openapiUrl":null,"agentsTxtUrl":null,"citations":[],"useCases":[],"bestFor":[],"notFor":[],"kindDetails":{"org":"edmund-xl","slug":"terminal-pty-audit","github":{"repo":"edmund-xl/ai-security-audit-playbook","stars":7,"topics":["agent-skills","audit","chatgpt","codex","devsecops","mcp","security","smart-contracts"],"license":"mit","html_url":"https://github.com/edmund-xl/ai-security-audit-playbook","pushed_at":"2026-05-13T02:30:26Z","description":"Local-first, audit-only security review playbook for AI coding agents: prompts, skills, read-only MCP, findings, and regression tests.","skill_md_sha":"678690f5b838c885c14dea5956c7a1f7cfe39c86","skill_md_path":"skills/terminal-pty-audit/SKILL.md","default_branch":"main","skill_tree_url":"https://github.com/edmund-xl/ai-security-audit-playbook/tree/main/skills/terminal-pty-audit"},"layout":"multi","source":"github","category":"ai-security-audit-playbook","frontmatter":{"name":"terminal-pty-audit","description":"Use this skill to audit terminal, PTY, shell session, container exec, and WebSocket terminal backends. Do not use it for unrelated frontend UI review."},"skills_sh_url":"https://skills.sh/edmund-xl/ai-security-audit-playbook/terminal-pty-audit"},"updatedAt":"2026-05-18T19:13:44.372Z"}}