---
name: terminal-pty-audit
description: Use this skill to audit terminal, PTY, shell session, container exec, and WebSocket terminal backends. Do not use it for unrelated frontend UI review.
---

# terminal-pty-audit

## English

### Purpose

Audit terminal/PTY/shell/session backends.

### When to use

- Terminal backend code.
- PTY allocation.
- Shell or process spawning.
- WebSocket terminal transport.
- Container exec.

### When not to use

- General frontend UI.
- Legal contracts.
- Smart contracts.

### Workflow

1. Locate terminal/session/process/WebSocket code.
2. Identify user-controlled inputs.
3. Trace inputs into shell, PTY, filesystem, container, and logs.
4. Check session ownership and reconnect/attach paths.
5. Check cleanup and resource limits.
6. Output high-confidence findings.

### Safety rules

Do not run exploit commands. Do not modify files in audit phase.


### Canonical finding format

```yaml
id: F-001
severity: Critical | High | Medium | Low | Informational
confidence: High | Medium | Low
category:
affected_code:
root_cause:
exploit_path:
preconditions:
impact:
evidence:
minimal_fix:
regression_test:
auto_fix_suitability: Safe | Needs Human Review | Do Not Auto-Fix
notes:
```

### v0.6 operational guardrails

- Keep the skill within its stated trigger conditions and the user's explicitly provided scope.
- Preserve project safety boundaries: audit-only by default; Do not execute exploits, Do not auto-merge, Do not upload private source code or secrets, and do not scan unrelated repositories without explicit user request.
- Ask for explicit human approval before patching high-risk auth, IAM, governance, funds, terminal, or agent-tooling behavior.
- Report validation performed, files changed, residual risk, and any skipped future-phase work when finished.

## 中文

### 目的

使用这个 skill 进行Terminal、PTY 与 Shell 会话审计。它应该帮助审查者把输入边界、风险证据、影响、修复建议和回归测试组织成可复核的安全输出。

### 触发条件

适用于 terminal backend、PTY allocation、process spawning、container exec、WebSocket terminal transport 和 session reconnect/attach。如果请求超出这些边界，先说明范围差异，并选择更合适的 prompt、skill 或人工 review 路径。

### 不适用场景

不要用于普通前端 UI、法律合同、智能合约或无 shell/session 逻辑的变更。不要把这个 skill 当作自动扫描整个仓库、执行 exploit、上传私有源码或 secrets、自动提交、自动推送或 auto-merge 的许可。

### 操作流程

1. 明确用户给出的目标、允许查看的材料和不能触碰的范围。
2. 收集必要上下文，但只读取完成任务所需的文件、diff、workflow、fixture 或文档。
3. 识别 trust boundary、privileged operation、sensitive data、preconditions 和 security impact。
4. 只报告有 evidence 的 finding；缺少上下文时写 question 或 assumption。
5. 为 confirmed issue 提出 minimal fix，并规划unauthorized attach、cross-workspace session、invalid command input、cleanup、reconnect 和 backpressure 测试。
6. 完成后报告验证输出、残余风险和需要人工确认的事项。

### 安全规则

默认 audit-only。未经明确授权，不 patch、不 commit、不 push、不创建 PR、不 merge。不要执行 exploit，不要访问生产系统，不要打印 secrets。涉及 IAM、authz 模型、资金、治理、terminal 执行或 agent-tooling 权限的修复必须进入人工 review。

### 输出要求

使用 canonical finding format。每个 finding 都要包含 severity、confidence、category、affected_code、root_cause、exploit_path、preconditions、impact、evidence、minimal_fix、regression_test、auto_fix_suitability 和 notes。