April 17, 2026

Cat’s out of the bag

Article URL →HN comments →

Even "cat readme.txt" is not safe

iTerm2 bug turns “cat readme.txt” into a trap—and users are livid

TLDR: A bug in iTerm2 lets a “simple text file” pretend to be a trusted helper, potentially triggering actions when you just view it, and there’s no stable fix yet. The community’s split: some slam early disclosure and iTerm2’s trust model, others joke about workarounds and warn about AI-era prompt injections.

The internet is clutching its pearls: even typing “cat readme.txt” may not be safe if you use iTerm2. A new report says crafty text can hide special control codes—think invisible instructions—that iTerm2 mistakes for trusted messages, letting a plain-looking file trick your terminal into doing things. The researchers say OpenAI helped, and it’s all tied to iTerm2’s SSH helper feature, which talks over terminal output. Translation: the “text” on your screen can impersonate the helper and boom—your terminal listens.

Cue the comment section going full popcorn. One user jokes about dodging danger by aliasing cat to a safer command and asks if iTerm will “still monkey with it.” Another fires off a mic-drop meme: “More like iTerm2 is not safe.” Meanwhile, the big fight: disclosure timing. The fix reportedly isn’t in the stable app yet, prompting a pointed “Why disclose before patch?” from frustrated users. It’s security theater vs. transparency, round 47.

Others zoom out to bigger tech-philosophy flames. Why don’t tools escape dangerous output by default? “Make raw output opt-in,” argues one commenter. And in the AI era, someone groans that with bots reading terminals, every “cat” could be a prompt injection. From simple text to terminal terror, the vibes are chaotic—and very online. Read the earlier context here: Vim/Emacs episode.

Key Points

  • The article reveals a vulnerability where viewing a file with “cat readme.txt” in iTerm2 can lead to arbitrary code execution.
  • iTerm2’s SSH integration relies on a remote helper script (“conductor”) that communicates via terminal escape sequences over the PTY.
  • The protocol uses DCS 2000p to initiate the conductor and OSC 135 for messages like begin/end and output lines.
  • The core bug is a trust failure: iTerm2 accepts conductor protocol messages from untrusted terminal output, enabling impersonation.
  • Malicious files or outputs can forge these sequences, causing iTerm2 to treat them as legitimate conductor exchanges and execute actions.

Hottest takes

“Why was this disclosed before the hole was patched” — KerrickStaley
“More like iTerm2 is not safe” — TZubiri
“every cat action could be a prompt injection” — holoduke

Save News

Made with <3 by @siedrix and @shesho from CDMX. Powered by Forge&Hive.