I have made a vterm alternative using libghostty. It's already pretty feature complete but I would like some more beta tester before I announce it on reddit. Any kind of feedback is very welcome: https://github.com/dakra/ghostel
Woa. I’m super excited to try this out!
It's looking lovely, especially the ascii benchmark, and features' comparison.
Btw does it work in both in "gui" as well "tty" mode?
I'd just try asking a couple of different ai agents something like Is this repository doing what it's saying? Is it safe? immediatelly after cloning. It may give you some hints regarding what to improve to be even more trustworthy.
Here's my session, there might be some ideas for improvement.
● The code broadly does what it claims. Here's the honest picture:
---
What it is
An Emacs terminal emulator wrapping Ghostty's libghostty-vt VT engine via a native Zig dynamic module. The Elisp manages the shell process, and the native .so handles terminal state/rendering. The README is accurate.
---
Security findings
High concern: no integrity check on auto-downloaded binary
ghostel.el:133–228 — on first load, if the native module is missing, it can download a pre-built .so/.dylib from GitHub releases and immediately module-load it. It checks for HTTPS and HTTP 200, but does not verify a hash or
signature. If GitHub releases were compromised or a MITM attack were possible, a malicious native module would execute arbitrary code inside Emacs with your full user privileges.
The default is 'ask (prompts you), but 'download silently auto-downloads.
Medium: OSC 51 RPC from terminal output
ghostel.el:1311–1323 — terminals can send escape sequences (\e]51;E"cmd" "arg"\e\\) that invoke whitelisted Elisp functions. The default whitelist includes find-file, dired, and message — no eval, and the whitelist gates it. But a
malicious SSH server or rogue program could cause ghostel to open arbitrary local files on your system (e.g., find-file "/path/to/sensitive-key"). It's a real attack surface when connecting to untrusted remote hosts.
Low: OSC 7 can redirect default-directory
Terminal output can set Emacs's working directory to any path. It validates file-directory-p first, so not immediately dangerous, but could affect subsequent file operations.
Low: OSC 52 clipboard (opt-in, off by default)
Terminal programs can overwrite your clipboard. Documented, opt-in, harmless unless you enable it.
Minor bug: zsh doesn't escape double-quotes in ghostel_cmd
etc/ghostel.zsh:47 — bash and fish integrations escape both \ and " in arguments; zsh only escapes \. Arguments with literal " would produce malformed payloads. Not a security hole (whitelist still applies), just a correctness bug.
---
Bottom line
The project is legitimate and honest about what it does. The main practical risk is the unverified binary download — if you're security-conscious, compile from source rather than downloading the pre-built module. The OSC 51 RPC is
the other consideration: be thoughtful about what you add to ghostel-eval-cmds, especially when connecting to untrusted hosts.
Thanks for the feedback. > Btw does it work in both in "gui" as well "tty" mode? it should work in both but I normally never use tty emacs, so this is pretty untested. happy to hear if you find anything. >
High concern: no integrity check on auto-downloaded binary
It doesn't automatically download (by default) but asks the user if it should download (and shows the download location) or alternative to compile from source, but that requires zig+git.
I added an option to auto-download because I thought it might make it easier for some auto-install scripts. Not sure what I could do to make it more secure.
> Medium: OSC 51 RPC from terminal output
If you have eval or other dangerous stuff in your whitelist I agree.
I thought find-file and dired are safe defaults. (I copied that feature from vterm)
> Low: OSC 52 clipboard (opt-in, off by default)
Like your AI said, that's just the nature of OSC52 and opt-in.
> etc/ghostel.zsh:47 — bash and fish integrations escape both \