using-git-worktrees
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Executes Git commands to create and manage isolated worktrees and modifies the .gitignore file to ensure isolation.
- [COMMAND_EXECUTION]: Automatically detects and executes build and test suites using tools like npm, pip, and cargo based on project manifest files.
- [EXTERNAL_DOWNLOADS]: Uses well-known package managers to fetch dependencies from official registries during environment setup.
- [PROMPT_INJECTION]: Ingests configuration data from project files such as CLAUDE.md. * Ingestion points: CLAUDE.md, package.json, Cargo.toml, requirements.txt. * Boundary markers: None. * Capability inventory: git, npm, pip, cargo, go. * Sanitization: Uses pattern matching to validate directory location preferences.
Audit Metadata