git-worktree-tidy

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly runs "git fetch --prune origin" and parses remote-tracking refs/branch metadata (e.g., via git branch -vv, git worktree list) and then uses that remote/user-generated branch/worktree information to decide deletions and updates, exposing the agent to untrusted third-party repo content from the origin remote.