Skills
skills/a-green-hand-jack/ml-research-skills/new-workspace/Gen Agent Trust Hub

new-workspace

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill performs various shell operations using the Bash tool, including git worktree add, git checkout, and mkdir. These commands are used to manage repository structure and are aligned with the skill's primary purpose.
  • [EXTERNAL_DOWNLOADS]: In Step 8, the skill executes uv sync if a pyproject.toml file is found. This operation downloads and installs project dependencies from the official Python Package Index (PyPI), which is a well-known and trusted service.
  • [CREDENTIALS_UNSAFE]: The skill provides instructions to symlink .env files from the repository root to new worktrees. While .env files often contain sensitive secrets, the skill handles them as part of a standard local development workflow for environment parity across workspaces.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 12:40 PM