Skills
skills/abudhahir/superpowers/using-git-worktrees/Gen Agent Trust Hub

using-git-worktrees

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (MEDIUM): The skill automatically triggers package managers including 'npm install', 'pip install', 'poetry install', 'cargo build', and 'go mod download' when it detects relevant manifest files. This allows for supply chain attacks where a repository contains a malicious dependency configuration.
  • [COMMAND_EXECUTION] (MEDIUM): The skill automatically executes project-specific test commands like 'npm test', 'cargo test', and 'pytest' to verify the worktree baseline. These commands are common vectors for executing arbitrary code defined in the repository's test configuration.
  • [PROMPT_INJECTION] (LOW): The skill ingests untrusted data from 'CLAUDE.md' to determine worktree directory preferences, representing an indirect prompt injection surface.
  • Ingestion points: 'CLAUDE.md' via grep.
  • Boundary markers: Absent.
  • Capability inventory: Shell command execution, package management, git operations, and test runner execution.
  • Sanitization: Absent; the skill directly uses the grep result for logic branching.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:32 PM