Skills
skills/adaptationio/skrillz/ac-workspace-manager/Gen Agent Trust Hub

ac-workspace-manager

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION] (SAFE): The skill executes git commands using subprocess.run. It correctly implements best practices by passing arguments as a list rather than a single string and avoids the shell=True parameter, which prevents shell injection vulnerabilities.
  • [DATA_EXPOSURE] (SAFE): The skill maintains a local state file at .claude/worktree-log.json. Analysis shows no attempts to access sensitive system files (e.g., SSH keys, credentials) or exfiltrate data to external servers.
  • [INDIRECT_PROMPT_INJECTION] (LOW): The skill accepts user-provided names for worktrees which are used in file paths and git branch names.
  • Ingestion points: The name parameter in create_worktree.
  • Boundary markers: None present.
  • Capability inventory: subprocess.run for git operations and Path.mkdir for directory creation.
  • Sanitization: The use of Python's pathlib for path construction and list-based subprocess arguments provides inherent protection against basic shell injection and directory traversal, though explicit validation of the name string is not present.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:26 PM