using-git-worktrees
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill automatically executes shell commands for dependency installation and test suite execution (e.g., npm install, cargo test, pip install) based on the presence of project manifest files.
- [PROMPT_INJECTION]: Potential surface for indirect prompt injection via untrusted project data.
- Ingestion points: The skill reads directory preferences from CLAUDE.md and analyzes project manifest files.
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are used when reading CLAUDE.md.
- Capability inventory: The skill can execute arbitrary shell commands via project-defined scripts and install external packages.
- Sanitization: Project file contents are not validated or sanitized before being used to trigger automated actions.
Audit Metadata