Skills
skills/alexei-led/claude-code-config/using-git-worktrees/Gen Agent Trust Hub

using-git-worktrees

Pass

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill automatically executes build and test commands like make test, npm test, or cargo build in WORKFLOW.md and scripts/setup-worktree.sh. These commands run arbitrary scripts defined within the repository's configuration files.
  • [EXTERNAL_DOWNLOADS]: The skill triggers package managers (npm, pip, go, uv, cargo) to download dependencies from public registries. While these are well-known services, the downloads are driven by untrusted repository configuration.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by automatically acting on the contents of a checked-out branch.
  • Ingestion points: The skill reads repository structure and configuration files (package.json, Makefile, etc.) in scripts/setup-worktree.sh.
  • Boundary markers: Absent. The script does not validate the repository content before performing setup and test actions.
  • Capability inventory: The skill uses Bash to execute git, npm, make, and other build tools.
  • Sanitization: Absent. The skill directly executes commands defined in the repository metadata without sanitization.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 28, 2026, 10:56 AM