git-worktree-manager
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The scripts
worktree_manager.pyandworktree_cleanup.pyexecute Git commands and package managers using the Pythonsubprocessmodule. These calls are implemented using list-based arguments rather than shell strings, which is a security best practice that prevents shell injection vulnerabilities. - [EXTERNAL_DOWNLOADS]: The
worktree_manager.pyscript includes optional functionality to trigger package managers such as npm, yarn, and pip. This behavior is intended for installing dependencies in newly created worktrees and is only triggered when the--install-depsflag is provided. - [DATA_EXPOSURE]: The skill automates the synchronization of environment files (e.g.,
.env,.env.local) by copying them from the main repository to the worktree directory. This process is localized to the user's machine and does not involve external data transmission. - [INDIRECT_PROMPT_INJECTION]: The scripts ingest configuration data via CLI arguments and JSON input. While this represents a potential injection surface if the input source is untrusted, the use of structured argument passing in subprocess calls mitigates the risk of direct command execution.
Audit Metadata