Skills
skills/auldsyababua/instructor-workflow/create-worktree-skill/Gen Agent Trust Hub

create-worktree-skill

Pass

Audited by Gen Agent Trust Hub on Feb 18, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • PROMPT_INJECTION (LOW): The skill is vulnerable to indirect prompt injection because it interpolates user-provided branch names directly into tool commands without sanitization.
  • Ingestion points: User-provided branch-name extracted from the request in Step 1.
  • Boundary markers: Absent. There are no instructions to validate or wrap the branch name in delimiters.
  • Capability inventory: SlashCommand, Bash, Read, Write, Edit, Glob, and Grep tools are available to the agent.
  • Sanitization: Absent. The branch name is passed directly to the /create_worktree_prompt slash command.
  • COMMAND_EXECUTION (SAFE): The use of SlashCommand and Bash tools is consistent with the skill's primary intended purpose of managing git worktrees and configuring development environments.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 18, 2026, 12:01 AM