Skills
skills/brite-nites/britenites-claude-plugins/git-worktrees/Gen Agent Trust Hub

git-worktrees

Pass

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: Executes shell commands for git management, dependency installation, and project verification (tests, build, lint). It mitigates command injection by validating the ISSUE_ID against a strict regex (^[A-Z]+-[0-9]+$) and slugifying branch descriptions before they are used in shell contexts.
  • [PROMPT_INJECTION]: Accesses external data through docs/plans/ and docs/designs/ files, creating a surface for indirect prompt injection. The skill mitigates this by providing explicit instructions to the agent to treat the content as data only and ignore instructions, as well as performing validation on the issue ID before file access.
  • [EXTERNAL_DOWNLOADS]: Initiates package installation via standard tools (npm, pip, poetry, bundle) from well-known registries. While these are trusted sources, this operation involves the retrieval of external code based on the project's configuration files.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 6, 2026, 02:05 PM