using-git-worktrees
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill automates project setup and testing by executing standard commands such as npm install, pip install, cargo build, and pytest based on detected project files. These operations are typical for development workflows and are performed within the local project context after safety verification.
- [PROMPT_INJECTION]: The skill reads directory preferences from a local CLAUDE.md file using grep. While this constitutes an indirect instruction ingestion surface, it is used for project-local configuration. (1) Ingestion points: CLAUDE.md via grep. (2) Boundary markers: None. (3) Capability inventory: Git worktree creation, file system access, and package manager execution. (4) Sanitization: No sanitization is performed on the data extracted from CLAUDE.md.
Audit Metadata