Skills
skills/different-ai/openwork-hub/worktree-workflow/Gen Agent Trust Hub

worktree-workflow

Pass

Audited by Gen Agent Trust Hub on Mar 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
  • [SAFE]: The skill does not contain any malicious patterns, obfuscation, or unauthorized access attempts. Its behavior is consistent with its stated purpose of managing git workflows.
  • [COMMAND_EXECUTION]: The scripts regular-commit.sh and start-task-worktree.sh execute local git commands to manage worktrees, commit changes, and initialize submodules. Input parameters like task names are sanitized using tr to prevent shell injection or malformed file paths.
  • [EXTERNAL_DOWNLOADS]: The skill may trigger the download of external code via git submodule update --init --recursive. This is a standard operation within git repositories to manage dependencies.
  • [DATA_EXFILTRATION]: The skill includes a git push operation to the user's configured origin remote. This is an intentional feature designed to synchronize local work with the remote repository as part of the task workflow.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 13, 2026, 02:01 PM