using-git-worktrees
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands to automate development workflows, including Git worktree management (
git worktree add,git rev-parse), dependency installation (npm install,cargo build,pip install,poetry install,go mod download), and test execution (npm test,cargo test,pytest,go test). These commands are necessary for the skill's primary function of setting up and verifying isolated workspaces. - [EXTERNAL_DOWNLOADS]: During the setup phase, the skill triggers package managers to download external dependencies from standard registries (e.g., NPM, PyPI, Crates.io). This is expected behavior for a project initialization tool.
- [PROMPT_INJECTION]: The skill implements a feature to read configuration preferences from
CLAUDE.md. This creates an indirect prompt injection surface where a repository could potentially host instructions intended to influence the agent's logic. - Ingestion points:
CLAUDE.md,package.json,Cargo.toml,requirements.txt,pyproject.toml,go.mod. - Boundary markers: None present.
- Capability inventory: Full filesystem access, network access (via package managers), and arbitrary code execution (via test suites).
- Sanitization: None present.
Audit Metadata