The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/worktree-manager.sh executes numerous system commands (including git worktree, git checkout, git pull, mkdir, and cp) using arguments provided by the AI agent or user. While variables are double-quoted to prevent word splitting, the lack of character validation on branch names or path components could lead to unexpected command behavior or flag injection.
[REMOTE_CODE_EXECUTION]: The skill implements a feature to automatically grant trust to developer tool configurations (mise and direnv) via the trust_dev_tools function. These tools are designed to execute code when entering a directory and include mandatory manual 'allow' steps to prevent malicious code execution. By programmatically running mise trust and direnv allow, the skill bypasses this human-in-the-loop security model. Although the script attempts to verify that configuration files match a 'trusted' baseline branch (like main or develop), this assumes the integrity of the remote branch and the local git database.
[EXTERNAL_DOWNLOADS]: The create_worktree function performs a git pull origin "$from_branch" operation. This connects to the remote repository associated with the current project to fetch the latest changes during worktree creation.
[DATA_EXPOSURE]: The script automatically identifies and copies all environment files (matching .env*, excluding .env.example) from the main repository to the new worktree path. While the data remains on the local filesystem, this behavior facilitates the proliferation of sensitive secrets across multiple directories.

ce-worktree