using-git-worktrees
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill executes shell commands for git operations, package management (npm, pip, cargo, go), and automated testing. This is core functionality for its intended purpose.\n- [EXTERNAL_DOWNLOADS] (LOW): Automated dependency installation fetches code from external package registries. While standard for development, this involves downloading and potentially executing third-party code.\n- [Indirect Prompt Injection] (LOW): The skill processes project-specific data to make decisions. 1. Ingestion points: Reads CLAUDE.md for directory preferences and parses build files (package.json, etc.). 2. Boundary markers: Absent. 3. Capability inventory: Significant capability including shell execution and file system modifications. 4. Sanitization: No sanitization of ingested config data before use in logic.
Audit Metadata