using-git-worktrees

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's setup script (scripts/worktree-setup) explicitly runs dependency installers (npm install, pip install, cargo build, go mod download, poetry install) which fetch and install packages from public package registries (untrusted third-party content) as part of the required workflow and can materially affect test results and subsequent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The included scripts run package manager commands (npm install, pip install -r requirements.txt, cargo build, poetry install, go mod download) which at runtime fetch and execute remote packages from package registries (e.g., https://registry.npmjs.org, https://pypi.org, https://crates.io) so external content is retrieved and executed as a required dependency.