git-worktrees
Pass
Audited by Gen Agent Trust Hub on Apr 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill implements Git management logic using Python's subprocess module. The implementation uses list-based arguments for
subprocess.run, which is the recommended security practice to prevent shell injection vulnerabilities. - [EXTERNAL_DOWNLOADS]: The skill documentation describes the use of
npm installandnpm ciwithin worktree directories. These are standard commands for managing project dependencies in a development workflow and are used here for their intended purpose of environment isolation.
Audit Metadata