using-git-worktrees
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill executes various system commands for environment setup and validation, including 'git worktree', 'npm install', 'cargo build', and 'pytest'. These are standard for development workflows but involve executing code within the project context.
- [EXTERNAL_DOWNLOADS] (SAFE): The skill uses official package managers (npm, pip, cargo, go) to resolve and download project dependencies. These tools are trusted, though they do interact with external registries.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill reads from 'CLAUDE.md' and other project configuration files to determine directory preferences and project types. Ingestion points: CLAUDE.md (via grep), project root files (package.json, Cargo.toml). Boundary markers: Absent. Capability inventory: Subprocess calls for git, npm, pip, cargo, go, poetry. Sanitization: Absent. This creates a surface where a malicious repository could influence the agent's behavior through configuration metadata.
Audit Metadata