wt
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill provides an interface for the 'wt' command-line tool to manage git worktrees and services. All defined commands are executed via the 'Bash' tool and align with standard development workflows.
- DATA_EXPOSURE (SAFE): Operations are performed within specific local directories (~/worktrees/llamafarm/ and ~/.llamafarm/worktrees/). The skill does not access sensitive system paths or credentials.
- INDIRECT_PROMPT_INJECTION (LOW): Reading service logs and status outputs via 'wt logs' and 'wt status' constitutes a potential surface for indirect prompt injection.
- Ingestion points: Worktree service logs and status reports.
- Boundary markers: Not defined in the skill instructions.
- Capability inventory: Access to 'Bash' and 'Read' tools.
- Sanitization: No sanitization of command output is described.
Audit Metadata