The Agent Skills Directory

[Prompt Injection] (SAFE): No instructions designed to override agent behavior or bypass safety constraints were detected in the skill markdown or metadata.- [Data Exposure & Exfiltration] (SAFE): The skill reads local project files such as .gitignore and CLAUDE.md to determine workspace configuration. It does not access sensitive user credentials or perform unauthorized network requests.- [Unverifiable Dependencies] (SAFE): The skill invokes standard package managers (npm, pip, cargo, go) to install dependencies. While this involves downloading external code, it is a standard part of the development lifecycle and is performed within the user's project context.- [Command Execution] (SAFE): Automated execution of commands like npm install and cargo test is appropriate for the skill's purpose of setting up a development workspace and is only triggered when corresponding project files are present.

using-git-worktrees