Skills
skills/michael-menard/monorepo/wt-new/Gen Agent Trust Hub

wt-new

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill performs shell-level operations using the git CLI, specifically git fetch origin and git worktree add. These commands are assembled dynamically using parameters provided at runtime.
  • [PROMPT_INJECTION]: The skill is vulnerable to Indirect Prompt Injection (specifically command injection) through the interpolation of untrusted data into shell commands.
  • Ingestion points: The BRANCH_NAME and BASE_BRANCH parameters defined in SKILL.md are directly incorporated into shell commands.
  • Boundary markers: No boundary markers or instructions to ignore embedded instructions are present in the parameter handling logic.
  • Capability inventory: The skill executes subprocesses via git which, if manipulated, can affect the local file system and repository state.
  • Sanitization: There is no evidence of input validation, escaping, or sanitization for the provided branch names before they are passed to the shell.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 09:46 PM