Skills
skills/nmalinowski/groundwork/use-git-worktree/Gen Agent Trust Hub

use-git-worktree

Pass

Audited by Gen Agent Trust Hub on Feb 25, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill performs various shell operations including Git worktree management, branch manipulation, and filesystem verification using commands like git worktree add, git branch, and ls.
  • [EXTERNAL_DOWNLOADS]: The skill triggers external downloads from package registries by invoking tools such as npm, yarn, pip, cargo, and go based on detected project configuration files.
  • [REMOTE_CODE_EXECUTION]: The skill is configured to automatically execute arbitrary setup commands found in repository documentation (e.g., README.md or CLAUDE.md), which could lead to code execution if the repository files are untrusted.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it parses and executes instructions directly from project-specific documentation files.
  • Ingestion points: Reads project instructions from CLAUDE.md and README.md in Step 4.
  • Boundary markers: No delimiters or safety warnings are applied to the content read from these files.
  • Capability inventory: Executes subprocess calls for setup and tests (npm, pip, git, etc.) and arbitrary commands from documentation.
  • Sanitization: No sanitization or validation of the commands extracted from documentation is performed.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 25, 2026, 09:41 PM