Using Git Worktrees
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill executes git, directory management, and environment setup commands. These are standard operations for a development tool and are used as intended for workspace isolation.
- EXTERNAL_DOWNLOADS (SAFE): The skill invokes standard package managers (npm, pip, cargo, go) to install project dependencies. This is appropriate for the skill's primary purpose of setting up a workspace.
- INDIRECT_PROMPT_INJECTION (SAFE): Surface exists via CLAUDE.md ingestion for directory preferences. 1. Ingestion points: CLAUDE.md. 2. Boundary markers: Absent. 3. Capability inventory: git, npm, pip, cargo, go. 4. Sanitization: The shell logic limits path construction and actions to predefined directory patterns.
Audit Metadata