worktree

SUSPICIOUS. The skill’s purpose is coherent for repository worktree management, and most git-related actions are proportionate. However, its core dependency is an unverifiable `noodle` CLI with broad execution and install side effects, so trust in installation and execution is not established; this drives high security risk even without evidence of confirmed malware or external credential exfiltration.