env-sync
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXPOSURE] (SAFE): The skill intentionally interacts with .env files to synchronize environment variables across git worktrees. It contains explicit instructions for the AI agent to never display the contents of these files to the user, mitigating accidental secret exposure.
- [COMMAND_EXECUTION] (SAFE): Uses standard shell commands (cat, grep, sed, cp) to manage local files. The operations are restricted to the git repository's context and include validation steps to ensure paths are legitimate git directories before performing the copy operation.
- [PROMPT_INJECTION] (SAFE): No malicious instructions or bypass attempts detected. The instructions are focused on operational safety and user confirmation.
Audit Metadata