Skills
skills/sandman-ren/skills/create-workspace/Gen Agent Trust Hub

create-workspace

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill clones git repositories from user-provided or resolved URLs.
  • The git clone command is used in SKILL.md to fetch primary repositories and dependencies into structured directories.
  • GitHub shorthands are resolved to full HTTPS URLs using the gh CLI or GitHub MCP tools.
  • [COMMAND_EXECUTION]: Executes several system and git commands to scaffold the workspace.
  • Uses mkdir to create the project directory structure (repositories, docs, deps, tasks, sketch).
  • Uses git worktree to manage independent working trees for parallel development across multiple repositories.
  • Utilizes the gh CLI to query repository metadata when shorthands are provided.
  • Generates a .claude/settings.json file that defines a sandbox for future agent commands, explicitly blocking high-risk operations like sudo, rm -rf, and access to sensitive files like ~/.ssh or .env.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 04:07 AM