using-git-worktrees

This skill is coherent with its stated purpose (creating isolated git worktrees and bootstrapping project environments) but contains several supply-chain and autonomy risks. The main risks are automated network fetch-and-execute operations (npm/pip/cargo/go installs and running tests) combined with automatic repository mutations (adding and committing .gitignore entries). If an AI agent or user follows the skill's steps without isolation or explicit per-action consent, malicious or compromised dependency install scripts could run on the host and repository history could be altered programmatically. Mitigations: require manual confirmation before committing changes, mandate sandboxed execution (containers/virtualenvs) for installs and tests, prefer using lockfiles and integrity checks, and avoid auto-committing repository changes without clear user consent. Overall this is not overtly malicious but has moderate supply-chain risk and should be used with caution and additional safeguards.