worktree

This worktree skill is functionally coherent with its stated purpose (creating, listing, removing git worktrees). The primary security concerns are operational rather than overtly malicious: (1) automatic copying of environment/config files into new worktrees can duplicate secrets and increase their exposure; (2) automating package installs pulls remote code (supply-chain risk) during creation; and (3) the documented destructive operations (rm -rf, git branch -D) are legitimate but dangerous if used without careful confirmation. The documentation includes reasonable safeguards (confirmations, checks for uncommitted/unpushed changes, name sanitization examples), but a concrete implementation must enforce input sanitization, provide an explicit opt-out for copying sensitive files and for auto-installing dependencies, and ensure confirmations are interactive (not silently bypassed) to avoid accidental data loss or credential leakage. Overall this skill is useful but has moderate security risk if run with broad automation privileges or without user-visible safeguards.