worktree-implement
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to execute various git commands, including 'git worktree add', 'git worktree remove', and 'git branch -d'. These commands are dynamically constructed based on user input provided in the task description.
- [COMMAND_EXECUTION]: To mitigate risks associated with shell injection or malformed paths, the skill includes explicit instructions for the AI to 'slugify' the user input. This involves converting text to lowercase and replacing all special characters and spaces with hyphens, ensuring the resulting strings are safe for use in shell commands.
- [COMMAND_EXECUTION]: The skill implements safety checkpoints by using the 'AskUserQuestion' tool to prompt for user confirmation before proceeding with worktree creation when uncommitted changes exist, and before removing worktrees or deleting branches.
- [SAFE]: The skill does not perform any network operations, access sensitive credentials, or use obfuscation techniques. Its operations are restricted to the local git repository context.
Audit Metadata