The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes various git commands such as 'git worktree add' and 'git rev-parse', and automates project maintenance tasks like 'cargo build', 'go mod download', and test execution suites ('npm test', 'cargo test', 'pytest', etc.). It also performs automated commits when updating .gitignore files.
[EXTERNAL_DOWNLOADS]: The skill facilitates the download and installation of external dependencies through package managers like npm, pip, poetry, and go mod. These operations occur when setting up the new worktree environment based on the project's configuration files.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it reads and acts upon instructions from files that could be controlled by an external attacker (e.g., via a malicious pull request).
Ingestion points: The skill searches CLAUDE.md for worktree directory preferences and checks for the existence of configuration files like package.json, Cargo.toml, requirements.txt, pyproject.toml, and go.mod to decide which setup commands to run.
Boundary markers: No delimiters or instructions to ignore embedded commands are used when processing these files.
Capability inventory: The skill possesses significant shell execution capabilities including the ability to run arbitrary project scripts via package managers (e.g., npm install can trigger pre/post-install scripts, and test runners can execute arbitrary code).
Sanitization: There is no validation or sanitization of the project names, branch names, or file contents before they are used in shell commands or logic gates.

Using Git Worktrees