better-work
Warn
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill's initialization workflow creates a global state directory in the home folder (
~/.better-work/) and performs shell-level operations including initializing git repositories and creating symbolic links between project directories and the home directory. - [COMMAND_EXECUTION]: The skill modifies persistent agent configuration by injecting behavioral instructions into
CLAUDE.mdfiles at both project and global (~/.claude/CLAUDE.md) levels. The documentation states that global injection is the default behavior and is performed without a separate prompt. - [EXTERNAL_DOWNLOADS]: The skill references external GitHub repositories (e.g.,
github.com/d-wwei/better-code) and instructs the agent to delegate tasks to these external subskills, potentially involving the installation or execution of external components. - [COMMAND_EXECUTION]: The protocol uses the
Agenttool to dynamically spawn sub-agents for 'Adversarial Reviews', which involves task delegation to separate agent instances for architectural and logic verification. - [COMMAND_EXECUTION]: The skill maintains a global project registry in
~/.better-work/registry.yml, involving cross-session reading and writing of project metadata such as file paths and initialization timestamps.
Audit Metadata