Skills
skills/duc01226/easyplatform/worktree/Gen Agent Trust Hub

worktree

Warn

Audited by Gen Agent Trust Hub on Apr 10, 2026

Risk Level: MEDIUMDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill identifies, lists, and copies sensitive environment configuration files (matching the .env* pattern) when setting up new worktrees.
  • Evidence: Step 1 (info command) detects envFiles and Step 2 asks the user to select files to be copied to the new worktree directory.
  • [COMMAND_EXECUTION]: The skill executes a local Node.js script (.claude/scripts/worktree.cjs) via shell commands that incorporate variables derived from user input, such as project names and feature descriptions.
  • Evidence: Step 4 shows the construction of execution strings like node .claude/scripts/worktree.cjs create "<PROJECT>" "<SLUG>" --prefix <TYPE> --env "<FILES>".
  • [PROMPT_INJECTION]: The skill contains instructional blocks that use imperative language to mandate specific task-planning behaviors and override default agent operation modes.
  • Evidence: Frontmatter-adjacent 'IMPORTANT' blocks and 'IMPORTANT Task Planning Notes' at the end of the file dictate how the agent must break down tasks and verify work.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 10, 2026, 07:25 AM
Security Audit — agent-trust-hub — worktree