using-git-worktrees
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes standard development and version control commands (git worktree, npm install, cargo build, etc.) to set up isolated workspaces. These actions are aligned with the skill's stated purpose of automating environment preparation.
- [EXTERNAL_DOWNLOADS]: The skill uses official package managers (npm, pip, poetry, go, cargo) to install project dependencies from their respective official registries. This is expected behavior for developer-oriented tools.
- [DATA_EXPOSURE]: The skill accesses project configuration files (package.json, Cargo.toml, CLAUDE.md) and creates worktrees in local or specific configuration directories (~/.config/superpowers/worktrees/). No sensitive file access (e.g., SSH keys, AWS credentials) or external exfiltration was detected.
Audit Metadata