ce-worktree

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill performs runtime git fetch/git worktree add from the remote "origin" (e.g., the repo URL configured as origin such as git@github.com:org/repo.git or https://github.com/..../repo) and may run direnv allow in the created worktree, which can cause the fetched repository's .envrc to be executed — therefore remote repo content fetched at runtime can directly lead to code execution.