worktree-clean
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to perform file system and Git operations, specifically git worktree remove, git branch -d, and git worktree prune.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface. 1. Ingestion points: The skill ingests untrusted data via the $ARGUMENTS variable in SKILL.md. 2. Boundary markers: Absent; there are no explicit delimiters or instructions to ignore embedded commands in the input. 3. Capability inventory: The skill uses Bash to execute commands that can delete files and modify the Git repository state. 4. Sanitization: Absent; the skill does not specify any validation or escaping for the input before processing.
Audit Metadata