Skills
skills/joshuadavidthomas/superpowers/using-git-worktrees/Gen Agent Trust Hub

using-git-worktrees

Pass

Audited by Gen Agent Trust Hub on Mar 25, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shell commands to manage Git worktrees and project-specific build and test tools including git, npm, cargo, pip, poetry, and go.
  • [EXTERNAL_DOWNLOADS]: During project setup, the skill triggers package managers to download dependencies from official registries (e.g., npmjs, PyPI).
  • [PROMPT_INJECTION]: The skill reads the CLAUDE.md file to determine directory preferences, which presents an indirect prompt injection surface.
  • Ingestion points: CLAUDE.md (via grep in SKILL.md)
  • Boundary markers: Absent
  • Capability inventory: Shell execution, Git modifications, and dependency installation (via SKILL.md)
  • Sanitization: Absent
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 25, 2026, 06:55 AM