Skills
skills/marioxe301/super-worktree/super-worktree/Gen Agent Trust Hub

super-worktree

Warn

Audited by Gen Agent Trust Hub on May 7, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill implements a 'Lifecycle hooks' feature that executes arbitrary shell commands defined in configuration files.
  • Evidence found in scripts/lib/util.sh (function run_hook) and scripts/lib/workspace.sh (function run_ws_hook).
  • Commands are executed via bash -c "$hook_cmd".
  • Hook definitions (preCreate, postCreate, preDelete, postDelete) are read from repository-specific files such as .super-worktree.json or super-worktree.workspace.json.
  • [CREDENTIALS_UNSAFE]: The skill is explicitly designed to discover and propagate sensitive files across the file system.
  • The copy_sensitive_files function in scripts/lib/sync.sh targets patterns like .env, *.secret, *.key, credentials.json, and auth.json.
  • The configuration allows for environment variable interpolation in copyFiles paths, enabling the copying of global secrets such as ${HOME}/.aws/credentials into project worktrees.
  • [EXTERNAL_DOWNLOADS]: The script scripts/validate-skills.sh performs dynamic package installation.
  • It executes npm install --silent yaml@^2.8.0 to a temporary directory if the package is not already present.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 7, 2026, 08:06 PM