discard
Pass
Audited by Gen Agent Trust Hub on Jul 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were identified in the provided files. The skill correctly implements the intended functionality of managing local Git worktrees.
- [COMMAND_EXECUTION]: The skill executes local Bash and PowerShell scripts to perform its tasks. These scripts safely pass user-provided arguments (like repository paths and branch names) to a Node.js utility using proper argument quoting and array/splatting techniques, which minimizes the risk of command injection.
- [DATA_EXFILTRATION]: No network operations or unauthorized data access patterns were found. The skill's operations are confined to the local file system and Git repository as described.
- [PROMPT_INJECTION]: The instructions provided in the SKILL.md file are descriptive and do not contain attempts to override safety filters or manipulate agent behavior outside of the skill's defined scope.
Audit Metadata