Skills
skills/onsager-ai/dev-skills/worktree-discipline/Gen Agent Trust Hub

worktree-discipline

Pass

Audited by Gen Agent Trust Hub on Jun 12, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill's installation instructions require modifying the global Git configuration via git config --global core.hooksPath ~/.githooks. This is a persistent environmental modification that affects how Git operates for all repositories on the machine.
  • [COMMAND_EXECUTION]: The scripts/pre-commit script uses the exec command to run repository-local scripts located at .githooks/pre-commit. This delegation pattern allows the global hook to coexist with repository-specific validation logic.
  • [COMMAND_EXECUTION]: The script executes several standard Git commands (git rev-parse, git symbolic-ref) and shell utilities (grep) to inspect the repository state, identify the current branch, and detect the presence of environment markers in .envrc files.
  • [DATA_EXPOSURE]: The hook reads the contents of .envrc files to identify repositories that have been onboarded to the vendor's specific development flow by searching for the DEV_HOST environment variable marker.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 12, 2026, 10:41 PM
Security Audit — agent-trust-hub — worktree-discipline