worktree
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements git worktree management using standard command-line tools like git, jq, and sed. All shell variables derived from external inputs (such as branch names and configuration files) are properly double-quoted to prevent word splitting and basic command injection. Branch name acquisition uses
git rev-parse, which ensures the input is constrained by git's internal naming rules. The use of local configuration files for path resolution is consistent with standard developer tool patterns. No network activity, credential access, or obfuscation techniques were detected.
Audit Metadata