using-git-worktrees
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes Git commands (
git worktree add,git check-ignore,git rev-parse) to manage isolated workspaces. It also attempts to discover and execute project-specific setup and test commands from the repository's documentation or configuration files. This is standard behavior for a development-oriented AI agent skill. - [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection because it reads and follows instructions from repository-controlled files such as
AGENTS.mdandREADME.mdto determine how to set up and test the workspace. - Ingestion points:
AGENTS.md,README.md,Makefile,package.json(within the target repository). - Boundary markers: Absent. The skill does not explicitly warn the agent to ignore instructions embedded in these files.
- Capability inventory: Shell command execution via Git and platform-specific tooling.
- Sanitization: Absent. However, the skill includes a safety step to report test failures to the user and ask for guidance before proceeding, which acts as a manual checkpoint.
Audit Metadata