worktree-manager

SUSPICIOUS. The core worktree-management behavior is coherent and mostly local, with no clear malicious exfiltration path or untrusted installer chain. Risk is elevated because the skill goes beyond simple worktree management to launch autonomous Claude Code agents, recommends --dangerously-skip-permissions, and may expose copied .env content to those agents while helper-script behavior remains unreviewed.