findskill.top logo
findskill.top Skill Marketplace Detail
agentskill.sh secured

using-git-worktrees

Use when starting feature work that needs isolation from current workspace or before executing implementation plans - creates isolated git worktrees with smart directory selection and safety verification

@obra skills/using-git-worktrees/SKILL.md GitHub Stars 87,265

Security score

This tab presents tested categories, issue summaries, and source snippets in an audit-style report.

Security score 92/100
Audited on Mar 28, 2026
Audit summary 0 / 1 / 3

High / Medium / Low

Categories 4
Findings 4
Platforms 1
Sources 1

Categories Tested

Instruction boundariesFilesystem writesNetwork referencesPlatform-specific install flow

Security Issues

Low File Access
Line 46

Access to hidden dotfiles in home directory

Severity: Low · Category: File Access · Line 46
2. ~/.config/superpowers/worktrees/<project-name>/ (global location)
Medium File Access
Line 71

Access to hidden dotfiles in home directory

Severity: Medium · Category: File Access · Line 71
### For Global Directory (~/.config/superpowers/worktrees)
Low File Access
Line 91

Access to hidden dotfiles in home directory

Severity: Low · Category: File Access · Line 91
~/.config/superpowers/worktrees/*)
Low File Access
Line 92

Access to hidden dotfiles in home directory

Severity: Low · Category: File Access · Line 92
path="~/.config/superpowers/worktrees/$project/$BRANCH_NAME"

Mitigations

Review the upstream repository before copying files into a local skills directory.

Confirm install instructions and supported runtimes against SKILL.md instead of a generic readme.