Skip to main content

worktree-operations

Provides guidance for managing git worktrees in the Orient monorepo, including setup, dependency installation, and troubleshooting.

Install this skill

or
0/100

Security score

The worktree-operations skill was audited on Feb 25, 2026 and we found 168 security issues across 4 threat categories, including 1 high-severity. Review the findings below before installing.

Categories Tested

Security Issues

medium line 1992

Template literal with variable interpolation in command context

SourceSKILL.md
1992return fetchAPI(`/apps/${appName}/edit`, {...});
medium line 1995

Template literal with variable interpolation in command context

SourceSKILL.md
1995return apiRequest(`/apps/${appName}/edit`, {...});
medium line 2787

Template literal with variable interpolation in command context

SourceSKILL.md
2787```
medium line 2793

Template literal with variable interpolation in command context

SourceSKILL.md
2793```yaml
medium line 2826

Template literal with variable interpolation in command context

SourceSKILL.md
2826```yaml
medium line 2838

Template literal with variable interpolation in command context

SourceSKILL.md
2838```bash
medium line 2910

Template literal with variable interpolation in command context

SourceSKILL.md
2910```bash
medium line 2939

Template literal with variable interpolation in command context

SourceSKILL.md
2939```bash
medium line 2972

Template literal with variable interpolation in command context

SourceSKILL.md
2972```bash
medium line 3091

Template literal with variable interpolation in command context

SourceSKILL.md
3091```bash
medium line 3103

Template literal with variable interpolation in command context

SourceSKILL.md
3103```bash
medium line 3114

Template literal with variable interpolation in command context

SourceSKILL.md
3114```bash
high line 3130

Template literal with variable interpolation in command context

SourceSKILL.md
3130| `SQLITE_DB_PATH` | `.dev-data/instance-0/orient.db` | `.dev-data/instance-9/orient.db` | `.dev-data/instance-${ID}/...` |
medium line 3159

Template literal with variable interpolation in command context

SourceSKILL.md
3159```bash
medium line 3282

Template literal with variable interpolation in command context

SourceSKILL.md
3282```bash
medium line 3299

Template literal with variable interpolation in command context

SourceSKILL.md
3299```bash
medium line 3409

Template literal with variable interpolation in command context

SourceSKILL.md
3409```bash
medium line 128

Curl to non-GitHub URL

SourceSKILL.md
128curl -s http://localhost:4099/global/health || echo "OpenCode not running"
medium line 2339

Curl to non-GitHub URL

SourceSKILL.md
2339TOKEN=$(curl -X POST http://localhost:4098/api/auth/login \
medium line 2642

Curl to non-GitHub URL

SourceSKILL.md
2642curl http://localhost:13098/api/prompts
medium line 3610

Curl to non-GitHub URL

SourceSKILL.md
3610# Check API endpoints with curl
medium line 375

Access to hidden dotfiles in home directory

SourceSKILL.md
375- Content-addressable store at `~/.pnpm-store`
low line 739

Access to hidden dotfiles in home directory

SourceSKILL.md
739export TURBO_CACHE_DIR=~/.turbo-cache
low line 742

Access to hidden dotfiles in home directory

SourceSKILL.md
742"build": "TURBO_CACHE_DIR=~/.turbo-cache turbo run build"
low line 764

Access to hidden dotfiles in home directory

SourceSKILL.md
764rm -rf ~/.turbo-cache
low line 140

Access to .env file

SourceSKILL.md
140# cp $ROOT_WORKTREE_PATH/.env .env
low line 155

Access to .env file

SourceSKILL.md
155# Your .env already points to the shared dev database
medium line 172

Access to .env file

SourceSKILL.md
1722. Updates your `.env` with the new SQLITE_DB_PATH
low line 1817

Access to .env file

SourceSKILL.md
1817.env.local
low line 1818

Access to .env file

SourceSKILL.md
1818.env.*.local
low line 2035

Access to .env file

SourceSKILL.md
2035repoPath: process.env.REPO_PATH || process.cwd(),
low line 2036

Access to .env file

SourceSKILL.md
2036worktreeBase: process.env.APP_WORKTREES_PATH,
low line 2040

Access to .env file

SourceSKILL.md
2040process.env.OPENCODE_SERVER_URL || 'http://localhost:4099',
low line 2041

Access to .env file

SourceSKILL.md
2041process.env.OPENCODE_DEFAULT_MODEL
low line 2049

Access to .env file

SourceSKILL.md
2049portalBaseUrl: process.env.OPENCODE_PORTAL_URL || 'http://localhost:4099',
low line 2112

Access to .env file

SourceSKILL.md
2112config: process.env.MY_CONFIG,
low line 2240

Access to .env file

SourceSKILL.md
2240openCodeUrl: process.env.OPENCODE_SERVER_URL,
low line 2241

Access to .env file

SourceSKILL.md
2241repoPath: process.env.REPO_PATH,
low line 2317

Access to .env file

SourceSKILL.md
2317const db = createMiniappEditDatabase(process.env.SQLITE_DB_PATH!);
medium line 2360

Access to .env file

SourceSKILL.md
23607. **✅ Provide fallback defaults** - Use `process.env.VAR || 'default'`
medium line 2720

Access to .env file

SourceSKILL.md
2720Environment files (`.env`, `.env.local`) should be copied from main worktree:
low line 2723

Access to .env file

SourceSKILL.md
2723cp $ROOT_WORKTREE_PATH/.env .env
low line 2724

Access to .env file

SourceSKILL.md
2724cp $ROOT_WORKTREE_PATH/.env.local .env.local 2>/dev/null || true
medium line 2856

Access to .env file

SourceSKILL.md
2856**Critical Setup**: When copying `.env` from the main repo to a worktree, you MUST update instance-specific values or services will use the wrong database and storage.
medium line 2862

Access to .env file

SourceSKILL.md
2862**Root Cause**: `.env` contains hard-coded values for instance 0:
low line 2914

Access to .env file

SourceSKILL.md
2914# 2. Update SQLITE_DB_PATH in .env
low line 2915

Access to .env file

SourceSKILL.md
2915sed -i '' "s|^SQLITE_DB_PATH=.*|SQLITE_DB_PATH=.dev-data/instance-${AI_INSTANCE_ID}/orient.db|" .env
low line 2922

Access to .env file

SourceSKILL.md
2922grep SQLITE_DB_PATH .env
low line 2943

Access to .env file

SourceSKILL.md
2943# Check if S3_ENDPOINT exists in .env
low line 2944

Access to .env file

SourceSKILL.md
2944if grep -q "^S3_ENDPOINT=" .env; then
low line 2946

Access to .env file

SourceSKILL.md
2946sed -i '' "s|^S3_ENDPOINT=.*|S3_ENDPOINT=http://localhost:${MINIO_API_PORT}|" .env
low line 2949

Access to .env file

SourceSKILL.md
2949echo "S3_ENDPOINT=http://localhost:${MINIO_API_PORT}" >> .env
low line 2953

Access to .env file

SourceSKILL.md
2953if ! grep -q "^AI_INSTANCE_ID=" .env; then
low line 2954

Access to .env file

SourceSKILL.md
2954echo "AI_INSTANCE_ID=${AI_INSTANCE_ID}" >> .env
low line 2958

Access to .env file

SourceSKILL.md
2958grep -E "(S3_ENDPOINT|AI_INSTANCE_ID)" .env
medium line 2968

Access to .env file

SourceSKILL.md
2968#### Complete Worktree .env Setup Script
low line 2975

Access to .env file

SourceSKILL.md
2975# Run after copying .env from main repo
low line 2979

Access to .env file

SourceSKILL.md
2979echo "=== Configuring .env for Worktree Instance ==="
low line 2993

Access to .env file

SourceSKILL.md
2993sed -i '' "s|^SQLITE_DB_PATH=.*|SQLITE_DB_PATH=.dev-data/instance-${AI_INSTANCE_ID}/orient.db|" .env
low line 2998

Access to .env file

SourceSKILL.md
2998if grep -q "^S3_ENDPOINT=" .env; then
low line 2999

Access to .env file

SourceSKILL.md
2999sed -i '' "s|^S3_ENDPOINT=.*|S3_ENDPOINT=http://localhost:${MINIO_API_PORT}|" .env
low line 3001

Access to .env file

SourceSKILL.md
3001echo "S3_ENDPOINT=http://localhost:${MINIO_API_PORT}" >> .env
low line 3006

Access to .env file

SourceSKILL.md
3006if ! grep -q "^AI_INSTANCE_ID=" .env; then
low line 3007

Access to .env file

SourceSKILL.md
3007echo "" >> .env
low line 3008

Access to .env file

SourceSKILL.md
3008echo "# Instance-specific configuration (auto-generated)" >> .env
low line 3009

Access to .env file

SourceSKILL.md
3009echo "AI_INSTANCE_ID=${AI_INSTANCE_ID}" >> .env
low line 3017

Access to .env file

SourceSKILL.md
3017echo " grep -E '(SQLITE_DB_PATH|S3_ENDPOINT|AI_INSTANCE_ID)' .env"
low line 3023

Access to .env file

SourceSKILL.md
3023# After copying .env from main repo
low line 3024

Access to .env file

SourceSKILL.md
3024cp $ROOT_WORKTREE_PATH/.env .env
medium line 3036

Access to .env file

SourceSKILL.md
3036After fixing `.env`, migrate secrets from `.env` to the database:
low line 3039

Access to .env file

SourceSKILL.md
3039# Set master encryption key (from main repo's .env)
medium line 3057

Access to .env file

SourceSKILL.md
30571. Reads secrets from `.env` (e.g., `SLACK_BOT_TOKEN=xoxb-...`)
medium line 3060

Access to .env file

SourceSKILL.md
30604. Services load secrets from database instead of `.env`
medium line 3062

Access to .env file

SourceSKILL.md
3062**Important**: The migration script uses `SQLITE_DB_PATH` from `.env`, which is why fixing it first is critical!
medium line 3066

Access to .env file

SourceSKILL.md
3066After configuring `.env`, verify instance isolation:
low line 3074

Access to .env file

SourceSKILL.md
3074DB_PATH=$(grep SQLITE_DB_PATH .env | cut -d'=' -f2)
low line 3078

Access to .env file

SourceSKILL.md
3078MINIO_PORT=$(grep S3_ENDPOINT .env | grep -oE ':[0-9]+' | tr -d ':')
low line 3098

Access to .env file

SourceSKILL.md
3098sed -i '' "s|^SQLITE_DB_PATH=.*|SQLITE_DB_PATH=.dev-data/instance-${AI_INSTANCE_ID}/orient.db|" .env
low line 3109

Access to .env file

SourceSKILL.md
3109sed -i '' "s|instance-[0-9]|instance-${AI_INSTANCE_ID}|g" .env
low line 3120

Access to .env file

SourceSKILL.md
3120echo "S3_ENDPOINT=http://localhost:${MINIO_API_PORT}" >> .env
medium line 3138

Access to .env file

SourceSKILL.md
3138- `SLACK_BOT_TOKEN` - Stored in database, not `.env`
medium line 3139

Access to .env file

SourceSKILL.md
3139- `OPENAI_API_KEY` - Stored in database, not `.env`
medium line 3144

Access to .env file

SourceSKILL.md
3144**CRITICAL**: When running multiple instances, you MUST verify that your `.env` file is properly configured for your instance. A common issue is copying `.env` from the main repo without updating inst
medium line 3148

Access to .env file

SourceSKILL.md
3148Run this one-liner to check if your `.env` matches your instance:
low line 3152

Access to .env file

SourceSKILL.md
3152grep SQLITE_DB_PATH .env | grep -q "instance-$AI_INSTANCE_ID" && echo "✅ SQLITE_DB_PATH OK" || echo "❌ SQLITE_DB_PATH WRONG (expected instance-$AI_INSTANCE_ID)"
low line 3189

Access to .env file

SourceSKILL.md
3189CURRENT_DB_PATH=$(grep "^SQLITE_DB_PATH=" .env 2>/dev/null | cut -d'=' -f2-)
low line 3191

Access to .env file

SourceSKILL.md
3191echo " ❌ SQLITE_DB_PATH not found in .env"
low line 3206

Access to .env file

SourceSKILL.md
3206S3_ENDPOINT=$(grep "^S3_ENDPOINT=" .env 2>/dev/null | cut -d'=' -f2-)
low line 3221

Access to .env file

SourceSKILL.md
3221# Check AI_INSTANCE_ID in .env
low line 3223

Access to .env file

SourceSKILL.md
3223echo "🔍 Checking AI_INSTANCE_ID in .env..."
low line 3224

Access to .env file

SourceSKILL.md
3224ENV_INSTANCE_ID=$(grep "^AI_INSTANCE_ID=" .env 2>/dev/null | cut -d'=' -f2-)
low line 3226

Access to .env file

SourceSKILL.md
3226echo " ⚠️ AI_INSTANCE_ID not set in .env (relies on auto-detection)"
low line 3228

Access to .env file

SourceSKILL.md
3228echo " ❌ AI_INSTANCE_ID in .env ($ENV_INSTANCE_ID) differs from detected ($AI_INSTANCE_ID)"
low line 3271

Access to .env file

SourceSKILL.md
3271echo " sed -i '' 's|instance-[0-9]|instance-$AI_INSTANCE_ID|g' .env"
low line 3274

Access to .env file

SourceSKILL.md
3274echo " echo 'S3_ENDPOINT=http://localhost:$MINIO_API_PORT' >> .env"
low line 3289

Access to .env file

SourceSKILL.md
3289# Fix SQLITE_DB_PATH in .env
low line 3290

Access to .env file

SourceSKILL.md
3290sed -i '' "s|^SQLITE_DB_PATH=.*|SQLITE_DB_PATH=.dev-data/instance-${AI_INSTANCE_ID}/orient.db|" .env
low line 3294

Access to .env file

SourceSKILL.md
3294grep SQLITE_DB_PATH .env
low line 3304

Access to .env file

SourceSKILL.md
3304if grep -q "^S3_ENDPOINT=" .env; then
low line 3306

Access to .env file

SourceSKILL.md
3306sed -i '' "s|^S3_ENDPOINT=.*|S3_ENDPOINT=http://localhost:${MINIO_API_PORT}|" .env
low line 3309

Access to .env file

SourceSKILL.md
3309echo "S3_ENDPOINT=http://localhost:${MINIO_API_PORT}" >> .env
low line 3313

Access to .env file

SourceSKILL.md
3313if ! grep -q "^AI_INSTANCE_ID=" .env; then
low line 3314

Access to .env file

SourceSKILL.md
3314echo "AI_INSTANCE_ID=${AI_INSTANCE_ID}" >> .env
low line 3317

Access to .env file

SourceSKILL.md
3317echo "Updated .env:"
low line 3318

Access to .env file

SourceSKILL.md
3318grep -E "(S3_ENDPOINT|AI_INSTANCE_ID)" .env
low line 3331

Access to .env file

SourceSKILL.md
3331grep SQLITE_DB_PATH .env
low line 3389

Access to .env file

SourceSKILL.md
3389grep SQLITE_DB_PATH .env # Should show instance-1
low line 3391

Access to .env file

SourceSKILL.md
3391grep SQLITE_DB_PATH .env # Should show instance-6
low line 3399

Access to .env file

SourceSKILL.md
3399grep S3_ENDPOINT .env
low line 3410

Access to .env file

SourceSKILL.md
3410# Copy .env from main and fix instance-specific values
low line 3411

Access to .env file

SourceSKILL.md
3411cp /path/to/main/repo/.env .env
low line 3420

Access to .env file

SourceSKILL.md
3420cat >> .env << EOF
low line 3428

Access to .env file

SourceSKILL.md
3428sed -i '' "s|^SQLITE_DB_PATH=.*|SQLITE_DB_PATH=.dev-data/instance-${AI_INSTANCE_ID}/orient.db|" .env
medium line 3716

Access to .env file

SourceSKILL.md
3716- Environment files (`.env`) - Keep staging's version
low line 3876

Access to .env file

SourceSKILL.md
3876cp $MAIN_REPO/.env .env
low line 3877

Access to .env file

SourceSKILL.md
3877cp $MAIN_REPO/.env.local .env.local 2>/dev/null || true
low line 3878

Access to .env file

SourceSKILL.md
3878cp $MAIN_REPO/.env.staging .env.staging 2>/dev/null || true
low line 3891

Access to .env file

SourceSKILL.md
3891cp $ROOT_WORKTREE_PATH/.env .env
low line 3897

Access to .env file

SourceSKILL.md
3897# Link to main repo's .env (changes affect all worktrees!)
low line 3898

Access to .env file

SourceSKILL.md
3898ln -s $ROOT_WORKTREE_PATH/.env .env
low line 4032

Access to .env file

SourceSKILL.md
4032# Conflict in .env or config files
low line 4035

Access to .env file

SourceSKILL.md
4035git checkout --theirs .env
low line 4036

Access to .env file

SourceSKILL.md
4036git checkout --theirs .env.local
low line 4037

Access to .env file

SourceSKILL.md
4037git add .env .env.local
medium line 4196

Access to .env file

SourceSKILL.md
4196#### Pattern 3: Environment File Conflicts (.env, .env.local)
low line 4202

Access to .env file

SourceSKILL.md
4202git checkout --ours .env
low line 4203

Access to .env file

SourceSKILL.md
4203git checkout --ours .env.local 2>/dev/null || true
low line 4204

Access to .env file

SourceSKILL.md
4204git add .env .env.local
low line 4208

Access to .env file

SourceSKILL.md
4208cp .env .env.backup
low line 4211

Access to .env file

SourceSKILL.md
4211git checkout --theirs .env
low line 4214

Access to .env file

SourceSKILL.md
4214diff .env.backup .env # See what changed
low line 4215

Access to .env file

SourceSKILL.md
4215# Add any new variables you need to .env.backup
low line 4216

Access to .env file

SourceSKILL.md
4216mv .env.backup .env
low line 4217

Access to .env file

SourceSKILL.md
4217git add .env
low line 4305

Access to .env file

SourceSKILL.md
4305# Handle .env (keep ours)
low line 4306

Access to .env file

SourceSKILL.md
4306if git diff --name-only --diff-filter=U | grep -q ".env"; then
low line 4307

Access to .env file

SourceSKILL.md
4307git checkout --ours .env
low line 4315

Access to .env file

SourceSKILL.md
4315git add pnpm-lock.yaml .env 2>/dev/null || true
medium line 4382

Access to .env file

SourceSKILL.md
43823. **✅ Keep your .env file (use `git checkout --ours .env`)**
low line 128

External URL reference

SourceSKILL.md
128curl -s http://localhost:4099/global/health || echo "OpenCode not running"
low line 1719

External URL reference

SourceSKILL.md
1719target: 'http://localhost:4098',
low line 2040

External URL reference

SourceSKILL.md
2040process.env.OPENCODE_SERVER_URL || 'http://localhost:4099',
low line 2049

External URL reference

SourceSKILL.md
2049portalBaseUrl: process.env.OPENCODE_PORTAL_URL || 'http://localhost:4099',
low line 2152

External URL reference

SourceSKILL.md
2152OPENCODE_SERVER_URL=http://localhost:4099 # OpenCode API endpoint
low line 2153

External URL reference

SourceSKILL.md
2153OPENCODE_PORTAL_URL=http://localhost:4099 # OpenCode web portal
low line 2169

External URL reference

SourceSKILL.md
2169OPENCODE_SERVER_URL=http://localhost:4099 # API endpoint
low line 2339

External URL reference

SourceSKILL.md
2339TOKEN=$(curl -X POST http://localhost:4098/api/auth/login \
low line 2346

External URL reference

SourceSKILL.md
2346http://localhost:4098/api/apps/sessions/active
low line 2642

External URL reference

SourceSKILL.md
2642curl http://localhost:13098/api/prompts
low line 2740

External URL reference

SourceSKILL.md
2740Main repo (Instance 0): http://localhost:80 (ports: 80, 4098, 9000)
low line 2741

External URL reference

SourceSKILL.md
2741Worktree 1 (Instance 1): http://localhost:1080 (ports: 1080, 5098, 10000)
low line 2742

External URL reference

SourceSKILL.md
2742Worktree 2 (Instance 2): http://localhost:2080 (ports: 2080, 6098, 11000)
low line 2750

External URL reference

SourceSKILL.md
2750echo "Dashboard: http://localhost:$NGINX_PORT"
low line 2866

External URL reference

SourceSKILL.md
2866S3_ENDPOINT=http://localhost:9000
low line 2946

External URL reference

SourceSKILL.md
2946sed -i '' "s|^S3_ENDPOINT=.*|S3_ENDPOINT=http://localhost:${MINIO_API_PORT}|" .env
low line 2949

External URL reference

SourceSKILL.md
2949echo "S3_ENDPOINT=http://localhost:${MINIO_API_PORT}" >> .env
low line 2964

External URL reference

SourceSKILL.md
2964S3_ENDPOINT=http://localhost:18000
low line 2999

External URL reference

SourceSKILL.md
2999sed -i '' "s|^S3_ENDPOINT=.*|S3_ENDPOINT=http://localhost:${MINIO_API_PORT}|" .env
low line 3001

External URL reference

SourceSKILL.md
3001echo "S3_ENDPOINT=http://localhost:${MINIO_API_PORT}" >> .env
low line 3003

External URL reference

SourceSKILL.md
3003echo " ✅ S3_ENDPOINT: http://localhost:${MINIO_API_PORT}"
low line 3120

External URL reference

SourceSKILL.md
3120echo "S3_ENDPOINT=http://localhost:${MINIO_API_PORT}" >> .env
low line 3131

External URL reference

SourceSKILL.md
3131| `S3_ENDPOINT` | `http://localhost:9000` | `http://localhost:18000` | 9000 + (ID × 1000) |
low line 3209

External URL reference

SourceSKILL.md
3209echo " Expected: http://localhost:$MINIO_API_PORT"
low line 3274

External URL reference

SourceSKILL.md
3274echo " echo 'S3_ENDPOINT=http://localhost:$MINIO_API_PORT' >> .env"
low line 3306

External URL reference

SourceSKILL.md
3306sed -i '' "s|^S3_ENDPOINT=.*|S3_ENDPOINT=http://localhost:${MINIO_API_PORT}|" .env
low line 3309

External URL reference

SourceSKILL.md
3309echo "S3_ENDPOINT=http://localhost:${MINIO_API_PORT}" >> .env
low line 3424

External URL reference

SourceSKILL.md
3424S3_ENDPOINT=http://localhost:$MINIO_API_PORT
low line 3611

External URL reference

SourceSKILL.md
3611curl -H "Authorization: Bearer $TOKEN" http://localhost:4098/api/my-feature/test
Scanned on Feb 25, 2026
View Security Dashboard

Install this skill with one command

/learn @orient-bot/worktree-operations
GitHub Stars 8
Rate this skill
Categorydevelopment
UpdatedMarch 29, 2026
openclawbackendgitbackend-developerdevops-sretechnical-supportslackdevelopmentsupport
orient-bot/orient