The Agent Skills Directory

[COMMAND_EXECUTION]: The skill frequently executes local binaries from ~/.claude/skills/gstack/bin/ to manage configurations (gstack-config), project context (gstack-slug, gstack-repo-mode), and telemetry logging (gstack-telemetry-log).
[REMOTE_CODE_EXECUTION]: Employs dynamic execution patterns by sourcing command output (source <(...)) and evaluating strings returned by local binaries (eval "$(...)"). This occurs with the gstack-repo-mode and gstack-slug utilities.
[REMOTE_CODE_EXECUTION]: Utilizes the codex CLI to perform automated reviews. This involves sending dynamically constructed instruction sets to an external execution environment.
[DATA_EXFILTRATION]: Contains logic for logging telemetry data to local storage and potentially transmitting it externally, depending on user-defined settings managed via gstack-config.
[DATA_EXFILTRATION]: Provides an opt-in feature to synchronize project artifacts (plans, reports, and designs) to a private GitHub repository for use with the GBrain indexing service.
[COMMAND_EXECUTION]: Performs automated repository modifications, including editing CLAUDE.md to add routing rules and executing git commit to persist these changes. It also creates project-specific restore points in ~/.gstack/projects/.
[PROMPT_INJECTION]: Exhibits an attack surface for indirect prompt injection by processing project code and plan files and including them in prompts for sub-agents.
Ingestion points: Repository source code, CLAUDE.md, TODOS.md, and project plan files.
Boundary markers: Includes a specific instruction in prompts sent to the Codex tool to ignore SKILL.md files, intended to prevent the tool from following instructions embedded in those files.
Capability inventory: The skill has access to shell execution, filesystem modification, and web search tools.
Sanitization: Relying on instructional boundaries to isolate data from instructions during prompt construction.

autoplan