The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill downloads the Bun installation script from the official bun.sh domain during its setup process. This is a well-known service used to provide the runtime environment for the skill's browsing functionality.
[REMOTE_CODE_EXECUTION]: The skill executes the downloaded Bun script using bash to facilitate installation. This operation is protected by a SHA-256 checksum validation step (BUN_INSTALL_SHA) that verifies the integrity of the downloaded file against a known-good hash before it is executed.
[COMMAND_EXECUTION]: The preamble and various workflow steps use eval and source to execute the output of internal binaries (e.g., gstack-slug, gstack-repo-mode) located in the user's local installation directory. These commands are used to maintain session state and project-specific configuration.
[DATA_EXFILTRATION]: The skill includes functionality for telemetry and synchronization of developer artifacts (such as plans and reports). These features are opt-in and require the user to explicitly provide consent via an interactive prompt before any data is transmitted to external services, such as a private GitHub repository.
[PROMPT_INJECTION]: The skill uses a browser tool to ingest untrusted content from external documentation and product landing pages during the audit process, creating an indirect prompt injection surface.
Ingestion points: External web pages visited via the browse tool during the devex-review workflow.
Boundary markers: No explicit delimiters or boundary instructions are provided for the output of the browser tool.
Capability inventory: The skill has access to powerful tools including Bash, Edit, Read, Write, and AskUserQuestion.
Sanitization: No explicit sanitization or filtering of external content is performed before it is added to the agent's context.

devex-review