The Agent Skills Directory

[COMMAND_EXECUTION]: The preamble and skill workflow execute numerous local binaries located in the ~/.claude/skills/gstack/bin/ directory (e.g., gstack-config, gstack-update-check, gstack-developer-profile) to manage session state and user preferences.
[COMMAND_EXECUTION]: Employs eval and source <(...) patterns to dynamically load environment variables and context from the output of local gstack tools, which is standard for the author's toolsuite integration.
[COMMAND_EXECUTION]: Includes git operations like git rm and git commit to facilitate migration from vendored to team-mode installations within the project repository.
[COMMAND_EXECUTION]: Executes inline Javascript via bun -e to perform atomic updates to the developer profile JSON file stored in the user's home directory.
[EXTERNAL_DOWNLOADS]: References and provides an option to open https://garryslist.org/posts/boil-the-ocean to provide users with documentation on development principles, using a domain owned by the skill's author.
[DATA_EXFILTRATION]: Records skill usage telemetry to local files in ~/.gstack/analytics/ and may send aggregated data to the vendor's telemetry endpoint via the gstack-telemetry-log binary, subject to user-configured privacy settings.
[PROMPT_INJECTION]: Identifies an indirect prompt injection surface as the skill ingests project-specific 'learnings' from a JSONL file to provide context-aware suggestions and profile data.
Ingestion points: ~/.gstack/projects/${SLUG}/learnings.jsonl (referenced in SKILL.md preamble)
Boundary markers: Absent around the ingested content
Capability inventory: Access to Bash, Write, Edit, eval, source, and git tools
Sanitization: No explicit sanitization of ingested learning entries is performed before use

plan-tune