The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill downloads the Bun installation script from https://bun.sh/install. Bun is recognized as a well-known service, and the script's integrity is verified via a hardcoded SHA-256 checksum before execution, mitigating the risk of supply-chain attacks.
[REMOTE_CODE_EXECUTION]: Executes the downloaded Bun installer using bash after verification. It also recommends and installs standard testing frameworks like Vitest, Playwright, and Pytest from official registries based on the project's detected runtime.
[COMMAND_EXECUTION]: Extensively uses shell commands for repository management, git operations, and local state tracking. It utilizes eval and source to execute outputs from its own internal binaries (e.g., gstack-slug, gstack-repo-mode), which is a standard pattern for the 'gstack' suite of tools.
[DATA_EXFILTRATION]: Contains an opt-in telemetry system that collects anonymized usage data (skill name, duration, success/fail outcome). The system is transparently presented to the user via interactive prompts and explicitly avoids capturing sensitive information like source code, file paths, or credentials.
[SAFE]: Implements several safety mechanisms, including a requirement for a clean git tree to ensure atomic fix commits, a 'WTF-likelihood' threshold that halts automation if the process becomes unstable, and a hard cap of 50 fixes per session to prevent runaway loops.

qa