Skills
skills/garrytan/gstack/retro/Gen Agent Trust Hub

retro

Warn

Audited by Gen Agent Trust Hub on May 10, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill employs eval and source on output from dynamically located gstack binaries (e.g., gstack-slug and gstack-repo-mode) to initialize session environment variables.
  • [PROMPT_INJECTION]: Indirect prompt injection vulnerabilities exist as the skill ingests and processes untrusted data from the local repository (such as git log, TODOS.md, and retro-context.md) and integrates it into its analytical narrative without strict boundary markers.
  • [COMMAND_EXECUTION]: Extensive use of shell scripts to perform deep repository analysis, manage session state in the user's home directory, and modify project-level configuration files such as CLAUDE.md.
  • [EXTERNAL_DOWNLOADS]: The skill automatically executes git fetch and git merge commands against the remote origin to ensure retrospective data is synchronized with the upstream repository.
  • [DATA_EXFILTRATION]: Includes a telemetry framework that logs skill usage, repository identifiers, and execution outcomes to local storage, with capabilities to transmit this data to a remote service if enabled by the user.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 10, 2026, 12:18 PM