The Agent Skills Directory

[COMMAND_EXECUTION]: The skill relies on several local binaries located in ~/.claude/skills/gstack/bin/ to facilitate its operations. These include scripts for update checks (gstack-update-check), configuration management (gstack-config), and telemetry logging. It also uses shell execution to manage session state in ~/.gstack/sessions and analytics in ~/.gstack/analytics/.
[DATA_EXFILTRATION]: Features integrated telemetry that records skill usage metrics (duration, outcome, and session IDs) and transmits them to an external endpoint via gstack-telemetry-log. Additionally, it includes an 'Artifacts Sync' capability that can synchronize project artifacts like designs and plans with a private GitHub repository for cross-machine access. These operations are gated by user consent prompts via AskUserQuestion.
[REMOTE_CODE_EXECUTION]: Employs dynamic shell execution patterns such as source <(...) and eval "$(...)" to load environment variables and repository-specific logic from the vendor's local scripts (e.g., gstack-repo-mode and gstack-slug).
[EXTERNAL_DOWNLOADS]: Interacts with GitHub and GitLab APIs to fetch Pull Request data and Greptile review comments. It also performs periodic checks for skill updates from the vendor's infrastructure.
[INDIRECT_PROMPT_INJECTION]: The skill processes untrusted external data, specifically git diffs and PR comments, which are analyzed by subagents. While these subagents are instructed to follow specific checklists, the ingestion of untrusted code into the agent's context without explicit boundary markers presents a surface for indirect prompt injection, though mitigated by the agent platform's internal safeguards.

review