The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: Downloads the Bun installation script from the official domain https://bun.sh/install.
[COMMAND_EXECUTION]: Executes the downloaded Bun installer script only after verifying its SHA256 integrity against a hardcoded hash (bab8acfb...).
[COMMAND_EXECUTION]: Executes a series of local utility binaries and shell scripts within the vendor's directory (~/.claude/skills/gstack/bin/) to manage configuration, repository indexing, and session logging.
[COMMAND_EXECUTION]: Uses eval and source to dynamically load shell environments and repository configuration generated by local binaries.
[DATA_EXFILTRATION]: Logs skill usage telemetry (skill name, duration, repository name) to a local file and a remote endpoint, which is user-configurable and opt-in/opt-out.
[DATA_EXFILTRATION]: Accesses and imports browser cookies from the local filesystem to enable authenticated web browsing; this is the primary functionality of the skill.
[PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection via ingested data.
Ingestion points: Reads from learnings.jsonl, CLAUDE.md, and semantic search results via the gbrain tool.
Boundary markers: No explicit delimiters or boundary instructions are present to separate untrusted data from instructions.
Capability inventory: The skill can execute shell commands, perform network operations via git and telemetry binaries, and interact with the local browser filesystem.
Sanitization: No sanitization of ingested content from project files or indexed data was identified.

setup-browser-cookies