The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes various local binaries and shell commands to manage configuration, telemetry, and session state. Specifically, it calls multiple scripts located in the user's home directory at ~/.claude/skills/gstack/bin/ and ~/.gstack/.
[COMMAND_EXECUTION]: Uses dynamic execution patterns such as eval and source <(...) on the output of local binaries (gstack-slug and gstack-repo-mode) to configure the agent's runtime environment.
[DATA_EXFILTRATION]: Includes functionality to sync project artifacts (plans, designs, reports) to a remote GitHub repository via gstack-brain-sync and logs usage telemetry to a remote service using gstack-telemetry-log. These features are presented to the user for opt-in configuration.
[PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection as it reads and parses untrusted project configuration files to automate deployment setup.
Ingestion points: Platform configuration files (fly.toml, render.yaml, vercel.json, netlify.toml, Procfile) and project manifests (package.json, .gemspec).
Boundary markers: Absent.
Capability inventory: Full access to Bash, Write, Edit, Read, Glob, and Grep tools.
Sanitization: Absent; the skill extracts values directly from file content using shell utilities like grep and sed.

setup-deploy