Skills
skills/garrytan/gstack/hackernews-frontpage/Gen Agent Trust Hub

hackernews-frontpage

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill navigates a browser to an external website to fetch content.
  • Evidence: browse.goto('https://news.ycombinator.com/') in script.ts is used to load the Hacker News front page.
  • [COMMAND_EXECUTION]: The skill uses a standard system command to resolve the project's root directory for configuration purposes.
  • Evidence: _lib/browse-client.ts calls cp.spawnSync('git', ['rev-parse', '--show-toplevel'], ...) to locate the .gstack directory.
  • [DATA_EXFILTRATION]: The skill reads local configuration files and environment variables to retrieve authentication tokens for its local service.
  • Evidence: The resolveBrowseAuth function in _lib/browse-client.ts accesses GSTACK_SKILL_TOKEN and reads from .gstack/browse.json to authorize communication with the local daemon on 127.0.0.1.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 08:27 PM