The Agent Skills Directory

[COMMAND_EXECUTION]: The skill heavily relies on external binaries and scripts stored in ~/.claude/skills/gstack/bin/ and ~/.claude/skills/gstack/design/dist/ for core functionality, including telemetry, update checks, and design generation.
[DYNAMIC_EXECUTION]: Employs eval and source <(...) to execute shell instructions dynamically generated by helper scripts (gstack-slug, gstack-repo-mode), which can lead to arbitrary command execution if the underlying binaries are tampered with.
[EXTERNAL_DOWNLOADS]: Communicates with external services for update verification (gstack-update-check) and telemetry logging (gstack-telemetry-log). It also provides instructions to open external resources such as https://garryslist.org/posts/boil-the-ocean.
[DATA_EXFILTRATION]: Collects usage data including skill names, session durations, and repository names (captured via git rev-parse) to send to a remote telemetry service, though it includes a user opt-out mechanism.
[PROMPT_INJECTION]: The skill exhibits surface area for indirect prompt injection by interpolating project plan files into prompts for secondary analysis tools (Codex and Claude subagents) without employing strict boundary markers or sanitization.

plan-design-review