Skills
skills/garrytan/gstack/plan-tune/Gen Agent Trust Hub

plan-tune

Pass

Audited by Gen Agent Trust Hub on May 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONREMOTE_CODE_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill's preamble and workflows execute various local binaries and scripts located in ~/.claude/skills/gstack/bin/ to manage configurations, logs, and telemetry settings.
  • [REMOTE_CODE_EXECUTION]: Shell commands utilize eval and source on the output of local binaries like gstack-slug and gstack-repo-mode to dynamically update the agent's execution environment.
  • [DATA_EXFILTRATION]: The skill facilitates data synchronization via 'GBrain Sync,' which can push session memory to a private GitHub repository, and it transmits usage telemetry (including skill name and duration) to remote endpoints.
  • [EXTERNAL_DOWNLOADS]: The skill performs network operations via git fetch and git merge to synchronize the local 'brain' repository with its remote origin on GitHub.
  • [COMMAND_EXECUTION]: Dynamic JavaScript code is generated and executed using bun -e to update JSON profile files, utilizing template interpolation for persisting user preferences.
Audit Metadata
Risk Level
SAFE
Analyzed
May 3, 2026, 02:25 PM