The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill includes a setup procedure that downloads and executes an installation script from https://bun.sh/install via bash. This is a standard method for installing the well-known Bun runtime and is only executed with user consent.- [COMMAND_EXECUTION]: The skill uses eval and source to execute the output of internal utility binaries located in its installation directory (e.g., gstack-slug, gstack-repo-mode). These tools are used for state management and configuration.- [DATA_EXFILTRATION]: It features an opt-in telemetry system that transmits usage metrics (skill name, duration, success status) to a remote server. The system is designed to exclude sensitive project data, file paths, and code, and provides clear user controls for activation.- [PROMPT_INJECTION]: The skill processes data from repository files, web search results, and external AI service responses, establishing a surface for indirect prompt injection. It includes mitigation instructions in its prompts to external services to reduce this risk.- [EXTERNAL_DOWNLOADS]: The skill performs web searches for landscape awareness and interacts with the Codex API for design reviews, both of which involve external network communication.

garrytan