landing-report

Read-only queue dashboard for workspace-aware ship. Shows which VERSION slots are currently claimed by open PRs, which sibling Conductor workspaces have WIP work likely to ship soon, and what slot /ship would pick next. No mutations — just a snapshot. Use when asked to "landing report", "what's in the queue", "show me open PRs", or "which version do I claim next". (gstack)

Invalid

This skill can't be scored yet

Validation errors are blocking scoring. Review and fix them to unlock Quality, Impact and Security scores. See what needs fixing →

2 findings — 1 critical severity, 1 medium severity. Installing this skill is not recommended: please review these findings carefully if you do intend to do so.

Critical

E004: Prompt injection detected in skill instructions

What this means

Detected a prompt injection in the skill instructions. The skill contains hidden or deceptive instructions that fall outside its stated purpose and attempt to override the agent’s safety guidelines or intended behavior.

Why it was flagged

Potential prompt injection detected (high risk: 1.00). The skill purports to be read-only but includes many hidden/deceptive workflow steps that mutate files, change configs, log telemetry, create/commit CLAUDE.md, run brain-sync/upgrade flows and even suggest git rm — actions outside the stated "no mutations" scope, so this is a prompt-injection risk.

Report incorrect finding

Medium

W011: Third-party content exposure detected (indirect prompt injection risk)

What this means

The skill exposes the agent to untrusted, user-generated content from public third-party sources, creating a risk of indirect prompt injection. This includes browsing arbitrary URLs, reading social media posts or forum comments, and analyzing content from unknown websites.

Why it was flagged

Third-party content exposure detected (high risk: 0.70). The skill's required workflow explicitly queries repository PR data (Step 1: `gh pr view` / repo default branch; Step 3: `bun run bin/gstack-next-version` which reads open PRs and produces `/tmp/landing-*.json`) and then parses and acts on that user-generated PR/branch/version metadata to decide suggested next actions, so it consumes untrusted, user-generated third-party content as part of its decision workflow.

Report incorrect finding

Repository: garrytan/gstack
Commit: db9447c

Audited: 4 days ago
Security analysis

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.