learn

Manage project learnings. Review, search, prune, and export what gstack has learned across sessions. Use when asked to "what have we learned", "show learnings", "prune stale learnings", or "export learnings". Proactively suggest when the user asks about past patterns or wonders "didn't we fix this before?"

Invalid

This skill can't be scored yet

Validation errors are blocking scoring. Review and fix them to unlock Quality, Impact and Security scores. See what needs fixing →

1 critical severity finding. Installing this skill is not recommended: please review these findings carefully if you do intend to do so.

Critical

E004: Prompt injection detected in skill instructions

What this means

Detected a prompt injection in the skill instructions. The skill contains hidden or deceptive instructions that fall outside its stated purpose and attempt to override the agent’s safety guidelines or intended behavior.

Why it was flagged

Potential prompt injection detected (high risk: 0.90). The prompt embeds many explicit, actionable directives unrelated to "manage project learnings" (e.g., auto-editing/committing CLAUDE.md, changing gstack configs, running telemetry and gbrain sync, auto-upgrading/removing vendored code, and pushing session memory), which are out-of-scope for the skill's stated purpose and therefore constitute deceptive/hidden instruction surface beyond what the skill claims.

Report incorrect finding

Repository: garrytan/gstack
Commit: db9447c

Audited: 4 days ago
Security analysis

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.