CtrlK
BlogDocsLog inGet started
Tessl Logo

plan-ceo-review

CEO/founder-mode plan review. Rethink the problem, find the 10-star product, challenge premises, expand scope when it creates a better product. Four modes: SCOPE EXPANSION (dream big), SELECTIVE EXPANSION (hold scope + cherry-pick expansions), HOLD SCOPE (maximum rigor), SCOPE REDUCTION (strip to essentials). Use when asked to "think bigger", "expand scope", "strategy review", "rethink this", or "is this ambitious enough". Proactively suggest when the user is questioning scope or ambition of a plan, or when the plan feels like it could be thinking bigger. (gstack)

Invalid
This skill can't be scored yet
Validation errors are blocking scoring. Review and fix them to unlock Quality, Impact and Security scores. See what needs fixing →
SKILL.md
Quality
Evals
Security

Security

2 findings — 2 medium severity. This skill can be installed but you should review these findings before use.

Medium

W011: Third-party content exposure detected (indirect prompt injection risk)

What this means

The skill exposes the agent to untrusted, user-generated content from public third-party sources, creating a risk of indirect prompt injection. This includes browsing arbitrary URLs, reading social media posts or forum comments, and analyzing content from unknown websites.

Why it was flagged

Third-party content exposure detected (high risk: 0.90). The skill's "Landscape Check" (under PRE-REVIEW SYSTEM AUDIT / "Search Before Building") explicitly instructs the agent to run WebSearch on open web queries (e.g., "WebSearch for: '[product category] landscape {current year}'") and "Feed into the Premise Challenge (0A) and Dream State Mapping (0C)", meaning it will fetch and interpret public third-party content and use it to influence planning decisions.

Report incorrect finding
Medium

W012: Unverifiable external dependency detected (runtime URL that controls agent)

What this means

The skill fetches instructions or code from an external URL at runtime, and the fetched content directly controls the agent’s prompts or executes code. This dynamic dependency allows the external source to modify the agent’s behavior without any changes to the skill itself.

Why it was flagged

Potentially malicious external URL detected (high risk: 0.90). The skill runs git operations and a brain-sync during runtime (e.g., git fetch/merge in ~/.gstack and calls to ~/.claude/skills/gstack/bin/gstack-brain-sync) which will pull from the repository remote URL (the git remote obtained via `git remote get-url origin`, e.g. https://github.com/owner/repo.git or git@github.com:owner/repo.git) and that fetched repository/brain content is used as session memory/context that can be injected into the agent's prompts — i.e., a remote Git URL is fetched at runtime and can directly influence model context.

Report incorrect finding
Repository
garrytan/gstack
Commit

db9447c

Audited
Security analysis
Snyk

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.

Claim skill