plan-eng-review
Facilitates engineering plan reviews by locking in execution strategies, addressing edge cases, and ensuring thorough documentation.
Install this skill
Security score
The plan-eng-review skill was audited on Mar 17, 2026 and we found 11 security issues across 1 threat category. Review the findings below before installing.
Categories Tested
Security Issues
Access to hidden dotfiles in home directory
| 22 | _UPD=$(~/.claude/skills/gstack/bin/gstack-update-check 2>/dev/null || .claude/skills/gstack/bin/gstack-update-check 2>/dev/null || true) |
Access to hidden dotfiles in home directory
| 24 | mkdir -p ~/.gstack/sessions |
Access to hidden dotfiles in home directory
| 25 | touch ~/.gstack/sessions/"$PPID" |
Access to hidden dotfiles in home directory
| 26 | _SESSIONS=$(find ~/.gstack/sessions -mmin -120 -type f 2>/dev/null | wc -l | tr -d ' ') |
Access to hidden dotfiles in home directory
| 27 | find ~/.gstack/sessions -mmin +120 -type f -delete 2>/dev/null || true |
Access to hidden dotfiles in home directory
| 28 | _CONTRIB=$(~/.claude/skills/gstack/bin/gstack-config get gstack_contributor 2>/dev/null || true) |
Access to hidden dotfiles in home directory
| 31 | If output shows `UPGRADE_AVAILABLE <old> <new>`: read `~/.claude/skills/gstack/gstack-upgrade/SKILL.md` and follow the "Inline upgrade flow" (auto-upgrade if configured, otherwise AskUserQuestion with |
Access to hidden dotfiles in home directory
| 52 | **To file:** write `~/.gstack/contributor-logs/{slug}.md` with this structure: |
Access to hidden dotfiles in home directory
| 72 | Then run: `mkdir -p ~/.gstack/contributor-logs && open ~/.gstack/contributor-logs/{slug}.md` |
Access to hidden dotfiles in home directory
| 153 | mkdir -p ~/.gstack/projects/$SLUG |
Access to hidden dotfiles in home directory
| 156 | Write to `~/.gstack/projects/{slug}/{user}-{branch}-test-plan-{datetime}.md`: |