gstack-upgrade
Facilitates upgrading gstack to the latest version, detecting install types and summarizing new features for users.
Install this skill
Security score
The gstack-upgrade skill was audited on May 11, 2026 and we found 12 security issues across 2 threat categories. Review the findings below before installing.
Categories Tested
Security Issues
Template literal with variable interpolation in command context
| 33 | ```bash |
Access to hidden dotfiles in home directory
| 36 | [ -z "$_AUTO" ] && _AUTO=$(~/.claude/skills/gstack/bin/gstack-config get auto_upgrade 2>/dev/null || true) |
Access to hidden dotfiles in home directory
| 50 | ~/.claude/skills/gstack/bin/gstack-config set auto_upgrade true |
Access to hidden dotfiles in home directory
| 72 | Tell user the snooze duration: "Next reminder in 24h" (or 48h or 1 week, depending on level). Tip: "Set `auto_upgrade: true` in `~/.gstack/config.yaml` for automatic upgrades." |
Access to hidden dotfiles in home directory
| 76 | ~/.claude/skills/gstack/bin/gstack-config set update_check false |
Access to hidden dotfiles in home directory
| 78 | Tell user: "Update checks disabled. Run `~/.claude/skills/gstack/bin/gstack-config set update_check true` to re-enable." |
Access to hidden dotfiles in home directory
| 158 | _TEAM_MODE=$(~/.claude/skills/gstack/bin/gstack-config get team_mode 2>/dev/null || echo "false") |
Access to hidden dotfiles in home directory
| 221 | mkdir -p ~/.gstack |
Access to hidden dotfiles in home directory
| 222 | echo "$OLD_VERSION" > ~/.gstack/just-upgraded-from |
Access to hidden dotfiles in home directory
| 223 | rm -f ~/.gstack/last-update-check |
Access to hidden dotfiles in home directory
| 224 | rm -f ~/.gstack/update-snoozed |
Access to hidden dotfiles in home directory
| 255 | ~/.claude/skills/gstack/bin/gstack-update-check --force 2>/dev/null || \ |