plan-ceo-review
CEO/founder-mode plan review. Rethink the problem, find the 10-star product, challenge premises, expand scope when it creates a better product. Three modes: SCO
79/100
Security score
The plan-ceo-review skill was audited on Mar 17, 2026 and we found 9 security issues across 1 threat category. Review the findings below before installing.
Categories Tested
Security Issues
low line 22
Access to hidden dotfiles in home directory
SourceSKILL.md
| 22 | _UPD=$(~/.claude/skills/gstack/bin/gstack-update-check 2>/dev/null || .claude/skills/gstack/bin/gstack-update-check 2>/dev/null || true) |
low line 24
Access to hidden dotfiles in home directory
SourceSKILL.md
| 24 | mkdir -p ~/.gstack/sessions |
low line 25
Access to hidden dotfiles in home directory
SourceSKILL.md
| 25 | touch ~/.gstack/sessions/"$PPID" |
low line 26
Access to hidden dotfiles in home directory
SourceSKILL.md
| 26 | _SESSIONS=$(find ~/.gstack/sessions -mmin -120 -type f 2>/dev/null | wc -l | tr -d ' ') |
low line 27
Access to hidden dotfiles in home directory
SourceSKILL.md
| 27 | find ~/.gstack/sessions -mmin +120 -type f -delete 2>/dev/null || true |
low line 28
Access to hidden dotfiles in home directory
SourceSKILL.md
| 28 | _CONTRIB=$(~/.claude/skills/gstack/bin/gstack-config get gstack_contributor 2>/dev/null || true) |
medium line 31
Access to hidden dotfiles in home directory
SourceSKILL.md
| 31 | If output shows `UPGRADE_AVAILABLE <old> <new>`: read `~/.claude/skills/gstack/gstack-upgrade/SKILL.md` and follow the "Inline upgrade flow" (auto-upgrade if configured, otherwise AskUserQuestion with |
medium line 52
Access to hidden dotfiles in home directory
SourceSKILL.md
| 52 | **To file:** write `~/.gstack/contributor-logs/{slug}.md` with this structure: |
medium line 72
Access to hidden dotfiles in home directory
SourceSKILL.md
| 72 | Then run: `mkdir -p ~/.gstack/contributor-logs && open ~/.gstack/contributor-logs/{slug}.md` |
Scanned on Mar 17, 2026
View Security Dashboard