uStack

The skill claims to import, diff/analyze, and publish updates from upstream agent repos and the code implements exactly that: git clone/pull, git diff/log, file inspection, IR extraction, and markdown generation. One mismatch: the package/README/SKILL.md document Node.js >=20 and Git as requirements, but the registry metadata lists no required binaries—so the metadata underreports required runtime tools.

Runtime instructions and code operate on user-provided Git repository URLs: cloning/pulling repos and reading/writing files under a local .ustack workspace. The tool runs git via child_process and reads many repository files to build reports. It does not request secrets or call external services beyond git network access to the supplied repo URL, nor does it execute arbitrary repo scripts. Because it clones arbitrary repos, run it in an isolated directory/container when importing untrusted repositories.

There is no install spec (instruction-only/install-from-source), package.json contains no external dependencies, and files are not fetched from unknown remote archives. The code expects Node.js and Git (package.json engines and SKILL.md), which is a conventional, low-risk setup. No remote install URL or extracted archives were found.

No environment variables, credentials, or config paths are required. The code emits metadata that references service auth types (e.g., 'bearer-token') as IR metadata only; it does not ask for or store secrets. Requested environment access is proportional to the declared functionality.

always is false and the skill operates only within a .ustack directory under the current working directory. It writes manifests, snapshots, and run artifacts there but does not modify other skills or global agent settings. Autonomous invocation is allowed by default (disable-model-invocation: false) but this is the platform default and not combined with other red flags.