gstack is an AI agent skill, created by garrytan and published at garrytan/gstack. ClawSecure audited gstack across 88 files through the 3-Layer Audit Protocol covering all ten OWASP ASI Top 10 categories, assigning a security score of 0/100 (High Risk). The 49 findings concentrate in Command Injection, ReDoS and Malicious Code, including Pattern detected: from "child_process" and Pattern detected: spawnSync(. 22 were rated high or critical severity.
Is gstack safe?
ClawSecure audited gstack and assigned a security score of 0/100 (High Risk), identifying 49 findings across Command Injection and ReDoS. Review the findings below before installing.
What did ClawSecure find in gstack?
ClawSecure identified 49 findings in gstack, concentrated in Command Injection, ReDoS and Malicious Code. 22 were rated high or critical severity. The most severe include Pattern detected: from "child_process" and Pattern detected: spawnSync(.
How was gstack audited?
ClawSecure ran gstack through its 3-Layer Audit Protocol with full OWASP ASI Top 10 coverage, scanning 88 files from garrytan/gstack.
What does a score of 0 mean?
ClawSecure assigned gstack a security score of 0/100, placing it in the High Risk range. This is driven by 49 findings led by Command Injection that should be addressed before use. ClawSecure derives this score with a weighted deduction model (critical -20, high -10, medium -5, low -2 from a base of 100).
Audit Findings for gstack
ClawSecure detected 49 security findings in gstack, spanning Command Injection, ReDoS, Malicious Code and Code Injection.
- critical · Pattern detected: from "child_process". Command Injection finding detected in
bin/gstack-brain-context-load.ts:39. - critical · Pattern detected: spawnSync(. Command Injection finding detected in
bin/gstack-brain-context-load.ts:223. - critical · Pattern detected: spawnSync(. Command Injection finding detected in
bin/gstack-brain-context-load.ts:257. - critical · Pattern detected: from "child_process". Command Injection finding detected in
bin/gstack-gbrain-sync.ts:34. - critical · Pattern detected: execSync(. Command Injection finding detected in
bin/gstack-gbrain-sync.ts:264. - critical · Pattern detected: execSync(. Command Injection finding detected in
bin/gstack-gbrain-sync.ts:273. - critical · Pattern detected: spawnSync(. Command Injection finding detected in
bin/gstack-gbrain-sync.ts:975. - critical · Pattern detected: spawnSync(. Command Injection finding detected in
bin/gstack-gbrain-sync.ts:1022. - critical · Pattern detected: spawnSync(. Command Injection finding detected in
bin/gstack-gbrain-sync.ts:1027. - critical · Pattern detected: from "child_process". Command Injection finding detected in
bin/gstack-global-discover.ts:14. - critical · Pattern detected: execSync(. Command Injection finding detected in
bin/gstack-global-discover.ts:163. - critical · Pattern detected: from "child_process". Command Injection finding detected in
bin/gstack-memory-ingest.ts:57.
Showing the 12 highest-severity of 49 findings. The full interactive list appears below.
3-Layer Audit Protocol
Security Recommendations for gstack
Harden command execution
Fix ReDoS-prone patterns
Audit external network connections
Related Security Research
Why Generic Scanners Fail at AI Agent Security→Understanding Our 3-Layer Audit Protocol→Related AI Agent Security Audits
Scanned on June 3, 2026. gstack is one of thousands of agents audited by ClawSecure from the community-curated awesome-openclaw-skills list and the openclaw/skills repository.