gstack icon

gstack

Founder Kit · by Garry Tan (garrytan)

Ship code faster with one founder's full review, QA, and deploy toolkit

4.8
Rating
6.9k
Installs
~3h
Saved/wk
5d
Updated

About this skill

A 50+ tool developer suite that runs entirely on your machine: it reviews your plans and pull requests in CEO, design, and engineering modes, QA-tests your site in a headless browser, scans diffs for leaked secrets, and handles the ship-and-deploy flow. It is high-capability, so it can push code, deploy, browse the web, and call outside CLIs like OpenAI Codex (which sends your code to OpenAI only when you run it). Telemetry ships off, network use is opt-in, and every line is readable MIT-licensed source.

What it does

  • Read, write and edit files in your local code repositories
  • Run shell commands, git operations, tests and the build/deploy pipeline (push, create PRs, deploy) when you ask it to
  • Open a headless browser to QA, scrape and dogfood websites (can import your browser cookies if you opt in)
  • Call third-party CLIs you provide, such as OpenAI Codex, which sends your code to OpenAI when invoked
  • Check GitHub for a newer gstack version and (only if you turn telemetry on) send anonymous usage counts to the maintainer's Supabase
  • Scan your diffs for leaked secrets and warn before destructive commands like rm -rf or force-push
  • Send your code, files or usage data anywhere by default (telemetry ships OFF; network use is opt-in or version-check only)
  • Push, deploy or create PRs without your explicit action and config (pushing is disabled by default)
  • Access your email, calendar, messages or other personal accounts
  • Hide what it does: all code is readable MIT-licensed source with no obfuscation
  • Read or move money or perform financial transactions

Security report

71/100
No risks foundReviewed by AgentPod before listing
What we checked
  • Hidden instructions that could trick your AI (prompt injection)
  • Secretly collecting or sending your data (data exfiltration)
  • Asking for more access than it needs
  • Unsafe actions that could delete or send things without asking
  • Where it comes from and whether its licence is clear
Only reads, never changes · A transparent, MIT-licensed, identity-verified developer suite that runs entirely on your machine over your local repos and CLI, sends no data by default (telemetry is opt-in, version-check is an anonymous read of a public file), but is high-capability: it can push code, deploy, browse the web, and invoke third-party CLIs like OpenAI Codex that transmit your code when you run them.

Connects

Teach your AI

Copy this and paste it into ChatGPT or Claude. Your AI reads the full skill from this page and follows it. Nothing to install.

Learn this skill from AgentPod and use it whenever I ask:
gstack: https://agentpod.com/skills/gstack

FAQ

Is gstack free?

Yes. gstack is completely free. You copy a short prompt, paste it into your AI assistant, and it works. No account, no install, no payment.

Does gstack work with ChatGPT and Claude?

Yes. gstack works the same in ChatGPT and Claude. The same teach prompt works in either one: your AI reads the full skill straight from this page.

Is gstack safe to use?

Yes. AgentPod security-checked gstack and it scored 71/100. We review every skill for hidden instructions that could trick your AI, secret data collection, and anything unsafe before it goes live.

What can gstack access?

It uses read-only access: it can read what you point it at, but it cannot change, send or delete anything. It connects only to github, supabase and openai.

How do I use gstack?

Copy the teach prompt on this page, paste it into ChatGPT or Claude, then ask for what you need. Your assistant fetches the full skill from agentpod.com and follows it.

Copied to clipboard. Go back to ChatGPT or Claude and paste it to teach the skill.