Claude Code out of the box is a capable AI coding assistant. gstack turns it into a coordinated multi-agent system where specialized agents handle QA, code review, deployment, security audits, design review, and debugging — each one invoked on demand, composable with the others, and operating with full context of your codebase. The difference between using Claude Code alone and using it with gstack is the difference between one smart engineer and a full senior team.

This article explains what gstack is, how its agent model works, which skills matter most for engineering teams, and how to compose multiple agents into workflows that handle complex tasks end to end.

What gstack Is

gstack is an open-source skill framework for Claude Code — the AI coding CLI built by Anthropic. It extends Claude Code with a library of pre-built skills: discrete, self-contained AI agents that each specialize in a specific engineering task. Each skill is defined by a SKILL.md file that instructs the agent on how to approach the task, what tools to use, and how to report results.

Skills are invoked with slash commands inside a Claude Code session:/qa to run quality assurance testing, /review to audit a pull request, /ship to merge, bump the version, and deploy, /investigate to debug a root cause. Each command hands control to a specialized agent with its own context, tools, and completion criteria — then returns results to the main session.

The key architectural insight: instead of asking a general-purpose AI to do everything, you route each task to an agent that was designed for it. A security review agent reasons about attack surfaces differently from a deployment agent. A design review agent evaluates visual hierarchy differently from a code review agent. Specialization produces better results at each step.

The gstack Agent Model

gstack organizes agents across three tiers:

Bundled Skills

Pre-built skills shipped with gstack covering the most common engineering workflows. These are production-ready and require no configuration to use. They form the foundation of most multi-agent workflows.

Global Skills

Custom skills installed globally at ~/.claude/skills/ and available across all projects on the machine. The right place for organization-wide agents: your internal deployment pipeline, your specific test runner configuration, your company's code review checklist.

Project Skills

Custom skills defined at .claude/skills/ in a specific repository. Available only in that project. The right place for project-specific agents: the QA flow for a particular application, the migration script runner for a specific database schema, the validation logic for a specific API.

When you invoke a skill, gstack resolves it from project → global → bundled, in that order. Your project-specific skill overrides the global version, which overrides the bundled version. This lets you customize behavior at any level without losing the fallback.

The Core Skills and What They Do

/browse — Headless Browser Agent

A persistent headless Chromium instance controlled by natural language. Navigate pages, interact with elements, take screenshots, extract data, run accessibility audits, test responsive layouts, and verify that deployed features work correctly. The browser daemon stays running between commands — state, cookies, and login sessions persist across the session. Used heavily in QA workflows and post-deploy verification.

/qa — Systematic QA Testing

Runs a complete QA pass on a web application — navigating the golden path, testing edge cases, checking for console errors and network failures, verifying responsive behavior, and identifying visual regressions. Returns a structured findings report with reproducible steps for each issue. Designed to be run after every significant change before a PR is opened.

/review — Pre-Landing Code Review

Reviews the diff against the base branch for SQL safety, LLM trust boundaries, authentication gaps, input validation, and architectural concerns. Goes beyond style and linting to reason about security and correctness. Produces a prioritized findings list with specific file and line references. Run before merging any PR that touches sensitive code paths.

/ship — Merge, Version, Deploy

End-to-end ship workflow: detects the base branch, runs tests, reviews the diff, bumps the version in the right place, updates the changelog, merges the PR, waits for CI, and verifies production health. Coordinates multiple steps that are easy to get out of order manually — and catches the issues that cause rollbacks before the deploy happens.

/investigate — Root Cause Debugging

Four-phase debugging workflow: investigate (reproduce and characterize the failure), analyze (identify the probable cause), hypothesize (generate candidate fixes with rationale), and implement (apply the most likely fix with verification). Particularly effective for bugs that span multiple files or require understanding a chain of state changes.

/security-review — Security Audit

Infrastructure-first security audit covering secrets archaeology (scanning for accidentally committed credentials), dependency CVEs, authentication gaps, authorization bypasses, and injection vulnerabilities in the current branch diff. Produces a findings report with severity ratings and remediation steps.

/design-review — Visual QA

Uses the browse agent to visually inspect the application — identifying spacing inconsistencies, hierarchy problems, broken layouts at various viewports, color contrast issues, and interaction states that don't match the design system. Catches the visual regressions that code review misses.

Composing Multiple Agents: Real Workflow Examples

The power of gstack emerges when skills are combined. Three multi-agent workflows that engineering teams run in production:

Pre-PR Quality Gate

Before opening a pull request, run three agents in sequence:

  1. /review — code review for security and correctness
  2. /qa — functional QA on the running dev environment
  3. /design-review — visual regression check on any UI changes

Each agent produces a structured findings report. The developer resolves findings before the PR is opened. What used to require a senior engineer's review pass, a manual QA session, and a designer's eye is now a ten-minute automated sequence that runs while the developer is writing the PR description.

Incident Investigation and Fix

When a production issue surfaces:

  1. /investigate — characterize the failure, trace the cause, propose fixes
  2. /review on the proposed fix — verify the fix doesn't introduce new issues
  3. /ship — merge the hotfix through the standard deploy pipeline
  4. /browse — verify the fix on the production environment

A workflow that previously required an on-call engineer to context-switch into a live debugging session, write a fix, get it reviewed, and manually verify it in production now has AI handling each step with a human approving the transitions.

Autonomous Post-Deploy Canary

After every deployment, run /canary — which uses the browse agent to monitor the live application for console errors, performance regressions, and broken user flows. If regressions are detected, it triggers /investigate on the diff between the current and previous deploy. The on-call engineer gets a findings report rather than a raw alert.

Writing Custom Skills

Custom skills are plain text files in Markdown format. A skill file defines the agent's goal, the steps it should follow, the tools it has access to, and how it should report results. The format is designed to be readable by a human and executable by Claude Code.

A minimal custom skill for running your organization's specific deployment validation:

  • Define what "done" looks like — the specific checks that must pass
  • List the commands to run — your test suite, health check endpoints, log queries
  • Specify how to handle failures — what to roll back, who to notify
  • Define the output format — what the agent should report back

Once written and placed in .claude/skills/your-skill/SKILL.md, it's available as /your-skill in any Claude Code session in that project. Custom skills inherit all of gstack's infrastructure: telemetry, the learnings system, and integration with other skills.

The Learnings System: Agents That Improve Over Time

gstack includes a per-project learnings store. When an agent discovers a durable operational quirk — a non-obvious command flag, a project-specific convention, a recurring failure pattern — it logs it to ~/.gstack/projects/{project}/learnings.jsonl. Future agent invocations in the same project load the most relevant learnings at startup.

In practice, this means agents get incrementally smarter about your specific environment over time. The QA agent learns which pages require authentication before testing. The deploy agent learns that your staging environment takes 90 seconds to become healthy after a deploy. The investigate agent learns which log format your application uses. Each learning reduces the number of false starts and dead-end investigations in future sessions.

Routing and Governance: Controlling Which Agents Run When

For engineering teams using gstack at scale, skill routing rules in CLAUDE.md define which skill to invoke for which type of request. This means any developer on the team gets consistent agent behavior without needing to know which skill handles which task:

  • Bug reports and error messages → /investigate
  • "Does this work?" questions about a running app → /qa
  • Code diff questions and PR readiness → /review
  • Visual inconsistencies and layout issues → /design-review
  • Ready to merge and deploy → /ship

Routing rules are proactive — Claude Code suggests the right skill when a request matches a routing pattern. New team members get the benefit of the team's accumulated skill knowledge from day one.

Getting Started

gstack installs as a global Claude Code extension:

  1. Install Claude Code via npm install -g @anthropic-ai/claude-code
  2. Clone the gstack repository into ~/.claude/skills/gstack and run ./setup
  3. Open a Claude Code session in your project and run /init to generate a CLAUDE.md with codebase documentation and skill routing rules
  4. Run /qa on your application to verify the browser agent is working and to establish a QA baseline
  5. Add project-specific skills as you identify workflows that repeat frequently enough to automate

The Bottom Line

gstack changes the economics of using Claude Code from a tool that helps individual developers to a platform that augments the entire engineering workflow. QA, code review, deployment, debugging, security auditing, and design review — each handled by a specialized agent, composable into end-to-end workflows, and improving with use through the learnings system.

Engineering teams that adopt gstack consistently report the same outcome: the tasks that previously required senior engineer time — thorough code review, systematic QA, root cause investigation — now happen on every PR, not just the ones where a senior engineer happened to have bandwidth. The quality floor rises. The mean time to merge drops. And the team spends more time building and less time reviewing, testing, and debugging manually.

Need Help Setting Up AI-Augmented Engineering Workflows?

Ez IT Expert helps engineering teams implement Claude Code and gstack — from initial setup and custom skill development through team training and workflow integration. Book a free 30-minute discovery call to discuss how AI agents can reduce your team's manual review and testing overhead. See our AI implementation services.

Book a Free Discovery Call →