gsd-build/get-shit-done
Summary
GSD is a meta-prompting and workflow orchestration system for AI coding assistants (Claude Code, Gemini CLI, OpenCode, Codex). It installs a set of slash commands, agent definitions, and Node.js hooks into your AI tool's config directory, giving Claude/Gemini a structured spec-driven workflow: define project requirements, break into phases, execute each phase with parallel subagents, then verify results. The core innovation is managing 'context rot' by keeping structured state in markdown files and injecting context warnings via PostToolUse hooks.
Great for
people interested in prompt engineering and AI workflow orchestration — specifically building structured development pipelines that keep LLM agents on-task across long coding sessions with real state management
Easy wins
- +Write a CONTRIBUTING.md — the repo has issue templates and CI but no contributor guide, which is a friction point given 308 open issues and 52 contributors
- +Add 'good first issue' labels to the issue tracker — currently zero tagged, making it hard for new contributors to find entry points
- +Improve cross-platform path handling in hooks: gsd-check-update.js uses string interpolation to inject paths into a spawned eval string (the JSON.stringify pattern), which is functional but fragile — extracting this to a temp file or using a proper child_process approach would be cleaner
- +Add runtime detection tests for OpenCode's XDG path resolution — getOpencodeGlobalDir() has 4 fallback levels (OPENCODE_CONFIG_DIR, OPENCODE_CONFIG, XDG_CONFIG_HOME, default) but the test suite (gemini-config.test.cjs, codex-config.test.cjs) suggests OpenCode config may have less test coverage
Red flags
- !Significant metadata mismatch: the repo claims 52 contributors but contributor_count in the data is 1, commit_count is 1, and commit_frequency_30d is 1. The GitHub URL in the data (gsd-build/get-shit-done) differs from the package.json repository URL (glittercowboy/get-shit-done) and README links — this appears to be a fork or mirror, meaning the stated star count (30k) and contributor count may not reflect this specific repository's actual history.
- !README prominently features a '$GSD Token' badge linking to Dexscreener (a crypto trading platform) — this is a memecoin/token associated with the project, which is unusual for a dev tool and may be a conflict of interest or signal about project motivations.
- !The recommendation to run `claude --dangerously-skip-permissions` is front-and-center in the README as the intended usage — this is a significant security surface that contributors and users should understand they're endorsing.
- !spawn('-e', code_as_string) in gsd-check-update.js: paths are injected via JSON.stringify which is mostly safe, but this pattern is generally fragile and hard to audit.
Code quality
The hooks (gsd-statusline.js, gsd-context-monitor.js) are well-commented with clear threshold logic and deliberate silent-fail patterns with a stdin timeout guard to prevent hanging — this shows production thinking. The installer (bin/install.js) is 1000+ lines of vanilla Node handling 4 runtimes with reasonable separation, though the Codex skill adapter header is inlined as a massive template string in the same file. The gsd-check-update.js spawning a background process via spawn('-e', [code_as_string]) with JSON.stringify for path injection is a known antipattern — it works but is hard to test and fragile if paths contain special characters. Error handling is consistently 'silent fail with process.exit(0)' in hooks, which is appropriate for this use case.
What makes it unique
GSD occupies a real niche — it's more opinionated than raw prompting but less enterprise-theater than BMAD or Taskmaster (the README correctly identifies this). The context-window bridging between the statusline hook and PostToolUse context-monitor hook (writing metrics to /tmp and reading them back) is a clever architectural pattern not seen in competitors. However, the crypto token association is a significant differentiator that cuts both ways — it may fund development but adds credibility risk for a pure dev-tool audience.