feat(test): add bash syntax validation gate test for all SKILL.md blocks

Adds test/skill-bash-syntax.test.ts — a gate-tier free test that extracts
all bash code blocks from all 53 generated SKILL.md files and runs bash -n
on each. Covers 1327+ blocks in ~4s with no API calls.

Fixes #1667. Angle-bracket placeholders like <branch-name> are preprocessed
to PLACEHOLDER before validation so template markers don't produce false
positives.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

Author: NikhileshNanduri

CHANGELOG.md

@@ -1,5 +1,32 @@
 # Changelog
 
+## [1.44.1.0] - 2026-05-24
+
+## **Bash syntax validation now catches broken shell code in SKILL.md files before it ships to users.**
+
+Every generated SKILL.md is machine-readable prompt text — but the bash code blocks inside are real commands agents run. Until now, a typo like `2/dev/null` instead of `2>/dev/null`, or a missing closing code fence that swallows prose as bash, would pass all tests and break silently in the field. This release adds `test/skill-bash-syntax.test.ts`, a gate-tier free test that extracts all 1327+ bash blocks across all 53 skill files and runs `bash -n` (parse-only, no execution) on each.
+
+The numbers that matter:
+
+| Metric | Before | After |
+|--------|--------|-------|
+| Bash blocks validated per `bun test` | 0 | 1327+ |
+| SKILL.md files covered | 0 | 53 |
+| Runtime cost | — | ~4s, free |
+| First bug caught | — | unclosed fence in `codex/SKILL.md` |
+
+The test also found and fixed a real bug on the way: `codex/SKILL.md` had a bash block (line ~1419) missing its closing ` ``` ` fence, which caused prose text with backtick-quoted identifiers to be parsed as shell code. The bug was invisible to all prior tests.
+
+What this means for contributors: push a SKILL.md change with broken bash syntax and CI now blocks the merge. The test runs in under 5 seconds with no API calls. Angle-bracket template placeholders like `<branch-name>` are preprocessed to `PLACEHOLDER` before validation so intentional template markers don't cause false positives.
+
+### Itemized changes
+
+#### Added
+- `test/skill-bash-syntax.test.ts`: gate-tier free test; runs `bash -n` on all `\`\`\`bash` blocks in all 53 generated SKILL.md files; catches syntax errors, broken redirects, unclosed strings, and missing code fences before they reach users
+
+#### Fixed
+- `codex/SKILL.md` + `codex/SKILL.md.tmpl`: missing ` ``` ` closing fence for the resumed-session bash block; prose text with backtick-quoted identifiers was inside the bash block, causing `bash -n` to report "unexpected EOF while looking for matching \`"
+
 ## [1.44.0.0] - 2026-05-23
 
 ## **`/plan-pm-review` ships: RICE prioritization, JTBD segmentation, and acceptance criteria land as the missing PM voice in the review pipeline.**

VERSION

@@ -1 +1 @@
-1.44.0.0
+1.44.1.0

package.json

@@ -1,6 +1,6 @@
 {
   "name": "gstack",
-  "version": "1.44.0.0",
+  "version": "1.44.1.0",
   "description": "Garry's Stack — Claude Code skills + fast headless browser. One repo, one install, entire AI engineering workflow.",
   "license": "MIT",
   "type": "module",

test/skill-bash-syntax.test.ts

@@ -0,0 +1,127 @@
+/**
+ * Bash syntax validation for SKILL.md code blocks (gate, free).
+ *
+ * Extracts every ```bash...``` block from all generated SKILL.md files and
+ * runs `bash -n` (parse-only, no execution) on each one. Catches unclosed
+ * code fences, broken redirects (e.g. `2/dev/null` instead of `2>/dev/null`),
+ * unclosed strings, and other syntactic mistakes before they reach users.
+ *
+ * Preprocessing: angle-bracket placeholder tokens like <branch-name> are
+ * replaced with the bareword PLACEHOLDER before validation. Without this
+ * substitution, `<word>` is parsed as a shell redirect (read stdin from
+ * file "word>") and would produce false positive errors on intentional
+ * template placeholders that agents fill in at runtime.
+ *
+ * Covers all 53 SKILL.md files discovered via discoverSkillFiles().
+ * Runs in < 2s with no network or API calls.
+ */
+
+import { describe, test, expect } from 'bun:test';
+import * as fs from 'fs';
+import * as path from 'path';
+
+const ROOT = path.resolve(import.meta.dir, '..');
+
+const SKIP_DIRS = new Set(['node_modules', '.git', 'dist']);
+
+function discoverSkillFiles(root: string): string[] {
+  const subdirs = fs.readdirSync(root, { withFileTypes: true })
+    .filter(d => d.isDirectory() && !d.name.startsWith('.') && !SKIP_DIRS.has(d.name))
+    .map(d => d.name);
+
+  const results: string[] = [];
+  if (fs.existsSync(path.join(root, 'SKILL.md'))) {
+    results.push('SKILL.md');
+  }
+  for (const dir of subdirs) {
+    const rel = `${dir}/SKILL.md`;
+    if (fs.existsSync(path.join(root, rel))) {
+      results.push(rel);
+    }
+  }
+  return results;
+}
+
+interface BashBlock {
+  code: string;
+  lineNo: number; // 1-indexed line number where the block content starts
+}
+
+function extractBashBlocks(content: string): BashBlock[] {
+  const lines = content.split('\n');
+  const blocks: BashBlock[] = [];
+  let inBash = false;
+  let blockLines: string[] = [];
+  let startLine = 0;
+
+  for (let i = 0; i < lines.length; i++) {
+    const line = lines[i];
+    if (!inBash && line.trimStart().startsWith('```bash')) {
+      inBash = true;
+      blockLines = [];
+      startLine = i + 2; // +1 for 1-index, +1 to skip the fence line itself
+      continue;
+    }
+    if (inBash && line.trimStart() === '```') {
+      blocks.push({ code: blockLines.join('\n'), lineNo: startLine });
+      inBash = false;
+      continue;
+    }
+    if (inBash) {
+      blockLines.push(line);
+    }
+  }
+  return blocks;
+}
+
+// Replace <placeholder> tokens with the bareword PLACEHOLDER to prevent
+// bash from interpreting them as stdin redirects, which produce false errors.
+function preprocess(code: string): string {
+  return code.replace(/<[A-Za-z][A-Za-z0-9_.-]*>/g, 'PLACEHOLDER');
+}
+
+function checkBashSyntax(code: string): string | null {
+  const result = Bun.spawnSync(['bash', '-n'], {
+    stdin: Buffer.from(code),
+    stdout: 'pipe',
+    stderr: 'pipe',
+  });
+  if (result.exitCode !== 0) {
+    return result.stderr.toString().trim();
+  }
+  return null;
+}
+
+describe('bash syntax validation in SKILL.md code blocks', () => {
+  const skillFiles = discoverSkillFiles(ROOT);
+
+  // Sanity: we should find at least 10 skill files
+  test('discovers skill files', () => {
+    expect(skillFiles.length).toBeGreaterThanOrEqual(10);
+  });
+
+  for (const relPath of skillFiles) {
+    test(`${relPath} — all bash blocks pass bash -n`, () => {
+      const content = fs.readFileSync(path.join(ROOT, relPath), 'utf-8');
+      const blocks = extractBashBlocks(content);
+
+      const errors: string[] = [];
+      for (const { code, lineNo } of blocks) {
+        const preprocessed = preprocess(code);
+        const errMsg = checkBashSyntax(preprocessed);
+        if (errMsg !== null) {
+          // Trim bash's "bash: line N:" prefix and replace with our own location
+          const cleaned = errMsg.replace(/^bash: line \d+: /, '');
+          errors.push(`  ~line ${lineNo}: ${cleaned}`);
+        }
+      }
+
+      if (errors.length > 0) {
+        throw new Error(
+          `${relPath}: ${errors.length} bash block(s) failed syntax check:\n` +
+          errors.join('\n')
+        );
+      }
+    });
+  }
+});