Skills
skills/dcjanus/prompts/gitlab-cli/Gen Agent Trust Hub

gitlab-cli

Pass

Audited by Gen Agent Trust Hub on Apr 9, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it is designed to ingest and process untrusted external data from GitLab resources.
  • Ingestion points: Instructions in SKILL.md direct the agent to read MR discussions, notes, diff comments, Wiki content, and repository files like CONTRIBUTING.md and README.md.
  • Boundary markers: The instructions lack explicit boundary markers or directions for the agent to ignore potentially malicious instructions embedded within the ingested GitLab data.
  • Capability inventory: The skill utilizes glab and git commands via subprocess execution to perform both read and write operations (e.g., creating issues, updating MRs).
  • Sanitization: There is no evidence of content sanitization or validation of the external GitLab data before it is incorporated into the agent's context or used to form CLI commands.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 9, 2026, 12:57 PM