Skills
skills/deanthompson/agent-skills/gitlab-mr/Gen Agent Trust Hub

gitlab-mr

Pass

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands using git and glab to analyze code changes, push branches, and create merge requests on GitLab. All commands are standard for the skill's purpose.
  • [INDIRECT_PROMPT_INJECTION]: The skill analyzes repository branch diffs to generate MR descriptions, which introduces a surface for indirect prompt injection if a code contributor includes malicious instructions in the diff content.
  • Ingestion points: Content is ingested via git diff origin/develop...HEAD in references/gitlab-mr.md.
  • Boundary markers: No explicit delimiter markers are specified for the diff content.
  • Capability inventory: Shell execution via git and glab as defined in the SKILL.md requirements.
  • Sanitization: The skill mitigates risks by explicitly requiring a human-in-the-loop preview and confirmation step before final command execution.
Audit Metadata
Risk Level
SAFE
Analyzed
May 9, 2026, 06:09 PM
Security Audit — agent-trust-hub — gitlab-mr