gitlab-issue

Pass

Audited by Gen Agent Trust Hub on May 1, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the glab CLI tool (GitLab's official CLI) to interact with the repository and perform issue management tasks.
  • [PROMPT_INJECTION]: The skill processes external data (titles, descriptions, and comments from GitLab) which introduces an indirect prompt injection surface.
  • Ingestion points: Issue content retrieved via glab issue view and glab issue list in SKILL.md.
  • Boundary markers: Absent; the skill does not explicitly instruct the agent to ignore instructions found within the fetched issue data.
  • Capability inventory: File-write/update capabilities via glab issue create, glab issue update, glab issue note, and glab issue close in SKILL.md.
  • Sanitization: None specified for retrieved content.
  • Mitigation: The skill includes a critical rule requiring human-in-the-loop confirmation before any creation or modification action is executed.
Audit Metadata
Risk Level
SAFE
Analyzed
May 1, 2026, 11:58 AM
Security Audit — agent-trust-hub — gitlab-issue