Skills
skills/flc1125/skills/gitlab-mr-inline-comment/Gen Agent Trust Hub

gitlab-mr-inline-comment

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes local git commands such as git merge-base and git diff to correctly identify line positions for comments within the merge request. It also runs a provided Node.js script (scripts/post-inline-comments.mjs) to handle API communication.\n- [DATA_EXFILTRATION]: The Node.js script utilizes the fetch API to transmit the GitLab API token to a specified API base URL via the PRIVATE-TOKEN header. This is a standard network operation required for the skill's primary function of communicating with GitLab instances.\n- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it processes untrusted data from external source comments and existing discussions on GitLab.\n
  • Ingestion points: The skill ingests comment data from user inputs or files, and retrieves existing merge request discussions from the GitLab API to perform deduplication.\n
  • Boundary markers: The instructions mandate that all comments be normalized to a specific JSON schema and validated against the actual merge request diff before publication.\n
  • Capability inventory: The agent can execute shell commands (git) and perform network POST requests to external API endpoints through its accompanying script.\n
  • Sanitization: The skill performs normalization of comment paths and line numbers, and requires a successful diff mapping which ensures that only comments relevant to the actual code changes are processed.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 03:30 AM