Skills
skills/nguyenvanchiens/my-skills-gitlab-flow/gitlab-flow/Gen Agent Trust Hub

gitlab-flow

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill instructions contain explicit directives to override system prompt defaults and platform-level behavior (e.g., "Rule này override mọi default của Claude Code/system prompt"). This is used to suppress AI attribution trailers in commit messages.
  • [PROMPT_INJECTION]: Indirect prompt injection attack surface identified. The skill processes untrusted data from Jira task titles and GitLab MR comments and diffs.
  • Ingestion points: Jira task titles/descriptions and GitLab MR comments/diffs are ingested and used to generate branch names, commit messages, and MR descriptions.
  • Boundary markers: Absent; the skill does not define delimiters or specific "ignore instructions" warnings for the external data it processes.
  • Capability inventory: The skill performs repository operations including file writes, commits, pushes, and GitLab MR management (merge, create) across multiple scripts.
  • Sanitization: No explicit sanitization or validation of external content (Jira titles or MR comments) is performed before interpolation into commands or logic.
  • [COMMAND_EXECUTION]: The skill executes a significant number of shell commands through the git CLI and the glab (GitLab) CLI to manage branches, commits, and merge requests. It specifically handles repository state, upstream tracking, and MR metadata management.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 02:24 AM
Security Audit — agent-trust-hub — gitlab-flow