glab

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill instructs the agent to extract an auth token from glab and embed it verbatim in a curl Authorization header (and shows commands with --token <token>), which requires the LLM to handle/output secret values directly.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and parses content from arbitrary GitLab instances (e.g., using glab api projects/.../templates/issues and projects/.../repository/files/.../raw, MR diffs/comments, and repository trees) — untrusted, user-generated third-party content that the agent reads and uses to drive actions like drafting issues/MRs and making decisions.