view-pipeline

Pass

Audited by Gen Agent Trust Hub on Jun 26, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill uses legitimate MCP tools (e.g., get_pipeline_jobs) to interact with the GitLab API. It follows standard patterns for status retrieval and log viewing.
  • [SAFE]: No evidence of prompt injection, hardcoded credentials, or unauthorized network operations was found in the skill's instructions or implementation details.
  • [SAFE]: Although the skill processes external content (GitLab logs), it lacks the critical capabilities—such as arbitrary command execution or file system writing—required to exploit indirect prompt injection surfaces.
  • [SAFE]: The skill does not employ any obfuscation techniques or dynamic code execution patterns.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 26, 2026, 01:24 AM
Security Audit — agent-trust-hub — view-pipeline