gitlab

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs using glab to fetch and view untrusted, user-generated GitLab content (e.g., "glab issue view 42 --comments", "glab api .../repository/files/.../raw", "glab mr view 99") from gitlab.com or self-hosted instances, which the agent would read and could materially influence subsequent actions like commenting, approving, or merging.