gitlab
Warn
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill includes instructions for running commands with elevated privileges, specifically using
sudofor runner registration tasks. It also provides examples for modifying system-level configuration files and certificate stores, such as appending to/opt/gitlab/embedded/ssl/certs/cacert.pem. - [CREDENTIALS_UNSAFE]: Documentation examples demonstrate passing sensitive tokens within URLs for Git operations (e.g.,
https://<username>:<deploy_token>@...), which is a known security risk as it can expose credentials in shell history, process listings, and system logs. - [EXTERNAL_DOWNLOADS]: The skill references fetching resources from external repositories, such as downloading a CA bundle from
raw.githubusercontent.com/certifi/python-certifi/.... While originating from a well-known source, it represents an external dependency for security-sensitive operations.
Audit Metadata