The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill generates configurations that utilize Docker images from official and well-known registries including Docker Hub, Google Container Registry (GCR), and the GitLab Container Registry. Examples include base images like node, alpine, and python, as well as specialized tools like bitnami/kubectl, alpine/helm, and aquasec/trivy. These are standard industry resources used for their intended purposes.
[COMMAND_EXECUTION]: The generated pipelines and templates define execution steps for standard DevOps command-line interfaces such as npm, docker, kubectl, helm, and kustomize. The skill includes clear documentation and examples on how to use these tools securely within a CI/CD context.
[REMOTE_CODE_EXECUTION]: The skill's instructions describe using WebSearch and WebFetch capabilities to look up the latest official GitLab CI/CD documentation and templates from docs.gitlab.com. This is used to ensure the generated pipelines follow current syntax requirements and security recommendations from the platform provider.
[DATA_EXFILTRATION]: The skill provides templates and guidelines for managing sensitive information using GitLab CI/CD variables (e.g., $CI_REGISTRY_PASSWORD, $KUBE_CONTEXT, $API_KEY). It explicitly forbids hardcoding credentials and provides detailed instructions on implementing 'Masked' and 'Protected' variables to prevent accidental exposure in logs or to unauthorized branches.
[PROMPT_INJECTION]: No malicious prompt injection patterns were detected. The skill actually implements a safety-oriented workflow requiring the agent to confirm it has read security guidelines and best practices before generating any code, which serves as a procedural guardrail against generating insecure configurations.

gitlab-ci-generator