The Agent Skills Directory

[SAFE]: The skill provides automated validation for GitLab CI/CD files using Python and Bash scripts.\n- [EXTERNAL_DOWNLOADS]: The skill manages dependencies by installing PyYAML from PyPI and gitlab-ci-local from NPM. These are well-known technology registries and the downloads are handled neutrally as configuration for the skill's primary purpose.\n- [COMMAND_EXECUTION]: The skill executes local scripts to perform validation. Input processing is handled safely using yaml.safe_load() to prevent arbitrary code execution during YAML parsing.\n- [INDIRECT_PROMPT_INJECTION]: The skill has an ingestion surface for untrusted .gitlab-ci.yml files. Evidence: 1. Ingestion points: validate_syntax.py, check_best_practices.py, and check_security.py read user-provided files. 2. Boundary markers: Not applicable for this static analysis tool. 3. Capability inventory: Static analysis via regex and logic; no shell execution of content. 4. Sanitization: Uses yaml.safe_load() for secure parsing.

gitlab-ci-validator