gitlab-mr-review

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill fetches and reads GitLab merge request data (title, description, and full diffs) from third-party GitLab projects via glab MCP/CLI, which is user-generated/untrusted content that the agent ingests as part of its review workflow.