Skills
skills/dmythro/agent-skills/git-ci/Gen Agent Trust Hub

git-ci

Warn

Audited by Gen Agent Trust Hub on Feb 26, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Executes shell commands via gh (GitHub CLI) and glab (GitLab CI CLI) to retrieve pipeline status, logs, and pull request metadata.
  • [CREDENTIALS_UNSAFE]: Provides recipes to list CI/CD secrets and variables which may contain sensitive environment data.
  • Evidence: SKILL.md and references/ci-queries.md include gh variable list, gh secret list, and glab variable list.
  • Evidence: The skill documentation in references/allowlist.md explicitly notes that glab variable list exposes CI/CD variable values such as API keys and passwords.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection by processing external data from CI/CD logs and pull request metadata.
  • Ingestion points: Command outputs from gh run view --log, gh pr view, and glab ci trace (files: SKILL.md, references/ci-queries.md).
  • Boundary markers: Absent; command outputs are processed without delimiters or instructions to ignore embedded content.
  • Capability inventory: Executes shell commands (gh, glab, jq) which could be influenced by malicious content in logs or PR fields.
  • Sanitization: Absent; output is directly presented to the agent or piped to other utilities.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 26, 2026, 11:07 AM