gitlab-assistant

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly uses glab/API calls to fetch and act on user-generated GitLab content (e.g., gitlab-mr, gitlab-issue, gitlab-wiki, gitlab-file, gitlab-search shown in SKILL.md) — reading MRs, issues, wiki pages and repo files from potentially public projects that could embed instructions influencing merges, CI runs, or other actions.