gitlab-file

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests file content from GitLab via glab api endpoints (e.g., the "projects/:id/repository/files/.../raw?ref=..." examples and the "Download and View File" / "Copy File Between Branches" workflows in SKILL.md), which are user-generated/untrusted third-party sources that the agent reads and then uses to drive create/update/delete actions.