gitlab-group

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). SKILL.md explicitly runs glab api calls against GitLab endpoints (e.g., "users?search=...", "groups/...", "projects/...") and parses those API responses (jq -r '.id') to drive subsequent commands, meaning it ingests untrusted/user-generated content from third-party GitLab instances that can materially influence actions.