gitlab-issue

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflows and commands (e.g., "glab issue list" and "glab issue view ... --comments" in SKILL.md) explicitly read GitLab issue titles, descriptions, and comments—user-generated content from a third-party site—which the agent is expected to interpret and then perform actions (triage, assign, update, close), exposing it to untrusted indirect prompt injection.