gitlab-label
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill uses the Bash tool to run glab commands. User input for label names, descriptions, and colors is directly interpolated into these commands, creating a risk of shell injection if inputs are not escaped.
- [PROMPT_INJECTION] (LOW): A surface for indirect prompt injection exists through data ingestion points for label metadata. Evidence Chain: 1. Ingestion points: label name and description parameters in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: Bash, Read, Glob, Grep tools. 4. Sanitization: No sanitization or escaping is specified for the interpolated variables.
Audit Metadata