Skills
skills/henricook/claude-glab-skill/glab/Gen Agent Trust Hub

glab

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [Indirect Prompt Injection] (LOW): The skill enables the agent to read content from GitLab issues, merge requests, and pipeline logs which can contain untrusted data.
  • Ingestion points: Commands like glab mr view, glab issue list, and glab ci trace ingest external data into the agent's context.
  • Boundary markers: None specified in the instructions to separate untrusted GitLab content from agent instructions.
  • Capability inventory: The skill allows the use of Bash which can be used to execute arbitrary commands if the agent is manipulated by content within a merge request or issue.
  • Sanitization: No specific sanitization or validation of the ingested content is mentioned.
  • [Credential Handling] (LOW): The skill provides instructions for managing GITLAB_TOKEN environment variables. While no secrets are hardcoded, users should be aware that the agent will have access to these credentials in the shell environment to perform its tasks.
  • [Command Execution] (SAFE): The skill requires the Bash tool to execute glab commands. This is consistent with the primary purpose of a CLI-focused skill. The instructions follow best practices for using the official GitLab CLI tool.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 05:15 PM