gitlab-webhooks

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill exposes the agent to untrusted, user-generated GitLab webhook payloads (POST /webhooks/gitlab in the Express/FastAPI/Next.js examples and handlers) which parse and log fields like issue/note/merge_request/release descriptions and commit messages from external GitLab instances.