gitlab-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly runs scripts that call external GitLab APIs and fetch remote documentation and project content (e.g., scripts/gitlab_context.py reads pipeline info and the local/.remote .gitlab-ci.yml via the GitLab API, and the Execution Protocol requires running scripts/sync-gitlab-docs.py and validate_glfm.py against upstream docs/GitLab Markdown), so user-controlled or public repo content is ingested into the agent context and could influence subsequent actions.