gitlab

Purpose and capabilities mostly align with GitLab administration, but the trust model is weak: the skill installs and relies on a third-party CLI, forwards GitLab credentials into it, and even documents disabling TLS verification for self-hosted use. This is better classified as suspicious/high-risk rather than outright malicious.