gitlab-create-merge-request
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes git and glab commands to interact with the local repository and GitLab API.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it interpolates git commit messages into shell commands.
- Ingestion points: Commit messages via git log.
- Boundary markers: Arguments are wrapped in double quotes.
- Capability inventory: Git repository access and GitLab API interaction via glab CLI.
- Sanitization: No explicit sanitization of commit messages is performed.
Audit Metadata