gitlab-ci-patterns
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE] (SAFE): No malicious behaviors, prompt injections, or exfiltration patterns were detected in the skill contents (SKILL.md) or metadata (metadata.json).
- [COMMAND_EXECUTION] (SAFE): (SKILL.md) Includes shell command snippets for industry-standard tools such as npm, docker, kubectl, and terraform. These are intended for use within a CI/CD environment and are appropriate for the skill's stated purpose. A best practice violation regarding insecure TLS verification (insecure-skip-tls-verify) for kubectl is present but categorized as safe for documentation templates.
- [EXTERNAL_DOWNLOADS] (SAFE): (SKILL.md) Templates reference legitimate external resources including official Docker images from verified registries and standard package managers.
- [DYNAMIC_EXECUTION] (SAFE): (SKILL.md) Documentation includes a pattern for dynamic pipeline generation using GitLab's native trigger mechanism, which is an expected feature for scalable CI/CD workflows and not a security risk in this context.
Audit Metadata