gitlab-flow

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow explicitly fetches and interprets user-generated GitLab MR content (e.g., "glab mr view --comments" and "glab mr diff ") and then uses that content to drive reviews, fixes, and merge decisions, so untrusted third-party comments/diffs can materially influence agent actions.