glab

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflows (SKILL.md and references/*.md) explicitly instruct using glab api and commands like glab mr list, glab mr view, and glab api "projects/:id/merge_requests/.../discussions" which fetch and parse user-generated GitLab content (issues, MRs, comments) from public/self-hosted servers that the agent is expected to read and act on (e.g., finding discussion IDs and posting replies), so untrusted third-party content can materially influence subsequent actions.