glab

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs using glab to call GitLab APIs and view/respond to merge request discussions (e.g., "Reviewing Merge Requests", "Replying to MR Notes/Threads", and "Use the API Command" which run glab api and glab mr view/list), meaning the agent will fetch and interpret user-generated content from third-party GitLab instances.