GitLab Stack Config Generator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTIONNO_CODE
Full Analysis
- Indirect Prompt Injection (LOW): The skill provides a surface for indirect prompt injection by ingesting and processing untrusted data from
.envfiles to generate configurations.\n - Ingestion points: Processes
.env,.env.example, and service-specific configuration files.\n - Boundary markers: Delimiters are not explicitly defined in the provided documentation to isolate external data from the generation process.\n
- Capability inventory: Includes file writing, directory creation, and execution of validation commands.\n
- Sanitization: Implements secret detection patterns and syntax validation checks.\n- External Downloads (LOW): The skill installation instructions point to an untrusted repository marketplace (
rknall/Skills) that is not included in the trusted external sources list.\n- Command Execution (LOW): The skill specifies the execution of system commands, such asnginx -tand shell-based pipelines usinggrepanddiff, to validate configuration state.\n- Prompt Injection (LOW): The skill contains specific instructions in the metadata and README to override the agent's behavior regarding commit message formatting (e.g., 'NEVER mention Claude in commit messages').
Audit Metadata