GitLab Stack Creator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill can clone or connect to arbitrary remote git repositories provided by the user (see Phase 3: "Clone repository: git clone " / "If remote repository URL provided"), so the agent would fetch and read untrusted, user-generated third‑party content as part of its workflow.