The Agent Skills Directory

[SAFE] (SAFE): A thorough audit of the skill instructions and YAML templates confirms they are standard, well-documented patterns for GitLab CI/CD pipelines. No indicators of prompt injection, data exfiltration, or malicious persistence were found.- [Best Practice] (LOW): The Kubernetes deployment template uses the --insecure-skip-tls-verify=true flag. This is a common but risky configuration that disables SSL/TLS certificate verification, which should be avoided in production environments.- [Dynamic Execution] (LOW): The skill demonstrates Dynamic Child Pipelines, where a Python script generates a pipeline configuration file (child-pipeline.yml) that is then triggered. This is a legitimate feature for complex CI/CD workflows.- [Indirect Prompt Injection] (LOW): The skill defines a surface for processing external data via the generate_pipeline.py script. While the skill itself is safe, this pattern creates a theoretical ingestion point for untrusted content. (Evidence: Ingestion points: generate_pipeline.py; Boundary markers: Absent; Capability inventory: kubectl, terraform; Sanitization: Absent).

gitlab-ci-patterns