gitlab-automation
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill defines a workflow that ingests untrusted data from external GitLab projects, which constitutes an indirect prompt injection surface.
- Ingestion points: Data from GitLab issues, merge requests, user profiles, and commit history is pulled into the agent context via tools like
GITLAB_LIST_PROJECT_ISSUESandGITLAB_GET_PROJECT_MERGE_REQUESTS. - Boundary markers: The instructions do not specify the use of delimiters or protective headers when processing the external text content.
- Capability inventory: The agent has the ability to perform write operations on the GitLab instance, including creating projects, issues, and merge requests.
- Sanitization: There is no evidence of content sanitization or validation for the data retrieved from GitLab before it is used in subsequent prompts.
Audit Metadata