gitlab-ci-best-practices
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [Indirect Prompt Injection] (HIGH): The skill is designed to process and optimize GitLab CI/CD configuration files. This creates a vulnerability surface where malicious instructions in a processed file could hijack the agent's behavior.
- Ingestion points: 'Read', 'Grep', and 'Glob' tools used on local project files.
- Boundary markers: Absent.
- Capability inventory: 'Bash', 'Write', and 'Edit' tools allow for command execution and file modification.
- Sanitization: Absent.
- [Command Execution] (MEDIUM): The 'Bash' tool is explicitly allowed, granting the agent the ability to execute shell commands. In the context of CI/CD optimization, this capability can be abused if the agent is influenced by malicious configurations.
Recommendations
- AI detected serious security threats
Audit Metadata