Trust Assessment
glab-ci received a trust score of 82/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 1 medium, and 0 low severity. Key findings include Skill exposes powerful GitLab CI/CD commands, Execution of local script `scripts/ci-debug.sh`.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Skill exposes powerful GitLab CI/CD commands The skill documentation demonstrates access to a wide range of `glab ci` commands, including `delete`, `cancel`, `run`, and `artifact`. If the underlying `glab` CLI is configured with broad permissions (e.g., a GitLab Personal Access Token with `api` scope), an LLM agent could potentially perform destructive actions (e.g., deleting pipelines, canceling jobs), trigger new pipelines with arbitrary variables, or download sensitive artifacts. This grants significant control over the CI/CD environment, increasing the risk of unintended or malicious operations if the agent is compromised or misconfigured. Implement fine-grained access control for the `glab` token used by the agent, restricting it to the minimum necessary permissions (Least Privilege). Consider adding human-in-the-loop approval for destructive or sensitive operations (e.g., `delete`, `run` with user-provided variables, `artifact` download) to prevent unauthorized actions. | LLM | SKILL.md:100 | |
| MEDIUM | Execution of local script `scripts/ci-debug.sh` The skill documentation mentions the execution of a local script `scripts/ci-debug.sh`. Without reviewing the script's content and how its arguments are handled, there's a potential for command injection. If the script itself is vulnerable, or if it processes arguments derived from untrusted user input without proper sanitization, it could lead to arbitrary code execution on the host system. Provide the content of `scripts/ci-debug.sh` for security review. Ensure the script is robust against command injection, especially if it processes arguments derived from user input. Validate and sanitize all inputs before using them in shell commands within the script. Consider if direct script execution is necessary or if `glab` commands can achieve the same outcome more securely. | LLM | SKILL.md:45 |
Scan History
Embed Code
[](https://skillshield.io/report/f66ec77f8bc12527)
Powered by SkillShield