Trust Assessment
glab-issue received a trust score of 74/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 2 findings: 0 critical, 2 high, 0 medium, and 0 low severity. Key findings include Potential for Command Injection via `glab` arguments, Broad access to GitLab issue management, including deletion.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential for Command Injection via `glab` arguments The skill exposes `glab` commands that accept various arguments (e.g., title, message, issue IDs, labels). If the LLM constructs these commands by directly interpolating untrusted user input without proper shell escaping, an attacker could inject arbitrary shell commands. This is particularly risky for commands like `glab issue create --title "..."` or `glab issue note -m "..."`. The invocation of custom scripts like `scripts/batch-label-issues.sh` with user-controlled arguments also poses this risk, as the script's internal sanitization is unknown. Implement robust input sanitization and shell escaping for all user-provided arguments before constructing and executing `glab` commands or custom scripts. Consider using a library that safely handles command arguments (e.g., `shlex.quote` in Python) to prevent shell metacharacter interpretation. | LLM | SKILL.md:10 | |
| HIGH | Broad access to GitLab issue management, including deletion The skill grants extensive permissions over GitLab issues, including creation, modification, and crucially, deletion (`glab issue delete`). If compromised, this skill could be used to delete or disrupt critical project issues, leading to data loss or operational impact. Additionally, the skill invokes local scripts (`scripts/batch-label-issues.sh`, `scripts/create-mr-from-issue.sh`) whose capabilities are unknown, potentially expanding the permission scope further. Restrict the skill's capabilities to the minimum necessary. If deletion is not strictly required for the LLM's intended use, remove access to `glab issue delete`. For custom scripts, ensure they are thoroughly reviewed and their execution environment is sandboxed if possible. Implement strict access controls and principle of least privilege for the LLM's execution environment. | LLM | SKILL.md:95 |
Scan History
Embed Code
[](https://skillshield.io/report/8d7f2736a660d4b9)
Powered by SkillShield