Gitlab
Interact with GitLab using the `glab` CLI. Use when Claude needs to work with GitLab merge requests, CI/CD pipelines, issues, releases, or make API requests. Supports gitlab.com and self-hosted instances.
MIT-0 · Free to use, modify, and redistribute. No attribution required.
⭐ 8 · 2.6k · 4 current installs · 4 all-time installs
MIT-0
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name and description match the instructions: it is an instruction-only wrapper describing how to use the `glab` CLI for merge requests, CI, issues, releases and raw API calls. That purpose is coherent. However, the skill does not declare that the `glab` binary (or supporting tools like `jq`) are required, which would normally be expected.
Instruction Scope
The SKILL.md instructs the agent to run a wide range of `glab` commands (including `glab api` which can call arbitrary GitLab endpoints) and examples pipe output to `jq`. The doc implicitly expects the agent environment to be an authenticated Git repo and to have credentials available for GitLab. The skill does not explicitly limit or document what commands an autonomous agent may run or what credentials it will use.
Install Mechanism
This is instruction-only with no install spec and no code files, so nothing will be downloaded or written by the skill itself. That is low install risk.
Credentials
The skill declares no required environment variables or primary credential, yet the documented commands typically require GitLab authentication (e.g., GITLAB_TOKEN, GLAB_TOKEN, or glab auth config). Examples also assume `jq` is available. The lack of declared credentials or binaries is disproportionate to the capability described and leaves unclear what credentials the agent will use when executing `glab` commands.
Persistence & Privilege
The skill is not marked always:true and does not request persistent installation. Autonomous model invocation is allowed (the platform default) — combine this with the ability to run arbitrary `glab api` calls and you should confirm intended scope, but the skill itself does not request elevated persistence.
What to consider before installing
This skill is an instruction-only helper that shows how to run the `glab` CLI, but the metadata omits some important operational requirements. Before installing or enabling it:
- Confirm you have the `glab` CLI installed on the agent runtime and consider whether you want that binary available to an agent. The skill expects `glab` but doesn't declare it.
- Verify how the agent will authenticate to GitLab (GITLAB_TOKEN, GLAB_TOKEN, or `glab auth login`). Limit token scope (prefer read/write minimally required scopes) and avoid using a broad admin token.
- Note examples use `jq`; ensure you control which helper binaries are on PATH or adjust examples.
- Because `glab api` can call arbitrary endpoints, an autonomous agent with this skill could read or modify many GitLab resources depending on the token. If you allow autonomous invocation, restrict the credential used to least privilege and audit actions.
- If you need a stricter review, ask the skill author to: (1) declare required binaries and env vars in metadata, (2) document auth methods and required token scopes, and (3) limit or provide guidance about which `glab api` calls the agent is permitted to run.
Given the mismatches between the documentation and the declared requirements, treat this as suspicious until those clarifications are provided.Like a lobster shell, security has layers — review code before you run it.
Current versionv1.0.0
Download ziplatest
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
SKILL.md
GitLab Skill
Use the glab CLI to interact with GitLab. Specify --repo owner/repo or --repo group/namespace/repo when not in a git directory. Also accepts full URLs.
Merge Requests
List open merge requests:
glab mr list --repo owner/repo
View MR details:
glab mr view 55 --repo owner/repo
Create an MR from current branch:
glab mr create --fill --target-branch main
Approve, merge, or check out:
glab mr approve 55
glab mr merge 55
glab mr checkout 55
View MR diff:
glab mr diff 55
CI/CD Pipelines
Check pipeline status for current branch:
glab ci status
View pipeline interactively (navigate jobs, view logs):
glab ci view
List recent pipelines:
glab ci list --repo owner/repo
Trace job logs in real time:
glab ci trace
glab ci trace 224356863 # specific job ID
glab ci trace lint # by job name
Retry a failed pipeline:
glab ci retry
Validate .gitlab-ci.yml:
glab ci lint
Issues
List and view issues:
glab issue list --repo owner/repo
glab issue view 42
Create an issue:
glab issue create --title "Bug report" --label bug
Add a comment:
glab issue note 42 -m "This is fixed in !55"
API for Advanced Queries
Use glab api for endpoints not covered by subcommands. Supports REST and GraphQL.
Get project releases:
glab api projects/:fullpath/releases
Get MR with specific fields (pipe to jq):
glab api projects/owner/repo/merge_requests/55 | jq '.title, .state, .author.username'
Paginate through all issues:
glab api issues --paginate
GraphQL query:
glab api graphql -f query='
query {
currentUser { username }
}
'
JSON Output
Pipe to jq for filtering:
glab mr list --repo owner/repo | jq -r '.[] | "\(.iid): \(.title)"'
Variables and Releases
Manage CI/CD variables:
glab variable list
glab variable set MY_VAR "value"
glab variable get MY_VAR
Create a release:
glab release create v1.0.0 --notes "Release notes here"
Key Differences from GitHub CLI
| Concept | GitHub (gh) | GitLab (glab) |
|---|---|---|
| Pull/Merge Request | gh pr | glab mr |
| CI runs | gh run | glab ci |
| Repo path format | owner/repo | owner/repo or group/namespace/repo |
| Interactive pipeline view | N/A | glab ci view |
Files
1 totalSelect a file
Select a file to preview.
Comments
Loading comments…