Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Gitlab
v1.0.0Interact with GitLab using the `glab` CLI. Use when Claude needs to work with GitLab merge requests, CI/CD pipelines, issues, releases, or make API requests. Supports gitlab.com and self-hosted instances.
⭐ 9· 2.9k·5 current·5 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name and description match the instructions: it is an instruction-only wrapper describing how to use the `glab` CLI for merge requests, CI, issues, releases and raw API calls. That purpose is coherent. However, the skill does not declare that the `glab` binary (or supporting tools like `jq`) are required, which would normally be expected.
Instruction Scope
The SKILL.md instructs the agent to run a wide range of `glab` commands (including `glab api` which can call arbitrary GitLab endpoints) and examples pipe output to `jq`. The doc implicitly expects the agent environment to be an authenticated Git repo and to have credentials available for GitLab. The skill does not explicitly limit or document what commands an autonomous agent may run or what credentials it will use.
Install Mechanism
This is instruction-only with no install spec and no code files, so nothing will be downloaded or written by the skill itself. That is low install risk.
Credentials
The skill declares no required environment variables or primary credential, yet the documented commands typically require GitLab authentication (e.g., GITLAB_TOKEN, GLAB_TOKEN, or glab auth config). Examples also assume `jq` is available. The lack of declared credentials or binaries is disproportionate to the capability described and leaves unclear what credentials the agent will use when executing `glab` commands.
Persistence & Privilege
The skill is not marked always:true and does not request persistent installation. Autonomous model invocation is allowed (the platform default) — combine this with the ability to run arbitrary `glab api` calls and you should confirm intended scope, but the skill itself does not request elevated persistence.
What to consider before installing
This skill is an instruction-only helper that shows how to run the `glab` CLI, but the metadata omits some important operational requirements. Before installing or enabling it:
- Confirm you have the `glab` CLI installed on the agent runtime and consider whether you want that binary available to an agent. The skill expects `glab` but doesn't declare it.
- Verify how the agent will authenticate to GitLab (GITLAB_TOKEN, GLAB_TOKEN, or `glab auth login`). Limit token scope (prefer read/write minimally required scopes) and avoid using a broad admin token.
- Note examples use `jq`; ensure you control which helper binaries are on PATH or adjust examples.
- Because `glab api` can call arbitrary endpoints, an autonomous agent with this skill could read or modify many GitLab resources depending on the token. If you allow autonomous invocation, restrict the credential used to least privilege and audit actions.
- If you need a stricter review, ask the skill author to: (1) declare required binaries and env vars in metadata, (2) document auth methods and required token scopes, and (3) limit or provide guidance about which `glab api` calls the agent is permitted to run.
Given the mismatches between the documentation and the declared requirements, treat this as suspicious until those clarifications are provided.Like a lobster shell, security has layers — review code before you run it.
latestvk974cxnc1wak24c5840f80grws7z7cjj
License
MIT-0
Free to use, modify, and redistribute. No attribution required.