← Back to Skills Marketplace

GitLab

Name: GitLab
Author: ivangdavila

by Iván · GitHub ↗ · v1.0.0

linuxdarwinwin32 ✓ Security Clean

1998

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install gitlab

Description

Avoid common GitLab CI/CD mistakes — rules gotchas, silent failures, and YAML merge traps.

README (SKILL.md)

Rules Gotchas

rules: and only:/except: can't mix — use one or the other per job
First matching rule wins — put specific rules before general ones
Missing when: defaults to on_success — rules: - if: $CI_COMMIT_TAG runs on tag
Empty rules array rules: [] means never run — different from no rules at all
Add - when: never at end to prevent fallthrough — otherwise unmatched conditions may run

Silent Failures

Protected variables missing on non-protected branches — job runs but variable is empty
Runner tag mismatch — job stays pending forever with no error
docker:dind on non-privileged runner — fails with cryptic Docker errors
Masked variable format invalid — variable exposed in logs anyway

YAML Merge Traps

extends: doesn't deep merge arrays — scripts, variables arrays get replaced, not appended
Use !reference [.job, script] to reuse — script: [!reference [.base, script], "my command"]
include: files can override each other — last one wins for same keys
Anchors &/* don't work across files — use extends: for cross-file reuse

Artifacts vs Cache

Cache not guaranteed between runs — treat as optimization, not requirement
Artifacts auto-download by stage — add dependencies: [] to skip if not needed
needs: downloads artifacts by default — needs: [{job: x, artifacts: false}] to skip

Docker-in-Docker

Shared runners usually don't support privileged — need self-hosted or special config
DOCKER_HOST: tcp://docker:2375 required — job uses wrong Docker otherwise
DOCKER_TLS_CERTDIR: "" or configure TLS properly — half-configured TLS breaks builds

Pipeline Triggers

CI_PIPELINE_SOURCE differs by trigger — push, merge_request_event, schedule, api, trigger
MR pipelines need rules: - if: $CI_MERGE_REQUEST_IID — not just branch rules
Detached vs merged result pipelines — detached tests source, merged tests result of merge

Usage Guidance

This skill is a read-only set of GitLab CI/CD tips and appears internally consistent and low-risk: it doesn't ask for credentials, install binaries, or run code. If you need stronger guarantees, prefer official GitLab docs or sources you trust; check the skill author and changelog before installing in environments with strict compliance requirements. If you plan to let an autonomous agent act on pipelines, ensure the agent's permissions and credentials are limited — the skill itself does not request any secrets, but agents can be granted them elsewhere.

Capability Analysis

Type: OpenClaw Skill Name: gitlab Version: 1.0.0 The skill bundle contains only metadata (`_meta.json`) and a documentation file (`SKILL.md`). The `SKILL.md` provides informational content about GitLab CI/CD best practices and common pitfalls. There are no executable commands, network calls, file system access, or any instructions that could lead to prompt injection against the agent, data exfiltration, or other malicious activities. The content is purely educational and aligns with a benign knowledge-base skill.

Capability Assessment

✓ Purpose & Capability

The name/description (GitLab CI/CD gotchas) match the SKILL.md content. The skill does not request unrelated binaries, env vars, or config paths — everything present is explanatory guidance about GitLab pipelines.

✓ Instruction Scope

SKILL.md contains static best-practice notes (rules, artifacts, dind, triggers). It does not instruct the agent to read local files, access system credentials, or transmit data to external endpoints. Mentions of CI variables are contextual and not instructions to exfiltrate them.

✓ Install Mechanism

No install spec and no code files are present. As an instruction-only skill it does not write to disk or fetch remote code during install.

✓ Credentials

The skill declares no required environment variables or credentials. There are no disproportionate or unexplained requests for secrets or unrelated service keys.

✓ Persistence & Privilege

always is false and model invocation is not disabled (normal). The skill does not request permanent presence or modify other skills or system-wide settings.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install gitlab
After installation, invoke the skill by name or use /gitlab
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.0

Initial release

Metadata

Slug gitlab

Version 1.0.0

License —

All-time Installs 17

Active Installs 17

Total Versions 1

Frequently Asked Questions

What is GitLab?

Avoid common GitLab CI/CD mistakes — rules gotchas, silent failures, and YAML merge traps. It is an AI Agent Skill for Claude Code / OpenClaw, with 1998 downloads so far.

How do I install GitLab?

Run "/install gitlab" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is GitLab free?

Yes, GitLab is completely free (open-source). You can download, install and use it at no cost.

Which platforms does GitLab support?

GitLab is cross-platform and runs anywhere OpenClaw / Claude Code is available (linux, darwin, win32).

Who created GitLab?

It is built and maintained by Iván (@ivangdavila); the current version is v1.0.0.

More Skills