← Back to Skills Marketplace
3001
Downloads
9
Stars
5
Active Installs
1
Versions
Install in OpenClaw
/install glab-cli
Description
Interact with GitLab using the `glab` CLI. Use when Claude needs to work with GitLab merge requests, CI/CD pipelines, issues, releases, or make API requests. Supports gitlab.com and self-hosted instances.
README (SKILL.md)
GitLab Skill
Use the glab CLI to interact with GitLab. Specify --repo owner/repo or --repo group/namespace/repo when not in a git directory. Also accepts full URLs.
Merge Requests
List open merge requests:
glab mr list --repo owner/repo
View MR details:
glab mr view 55 --repo owner/repo
Create an MR from current branch:
glab mr create --fill --target-branch main
Approve, merge, or check out:
glab mr approve 55
glab mr merge 55
glab mr checkout 55
View MR diff:
glab mr diff 55
CI/CD Pipelines
Check pipeline status for current branch:
glab ci status
View pipeline interactively (navigate jobs, view logs):
glab ci view
List recent pipelines:
glab ci list --repo owner/repo
Trace job logs in real time:
glab ci trace
glab ci trace 224356863 # specific job ID
glab ci trace lint # by job name
Retry a failed pipeline:
glab ci retry
Validate .gitlab-ci.yml:
glab ci lint
Issues
List and view issues:
glab issue list --repo owner/repo
glab issue view 42
Create an issue:
glab issue create --title "Bug report" --label bug
Add a comment:
glab issue note 42 -m "This is fixed in !55"
API for Advanced Queries
Use glab api for endpoints not covered by subcommands. Supports REST and GraphQL.
Get project releases:
glab api projects/:fullpath/releases
Get MR with specific fields (pipe to jq):
glab api projects/owner/repo/merge_requests/55 | jq '.title, .state, .author.username'
Paginate through all issues:
glab api issues --paginate
GraphQL query:
glab api graphql -f query='
query {
currentUser { username }
}
'
JSON Output
Pipe to jq for filtering:
glab mr list --repo owner/repo | jq -r '.[] | "\(.iid): \(.title)"'
Variables and Releases
Manage CI/CD variables:
glab variable list
glab variable set MY_VAR "value"
glab variable get MY_VAR
Create a release:
glab release create v1.0.0 --notes "Release notes here"
Key Differences from GitHub CLI
| Concept | GitHub (gh) |
GitLab (glab) |
|---|---|---|
| Pull/Merge Request | gh pr |
glab mr |
| CI runs | gh run |
glab ci |
| Repo path format | owner/repo |
owner/repo or group/namespace/repo |
| Interactive pipeline view | N/A | glab ci view |
Usage Guidance
This skill is an instruction-only helper that shows how to run the `glab` CLI, but the metadata omits some important operational requirements. Before installing or enabling it:
- Confirm you have the `glab` CLI installed on the agent runtime and consider whether you want that binary available to an agent. The skill expects `glab` but doesn't declare it.
- Verify how the agent will authenticate to GitLab (GITLAB_TOKEN, GLAB_TOKEN, or `glab auth login`). Limit token scope (prefer read/write minimally required scopes) and avoid using a broad admin token.
- Note examples use `jq`; ensure you control which helper binaries are on PATH or adjust examples.
- Because `glab api` can call arbitrary endpoints, an autonomous agent with this skill could read or modify many GitLab resources depending on the token. If you allow autonomous invocation, restrict the credential used to least privilege and audit actions.
- If you need a stricter review, ask the skill author to: (1) declare required binaries and env vars in metadata, (2) document auth methods and required token scopes, and (3) limit or provide guidance about which `glab api` calls the agent is permitted to run.
Given the mismatches between the documentation and the declared requirements, treat this as suspicious until those clarifications are provided.
Capability Analysis
Type: OpenClaw Skill
Name: glab-cli
Version: 1.0.0
The skill bundle provides access to the powerful `glab` CLI, including commands like `glab api` and `glab variable`. While these are legitimate functions for interacting with GitLab, their broad capabilities, particularly `glab api` which allows arbitrary REST and GraphQL calls, present a significant attack surface for prompt injection against the AI agent. A malicious user could leverage these commands to perform unauthorized actions or exfiltrate data from GitLab, even though the `skill.md` itself does not contain explicit malicious instructions.
Capability Assessment
Purpose & Capability
The skill's name and description match the instructions: it is an instruction-only wrapper describing how to use the `glab` CLI for merge requests, CI, issues, releases and raw API calls. That purpose is coherent. However, the skill does not declare that the `glab` binary (or supporting tools like `jq`) are required, which would normally be expected.
Instruction Scope
The SKILL.md instructs the agent to run a wide range of `glab` commands (including `glab api` which can call arbitrary GitLab endpoints) and examples pipe output to `jq`. The doc implicitly expects the agent environment to be an authenticated Git repo and to have credentials available for GitLab. The skill does not explicitly limit or document what commands an autonomous agent may run or what credentials it will use.
Install Mechanism
This is instruction-only with no install spec and no code files, so nothing will be downloaded or written by the skill itself. That is low install risk.
Credentials
The skill declares no required environment variables or primary credential, yet the documented commands typically require GitLab authentication (e.g., GITLAB_TOKEN, GLAB_TOKEN, or glab auth config). Examples also assume `jq` is available. The lack of declared credentials or binaries is disproportionate to the capability described and leaves unclear what credentials the agent will use when executing `glab` commands.
Persistence & Privilege
The skill is not marked always:true and does not request persistent installation. Autonomous model invocation is allowed (the platform default) — combine this with the ability to run arbitrary `glab api` calls and you should confirm intended scope, but the skill itself does not request elevated persistence.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install glab-cli - After installation, invoke the skill by name or use
/glab-cli - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of the glab skill based on @steipete gh skill.
- Enables interaction with GitLab via the `glab` CLI for merge requests, CI/CD pipelines, issues, releases, and API queries.
- Supports both gitlab.com and self-hosted GitLab instances.
- Allows advanced API usage (REST and GraphQL) and JSON output piping for automation.
- Includes key workflow commands with examples for MR handling, CI/CD operations, issue management, and release creation.
- Documents key differences between `glab` and GitHub CLI for smoother onboarding.
Metadata
Frequently Asked Questions
What is Gitlab?
Interact with GitLab using the `glab` CLI. Use when Claude needs to work with GitLab merge requests, CI/CD pipelines, issues, releases, or make API requests. Supports gitlab.com and self-hosted instances. It is an AI Agent Skill for Claude Code / OpenClaw, with 3001 downloads so far.
How do I install Gitlab?
Run "/install glab-cli" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Gitlab free?
Yes, Gitlab is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Gitlab support?
Gitlab is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Gitlab?
It is built and maintained by Portavion (@portavion); the current version is v1.0.0.
More Skills