← 返回 Skills 市场
3001
总下载
9
收藏
5
当前安装
1
版本数
在 OpenClaw 中安装
/install glab-cli
功能描述
Interact with GitLab using the `glab` CLI. Use when Claude needs to work with GitLab merge requests, CI/CD pipelines, issues, releases, or make API requests. Supports gitlab.com and self-hosted instances.
使用说明 (SKILL.md)
GitLab Skill
Use the glab CLI to interact with GitLab. Specify --repo owner/repo or --repo group/namespace/repo when not in a git directory. Also accepts full URLs.
Merge Requests
List open merge requests:
glab mr list --repo owner/repo
View MR details:
glab mr view 55 --repo owner/repo
Create an MR from current branch:
glab mr create --fill --target-branch main
Approve, merge, or check out:
glab mr approve 55
glab mr merge 55
glab mr checkout 55
View MR diff:
glab mr diff 55
CI/CD Pipelines
Check pipeline status for current branch:
glab ci status
View pipeline interactively (navigate jobs, view logs):
glab ci view
List recent pipelines:
glab ci list --repo owner/repo
Trace job logs in real time:
glab ci trace
glab ci trace 224356863 # specific job ID
glab ci trace lint # by job name
Retry a failed pipeline:
glab ci retry
Validate .gitlab-ci.yml:
glab ci lint
Issues
List and view issues:
glab issue list --repo owner/repo
glab issue view 42
Create an issue:
glab issue create --title "Bug report" --label bug
Add a comment:
glab issue note 42 -m "This is fixed in !55"
API for Advanced Queries
Use glab api for endpoints not covered by subcommands. Supports REST and GraphQL.
Get project releases:
glab api projects/:fullpath/releases
Get MR with specific fields (pipe to jq):
glab api projects/owner/repo/merge_requests/55 | jq '.title, .state, .author.username'
Paginate through all issues:
glab api issues --paginate
GraphQL query:
glab api graphql -f query='
query {
currentUser { username }
}
'
JSON Output
Pipe to jq for filtering:
glab mr list --repo owner/repo | jq -r '.[] | "\(.iid): \(.title)"'
Variables and Releases
Manage CI/CD variables:
glab variable list
glab variable set MY_VAR "value"
glab variable get MY_VAR
Create a release:
glab release create v1.0.0 --notes "Release notes here"
Key Differences from GitHub CLI
| Concept | GitHub (gh) |
GitLab (glab) |
|---|---|---|
| Pull/Merge Request | gh pr |
glab mr |
| CI runs | gh run |
glab ci |
| Repo path format | owner/repo |
owner/repo or group/namespace/repo |
| Interactive pipeline view | N/A | glab ci view |
安全使用建议
This skill is an instruction-only helper that shows how to run the `glab` CLI, but the metadata omits some important operational requirements. Before installing or enabling it:
- Confirm you have the `glab` CLI installed on the agent runtime and consider whether you want that binary available to an agent. The skill expects `glab` but doesn't declare it.
- Verify how the agent will authenticate to GitLab (GITLAB_TOKEN, GLAB_TOKEN, or `glab auth login`). Limit token scope (prefer read/write minimally required scopes) and avoid using a broad admin token.
- Note examples use `jq`; ensure you control which helper binaries are on PATH or adjust examples.
- Because `glab api` can call arbitrary endpoints, an autonomous agent with this skill could read or modify many GitLab resources depending on the token. If you allow autonomous invocation, restrict the credential used to least privilege and audit actions.
- If you need a stricter review, ask the skill author to: (1) declare required binaries and env vars in metadata, (2) document auth methods and required token scopes, and (3) limit or provide guidance about which `glab api` calls the agent is permitted to run.
Given the mismatches between the documentation and the declared requirements, treat this as suspicious until those clarifications are provided.
功能分析
Type: OpenClaw Skill
Name: glab-cli
Version: 1.0.0
The skill bundle provides access to the powerful `glab` CLI, including commands like `glab api` and `glab variable`. While these are legitimate functions for interacting with GitLab, their broad capabilities, particularly `glab api` which allows arbitrary REST and GraphQL calls, present a significant attack surface for prompt injection against the AI agent. A malicious user could leverage these commands to perform unauthorized actions or exfiltrate data from GitLab, even though the `skill.md` itself does not contain explicit malicious instructions.
能力评估
Purpose & Capability
The skill's name and description match the instructions: it is an instruction-only wrapper describing how to use the `glab` CLI for merge requests, CI, issues, releases and raw API calls. That purpose is coherent. However, the skill does not declare that the `glab` binary (or supporting tools like `jq`) are required, which would normally be expected.
Instruction Scope
The SKILL.md instructs the agent to run a wide range of `glab` commands (including `glab api` which can call arbitrary GitLab endpoints) and examples pipe output to `jq`. The doc implicitly expects the agent environment to be an authenticated Git repo and to have credentials available for GitLab. The skill does not explicitly limit or document what commands an autonomous agent may run or what credentials it will use.
Install Mechanism
This is instruction-only with no install spec and no code files, so nothing will be downloaded or written by the skill itself. That is low install risk.
Credentials
The skill declares no required environment variables or primary credential, yet the documented commands typically require GitLab authentication (e.g., GITLAB_TOKEN, GLAB_TOKEN, or glab auth config). Examples also assume `jq` is available. The lack of declared credentials or binaries is disproportionate to the capability described and leaves unclear what credentials the agent will use when executing `glab` commands.
Persistence & Privilege
The skill is not marked always:true and does not request persistent installation. Autonomous model invocation is allowed (the platform default) — combine this with the ability to run arbitrary `glab api` calls and you should confirm intended scope, but the skill itself does not request elevated persistence.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install glab-cli - 安装完成后,直接呼叫该 Skill 的名称或使用
/glab-cli触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of the glab skill based on @steipete gh skill.
- Enables interaction with GitLab via the `glab` CLI for merge requests, CI/CD pipelines, issues, releases, and API queries.
- Supports both gitlab.com and self-hosted GitLab instances.
- Allows advanced API usage (REST and GraphQL) and JSON output piping for automation.
- Includes key workflow commands with examples for MR handling, CI/CD operations, issue management, and release creation.
- Documents key differences between `glab` and GitHub CLI for smoother onboarding.
元数据
常见问题
Gitlab 是什么?
Interact with GitLab using the `glab` CLI. Use when Claude needs to work with GitLab merge requests, CI/CD pipelines, issues, releases, or make API requests. Supports gitlab.com and self-hosted instances. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 3001 次。
如何安装 Gitlab?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install glab-cli」即可一键安装,无需额外配置。
Gitlab 是免费的吗?
是的,Gitlab 完全免费(开源免费),可自由下载、安装和使用。
Gitlab 支持哪些平台?
Gitlab 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Gitlab?
由 Portavion(@portavion)开发并维护,当前版本 v1.0.0。
推荐 Skills