skills/2ykwang/agent-skills/github-review-issue/Snyk

github-review-issue

Warn

Audited by Snyk on Apr 7, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.90). The SKILL.md "Step 2: Fetch Data" explicitly instructs using gh issue view to pull GitHub issue content (owner/repo issues), which is untrusted, user-generated content from public GitHub that the agent will read and use to determine summaries and next actions.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Apr 7, 2026, 10:45 AM

Issues

1

Security Audit — snyk — github-review-issue