Skills
skills/andreacovelli/my-skills/github-pr-agent-workflows/Snyk

github-pr-agent-workflows

Warn

Audited by Snyk on May 9, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill's bundled scripts (scripts/pr-review-summary.sh and scripts/wait-pr-review.sh) use gh api graphql to fetch PR review threads and comment bodyText from GitHub—user-generated, potentially public content—which SKILL.md and the decision rules require the agent to inspect and act on (e.g., whether to edit, wait, or merge), so third-party content can materially influence agent actions.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
May 9, 2026, 11:58 PM
Issues
1
Security Audit — snyk — github-pr-agent-workflows