skills/antiwork/gumroad/pr-description/Snyk

pr-description

Warn

Audited by Snyk on Mar 24, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs fetching and reading GitHub issues via "gh issue view --repo ... --comments" and repeatedly states "Always fetch the GitHub issue", so the agent ingests user-generated, untrusted issue/comments content that can shape its PR-writing behavior.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Mar 24, 2026, 09:53 PM

Issues

1

Security Audit — snyk — pr-description