Skills
skills/b-mendoza/agent-skills/orchestrating-workflow/Snyk

orchestrating-workflow

Warn

Audited by Snyk on Jun 15, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.85). The required runtime workflow can ingest outsider-authored free text from the work-item platform (e.g., Jira issue/description/comments or GitHub issue body/comments) via the Phase 1 downstream skill fetching-work-item and later per-task planning/critique skills, whose outputs are retained in the orchestrator context.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 15, 2026, 06:40 AM
Issues
1
Security Audit — snyk — orchestrating-workflow