skills/bgauryy/octocode/octocode-cli/Snyk

octocode-cli

Warn

Audited by Snyk on Jun 18, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.95). The required workflow ingests repository content via octocode-cli search-code / get-file (e.g., reading hit files and PR history from outsider-authored GitHub repos at runtime), which becomes readable text in the agent’s LLM context through the --json/structuredContent output.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Jun 18, 2026, 04:44 AM

Issues

1

Security Audit — snyk — octocode-cli