skills/codebeltnet/agentic/git-remote-release/Snyk

git-remote-release

Warn

Audited by Snyk on Jun 19, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.85). The required workflow ingests outsider-authored free text from GitHub PR descriptions/bodies (and possibly commit message bodies) when it “collect[s] pull requests” and “collect[s] PR description/body” for commits in the comparison range via the GitHub API, which is not authored by the operating user.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Jun 19, 2026, 07:38 AM

Issues

1

Security Audit — snyk — git-remote-release