gh-pr-diff
Warn
Audited by Snyk on Jun 16, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). The skill runs
gh pr diff(GitHub CLI) to fetch and render the PR’s diff/patch text at runtime; that diff content is authored by other contributors (outsider) and is ingested into the agent context via the command’s free-form output.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata