recall
Warn
Audited by Snyk on Jun 14, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.70). The skill runs
entire search/entire explain, which at runtime ingests repository content and command/transcript text; those sources can include outsider-authored free text (e.g., README/transcripts/commit messages/search results authored by others) into the LLM context, creating indirect prompt-injection risk.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata