github-evidence-kit

Warn

Audited by Snyk on May 31, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.85). At runtime, the GHArchiveCollector/GitHubAPICollector/WaybackCollector ingest outsider-authored free text (e.g., issue/PR bodies, commit messages, and Wayback snapshot HTML) from public services via API responses, which are then stored as message, body, content, etc. and can be serialized/loaded into the agent’s LLM context; e.g., GitHubAPICollector.collect_issue/_collect_issue_or_pr sets IssueObservation.body=data.get("body"), and GHArchiveCollector parses payload.get("issue").get("body") / payload.get("comment").get("body") into evidence fields.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
May 31, 2026, 12:32 AM
Issues
1
Security Audit — snyk — github-evidence-kit