github-evidence-kit
Warn
Audited by Snyk on May 31, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). At runtime, the GHArchiveCollector/GitHubAPICollector/WaybackCollector ingest outsider-authored free text (e.g., issue/PR bodies, commit messages, and Wayback snapshot HTML) from public services via API responses, which are then stored as
message,body,content, etc. and can be serialized/loaded into the agent’s LLM context; e.g.,GitHubAPICollector.collect_issue/_collect_issue_or_prsetsIssueObservation.body=data.get("body"), andGHArchiveCollectorparsespayload.get("issue").get("body")/payload.get("comment").get("body")into evidence fields.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata