Skills
skills/github/gh-aw/pr-finisher/Snyk

pr-finisher

Warn

Audited by Snyk on Jun 22, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.85). The workflow ingests outsider-authored free text via GitHub PR review threads/comments (including github-actions[bot]) fetched at runtime with gh pr view ... --json reviews,reviewThreads,comments and then handled by the copilot-review skill, which feeds that text into the agent/LLM context for reply+resolve.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 22, 2026, 05:54 AM
Issues
1
Security Audit — snyk — pr-finisher