github
Warn
Audited by Snyk on Jun 20, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). The skill uses
gh pr view,gh issue list,gh run view, andgh api ...to fetch PR/issue/run content from GitHub at runtime; that content is authored by other users (e.g., PR bodies, issue text, comments, CI logs) and is ingested into the agent’s LLM context via the command output.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata