skills/holon-run/holon/github-review/Snyk

github-review

Warn

Audited by Snyk on Apr 30, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.90). This skill explicitly ingests user-generated GitHub content (PR metadata, files, diffs, comments, and review-thread context via the gh commands in the "Collect context" and runtime examples in SKILL.md), so untrusted third‑party text could influence review decisions and publishing behavior.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Apr 30, 2026, 12:55 PM

Issues

1

Security Audit — snyk — github-review