skills/jeremylongshore/claude-code-plugins-plus-skills/coderabbit-upgrade-migration/Snyk

coderabbit-upgrade-migration

Warn

Audited by Snyk on May 20, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to open and review public third-party pages (e.g., "open https://github.com/coderabbit/sdk/releases" and links to https://docs.coderabbit.com/migration) as a required workflow step, meaning untrusted external changelog/docs would be read and could materially influence upgrade actions.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

May 20, 2026, 01:13 AM

Issues

1

Security Audit — snyk — coderabbit-upgrade-migration