skills/kidow/skills/find-github-repo/Snyk

find-github-repo

Warn

Audited by Snyk on Apr 27, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.70). The SKILL.md explicitly instructs running gh search repos against public GitHub and ingesting repo metadata (name, description, url, etc.) from public repositories, so the agent reads untrusted, user-generated content on GitHub which can influence search/refinement decisions.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Apr 27, 2026, 03:50 PM

Issues

1

Security Audit — snyk — find-github-repo