to-be-continuous-catalog
Warn
Audited by Snyk on May 16, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs using the gitlab-catalog-browser to list and inspect components from the public to-be-continuous GitLab organization (https://gitlab.com/to-be-continuous) so the agent will fetch and interpret third-party component specifications (via commands like
catalog listandcomponent info) that can influence pipeline construction and actions.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata