skills/mathews-tom/praxis-skills/pr-review/Snyk

pr-review

Warn

Audited by Snyk on Apr 8, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.90). The skill's workflow explicitly allows fetching PR diffs with "gh pr diff " (and reads PR/changed files) which ingests user-generated content from GitHub and uses that content to drive review decisions, exposing the agent to untrusted third-party input.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Apr 8, 2026, 06:13 AM

Issues

1