code-review
Warn
Audited by Snyk on Jul 1, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.75). The workflow ingests outsider-authored free text from the issue tracker by “fetch[ing] via the workflow in
docs/agents/issue-tracker.md” (step 2.1), then includes that fetched issue/PRD text in the Spec sub-agent prompt as readable prose for the LLM context.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata