pr-pre-push-review
Fail
Audited by Snyk on Jun 19, 2026
Risk Level: HIGH
Full Analysis
HIGH W007: Insecure credential handling detected in skill instructions.
- Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs the operator to paste full file contents and tells the sub-agent to "quote the problematic lines," which requires reproducing any secrets or API keys present in those files verbatim in the agent's output, enabling secret exfiltration.
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.70). The runtime workflow explicitly has the parent agent “read all changed/new files” and then “paste the full file contents” into the sub-agent prompt; if those changed/new files are authored by an outsider (e.g., a benchmark PR from an external contributor), their code text becomes LLM-readable free-form content in the sub-agent context.
Issues (2)
W007
HIGHInsecure credential handling detected in skill instructions.
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata