pull-request-management
Warn
Audited by Snyk on Jun 20, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). The skill’s runtime GitHub PR operations (e.g.,
gh pr view ... --comments,gh pr view ... --json comments/reviews,gh pr diff ...) ingest outsider-authored free text from PR conversation content—such as review comments and issue/PR discussion bodies written by other users—into the agent’s LLM context via the GitHub API/CLI response.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata