skills/oschina/gitee-agent-skills/implement-issue/Snyk

implement-issue

Warn

Audited by Snyk on May 12, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.90). The skill explicitly retrieves and interprets user-generated Gitee Issue content and comments (via get_repo_issue_detail and list_issue_comments in "Step 1: Fetch Issue Details") and uses that content to drive requirements, implementation decisions, and PR actions, which exposes the agent to untrusted third-party input that could inject instructions.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

May 12, 2026, 05:08 AM

Issues

1

Security Audit — snyk — implement-issue