skills/pbakaus/agent-reviews/resolve-reviews/Snyk

resolve-reviews

Warn

Audited by Snyk on May 5, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and processes PR review comments from GitHub (see "Step 1: Fetch All Comments" using npx agent-reviews --unanswered --expanded) and reads/interprets those user-generated review comments to decide code changes and replies, which exposes the agent to untrusted third-party content that could contain injected instructions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

Potentially malicious external URL detected (high risk: 0.90). The skill repeatedly invokes "npx agent-reviews" at runtime, which will fetch and execute code from the npm registry (e.g. https://registry.npmjs.org/agent-reviews or https://www.npmjs.com/package/agent-reviews), so it relies on remote code fetched at runtime.

Issues (2)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012

MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata

Risk Level

MEDIUM

Analyzed

May 5, 2026, 07:01 AM

Issues

2