Skills
skills/spencerpauly/awesome-cursor-skills/parallel-ci-triage/Snyk

parallel-ci-triage

Warn

Audited by Snyk on Apr 19, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to fetch and ingest CI logs via the GitHub CLI (e.g., gh run view --job <JOB_ID> --log) or paste logs from the GitHub Actions UI, so it will read untrusted, user-generated third-party content (CI logs) that can influence troubleshooting actions and tool use.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 19, 2026, 07:06 AM
Issues
1