handle-pr-comments
Warn
Audited by Snyk on Jun 27, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.95). Outsider-authored free text is ingested when the skill fetches PR review thread comments from GitHub via the GraphQL
pullRequest.reviewThreadsfield (unresolvedcomments), where those comments are authored by other users than the operating user.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata