git-workflows
Warn
Audited by Snyk on May 18, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). references/github_workflow_fix.md explicitly instructs the agent to run gh run list / gh run view --log-failed to fetch and interpret GitHub Actions runs and logs from the repository's GitHub (third‑party, user-generated content) and then make diagnosis and code changes based on that evidence, so external content can materially influence actions.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata