review-mr

Warn

Audited by Snyk on Jun 26, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.95). The required workflow fetches GitLab merge request details/commits/diffs/pipeline status via the GitLab MCP server (e.g., get_merge_request, get_merge_request_commits, get_merge_request_diffs), which ingests outsider-authored MR content (author’s title/messages, commit messages, and diff text) into the agent’s LLM context.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 26, 2026, 01:24 AM
Issues
1
Security Audit — snyk — review-mr