github
Warn
Audited by Snyk on Mar 9, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). SKILL.md explicitly instructs using the GitHub CLI to fetch and view user-generated public GitHub content (e.g., "gh pr view", "gh issue view", "gh gist view", "gh browse", "gh api", "gh search code"), and those outputs are intended to be read/interpreted and can directly affect follow-up actions like reviews or merges.
Audit Metadata