Skills
skills/canonical/skills/retrospective-artifacts/Snyk

retrospective-artifacts

Warn

Audited by Snyk on Apr 28, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill's CREATE workflow explicitly fetches and ingests user-generated content from external URLs (GitHub/Jira/Mattermost) — see SKILL.md "Step 3: External context acquisition" and references/external-context-acquisition.md and the scripts/fetch_github_context.py, fetch_jira_context.py, fetch_mattermost_thread.py — and uses that content to build artifacts and set downstream flags, meaning third-party text can materially influence agent decisions and actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.90). The skill explicitly fetches and injects external content at runtime (e.g., GitHub PR/issue URLs such as https://github.com///(pull|issues)/ via the GitHub API https://api.github.com, plus Jira (https://.atlassian.net) and Mattermost (MM_URL) endpoints) into the artifact generation flow, which directly influences agent prompts and outputs.

Issues (2)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 28, 2026, 04:26 PM
Issues
2