Skills
skills/dotnet/maui/find-reviewable-pr/Snyk

find-reviewable-pr

Warn

Audited by Snyk on Mar 1, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The required PowerShell script (.github/skills/find-reviewable-pr/scripts/query-reviewable-prs.ps1) explicitly queries public GitHub repos (dotnet/maui and dotnet/docs-maui) and the MAUI project board via gh/api/GraphQL to ingest PR metadata, labels, and review info (user-generated, untrusted content) which the agent must read and which directly drives prioritization and next-action decisions.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 1, 2026, 02:35 AM