Skills
skills/jeremylongshore/claude-code-plugins-plus/coderabbit-prod-checklist/Snyk

coderabbit-prod-checklist

Warn

Audited by Snyk on Apr 4, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.70). The workflow's Step 3 "Review History Check" runs gh api calls to fetch PRs and review data from GitHub repos (user-generated, third-party content) and the script interprets that data to compute coverage and readiness, so external PR/review content could materially influence decisions.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 4, 2026, 03:46 PM
Issues
1