github
Warn
Audited by Snyk on Mar 10, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs using the gh CLI (e.g., "gh pr view", "gh issue list", "gh run view", "gh api") to fetch PRs, issues, CI logs and other content from GitHub repositories — public, user-generated sources that the agent would read and could materially influence subsequent actions.
Audit Metadata