codeql
Warn
Audited by Snyk on Feb 27, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The workflows explicitly download and load third‑party query/model packs and project dependencies from public sources (see workflows/run-analysis.md Step 2a and references/ruleset-catalog.md which call
codeql pack download trailofbits/...and GitHub community packs, plus npm/pip/go dependency installs), and those externally supplied packs and dependencies are executed/loaded and can change analysis behavior and subsequent actions.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.70). The skill contains runtime commands that fetch and install external CodeQL packs which are executed during analysis—for example the community pack reference (downloadable from https://github.com/GitHubSecurityLab/CodeQL-Community-Packs via the suggested
codeql pack download GitHubSecurityLab/CodeQL-Community-Packs-<Lang>and thecodeql pack install/codeql pack download trailofbits/...commands); these downloads provide query code that runs in the analysis workflow and are required for some workflows (e.g., Java diagnostics requirecodeql/java-all), so this is a runtime external dependency that executes remote code.
Audit Metadata