skills/warpdotdev/oz-skills/github-issue-dedupe/Snyk

github-issue-dedupe

Warn

Audited by Snyk on Feb 16, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 1.00). The skill invokes the gh CLI to list and view GitHub issues (issue titles and full bodies) which are user-submitted, untrusted content from the repository's issue tracker, and the agent is expected to read and interpret those issue texts as part of its deduplication workflow.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

Potentially malicious external URL detected (high risk: 0.90). The workflow invokes an external GitHub Action and skill spec at runtime—uses: warpdotdev/warp-agent-action@v1 with skill_spec "warpdotdev/oz-skills:github-issue-dedupe" (e.g. https://github.com/warpdotdev/warp-agent-action and https://github.com/warpdotdev/oz-skills)—which will be fetched/executed at runtime and can supply prompts or executable agent logic.

Audit Metadata

Risk Level

MEDIUM

Analyzed

Feb 16, 2026, 12:20 AM