auth-ops

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's required documentation and example workflows explicitly fetch and consume public third‑party endpoints (e.g., isBreachedPassword calls https://api.pwnedpasswords.com/range/ and jwt verification uses createRemoteJWKSet('https://.../.well-known/jwks.json' in references/jwt-sessions.md)), and those external responses are parsed and used to make authentication/authorization decisions — exposing the agent to untrusted third‑party content that can influence behavior.