auth0-swift

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow (SKILL.md) explicitly instructs the agent to fetch live content from public third‑party sources—e.g., running gh api repos/auth0/Auth0.swift/releases/latest to obtain the SDK version and using the bootstrap scripts (scripts/bootstrap.mjs and scripts/utils/*.mjs) which call the Auth0 CLI / tenant APIs and even verify https://DOMAIN/.well-known/apple-app-site-association—and the agent parses and acts on those responses to decide dependency versions, create clients, and configure the project, so untrusted external content can materially influence its actions.