go-jwt-middleware

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md (and references/setup.md) explicitly tells the agent to run public API/CLI calls—e.g., "gh api repos/auth0/go-jwt-middleware/releases/latest" and Auth0 CLI commands like "auth0 tenants list" / "auth0 apis list"—and to parse those external, public responses to choose dependency versions, tenants, and creation/authorization actions, meaning untrusted third‑party content is ingested and can influence tool use.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill explicitly tells the agent to run the GitHub API query (gh api repos/auth0/go-jwt-middleware/releases/latest -> https://api.github.com/repos/auth0/go-jwt-middleware/releases/latest) at runtime and to use the returned release tag to populate dependency/version lines, so remote content directly controls the agent's generated instructions.