betterauth-fastapi-jwt-bridge

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill fetches and parses external JWKS/JWT data (e.g., get_jwks() in assets/jwt_verification.py and the scripts/verify_jwks.py / test_jwt_verification.py using the BETTER_AUTH_URL / user-provided JWKS URL), meaning it ingests and interprets content from an arbitrary public endpoint that could be controlled by third parties.