atmos-auth

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill performs authentication flows that fetch and interpret external IdP/token endpoints (e.g., the SAML provider "url" with "driver: Browser" in SKILL.md and the token_source.url setting in references/providers-and-identities.md, plus commands like atmos auth console --destination <url>), meaning it loads and parses third-party web/token content that can materially influence credentialing and subsequent actions.