spoofing

LACK_OF_CODE_INPUT_DETECTED: The provided fragment is a skill specification/documentation, not executable/parsable code to review for spoofing threats. No sources, sinks, flows, or credential-handling behavior to assess. To perform a security review, supply the actual target code (e.g., authentication routes, token handling, TLS/configs) so we can evaluate against spoofing-threat patterns.