fastapi-senior-dev

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required reference materials (e.g., references/security-auth.md, referenced from SKILL.md) include runtime HTTP fetches to external discovery/JWKS endpoints (/.well-known/openid-configuration and jwks_uri) and other external APIs (observability/microservices examples using httpx/ external-service.com), so the agent is explicitly expected to ingest untrusted third‑party content that can influence authentication and subsequent actions.