clerk-incident-runbook

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.95). The runbook explicitly instructs fetching and interpreting public Clerk content (e.g., "Check Clerk status" and the curl to https://status.clerk.com/api/v1/status and references to the Clerk dashboard/Discord) and uses those external, user-facing sources to drive decisions like enabling emergency bypass or rollbacks, so untrusted third-party content could materially influence actions.