oauth2-oidc-implementer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill fetches and ingests external provider data at runtime—e.g., discoverOIDCConfig calls fetch(${issuer}/.well-known/openid-configuration), createRemoteJWKSet(new URL(config.jwks_uri)) loads remote keys, and fetchUserInfo calls the provider's userinfo_endpoint (and the providers map includes public APIs like GitHub/Google), which are untrusted third‑party endpoints whose returned metadata and user profile fields the agent reads and processes.