configuring-oauth2-authorization-flow

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's runtime scripts (scripts/agent.py and scripts/process.py) fetch and parse open/public OpenID Connect discovery documents from a user-supplied issuer (GET {issuer}/.well-known/openid-configuration) and use those fields to drive audits and token tests, meaning arbitrary third-party discovery metadata can be ingested and materially influence the agent's decisions and actions.