implementing-google-workspace-sso-configuration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's validator fetches and parses arbitrary IdP metadata and SSO endpoints from external URLs (see scripts/process.py: validate_idp_metadata uses requests.get(metadata_url) and validate_sso_configuration performs requests.head(idp_sso_url)), and the SKILL.md/workflows explicitly instruct downloading/using IdP metadata, so untrusted third-party content is ingested and can influence validation/actions.