implementing-google-workspace-sso-configuration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's validator (scripts/process.py) fetches and parses arbitrary IdP metadata via requests.get(metadata_url) (and the workflows/README instruct downloading federation metadata), so untrusted third-party XML from arbitrary URLs is ingested and used to drive validation logic and subsequent actions.