authentication-flow-rules

CRITICAL E004: Prompt injection detected in skill instructions.

• Potential prompt injection detected (high risk: 1.00). The Memory Protocol includes explicit commands to read and persist internal agent memory (e.g., "cat .claude/context/memory/learnings.md" and "Record any new patterns"), which are unrelated to OAuth guidance and instruct the agent to access/modify internal state — a hidden/deceptive instruction outside the skill's stated purpose.