auth-configs

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's RAG/document upload implementation (examples/lib/rag.ts and the document_chunks/document upload and chunkAndEmbedDocument/queryDocuments flow) ingests arbitrary user-uploaded documents and embeddings and feeds that content into AI prompts and searches, so the agent will read and interpret untrusted, user-generated third-party content.