fastapi-auth-patterns

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The templates/supabase_auth.py integration initializes a Supabase client (create_client using SUPABASE_URL/SUPABASE_KEY) and calls supabase.auth.* to fetch and return user records and metadata at runtime, so the skill ingests and exposes user-provided/untrusted third‑party content from an external Supabase instance.