supabase-audit-auth-config

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill issues HTTP requests to arbitrary Supabase project auth endpoints (e.g., https://[project].supabase.co/auth/v1/ and the signup/settings responses shown in the curl examples) and parses those responses, meaning it consumes untrusted third-party content from user-provided public URLs that the agent will read and interpret.