"Tell me about a time you discovered or inherited an API security risk—such as injection, unsafe input handling, or poor output encoding—and had to get it fixed quickly. Walk me through how you prioritized the work, influenced others to act, and what the outcome was."
