Lint OpenAPI specs for auth gaps, unsafe methods, schema weakness, data exposure, and rate-limit coverage