Overly broad authenticated user access

This rule detects security rules that grant access to any authenticated user (e.g., ".read": "auth !== null") without further scoping. This is often insecure as it allows any logged-in user to access data that should be private, violating the principle of least privilege.