What is the core risk of using tx.origin for authorization?

tx.origin authorization can be bypassed if a user is tricked into calling an attacker contract, which then calls the target contract—tx.origin remains the user. This is a known insecure pattern in Ethereum security. Interviewers like it because it tests whether candidates understand call chains and why msg.sender + explicit access control is the correct boundary.