figma

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests user-generated Figma content from third-party API endpoints (e.g., GET https://api.figma.com/v1/files/:file_key, /nodes, /components, /images, /styles, /variables) and then parses that content (node text, styles, component data) to generate code and drive actions, so untrusted external content can materially influence tool behavior.