pixel

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly directs the agent to use Figma MCP tools (e.g., get_design_context/get_screenshot) to fetch and interpret user-provided Figma designs from Figma URLs, which are untrusted third-party/user-generated content the agent will read as part of its workflow.