odoo-frontend

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflows explicitly ingest and act on arbitrary third‑party content — e.g., the "Figma Integration Workflow" (uses a user-provided <figma_url> and the Figma MCP / python scripts/figma_converter.py to convert designs) and the "Chrome DevTools Integration Workflow" (accepts website URLs and runs scripts/devtools_extractor.py to extract styles from live sites) — so untrusted external content is parsed and used to drive code generation and actions, enabling indirect prompt injection.