theme-design

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow explicitly instructs the agent to navigate to and extract data from Figma URLs using "Figma MCP" and "Chrome MCP (Browser Automation)" ("Navigate to Figma URL → Open Pages... Click on page elements to extract"), which are untrusted/user-generated third‑party sources that the agent must read and interpret and that can change subsequent template/configuration actions.