design-system-ui

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly accepts "URLs" as design references in SKILL.md Step 1 and directs the agent to analyze design references (extract colors/typography) and use browser tools (mcp_browser_*) for visual verification, which means the agent will read and act on arbitrary third‑party web content that can materially influence its code generation and tooling decisions.