figma-to-spirit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly requires fetching and interpreting Figma design data (e.g., get_design_context, get_code_connect_map, get_screenshot) and mandates using CodeConnect/layer values to drive component selection and actions, meaning untrusted third‑party Figma content could influence agent behavior.