design-compare

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches Figma nodes/images from the public Figma API (see scripts/export-figma-node.sh calling https://api.figma.com and the SKILL.md instruction to call mcp__figma__get_screenshot) and then requires the agent to read and interpret those untrusted, user-generated design images as part of its comparison workflow, which can materially influence analysis and next actions.