wds-6-asset-generation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflows explicitly instruct the agent to connect to and read/refine external Figma files and other third‑party tools (see data/figma-mcp-integration.md, data/prototype-to-figma-workflow.md and MCP/figma integration docs), meaning the agent ingests user-generated content from external services which can influence decisions like token mapping, spec updates, and automated syncs.