plaid

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's Design capability explicitly ingests user-provided screenshots, mockups, Figma URLs ("read via the Figma MCP") and live website references as part of its required workflow (see SKILL.md/README and references/design.md), meaning the agent reads/acts on untrusted third-party content that can influence downstream document generation and build actions.