figma-designer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill ingests and analyzes arbitrary user-provided Figma files (via user-supplied Figma URLs and calls like figma_get_file / figma_get_nodes to the Figma MCP server), so it consumes untrusted, user-generated third-party content that the agent reads and interprets.