pix

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill asks the user to paste a Figma link and then uses Figma MCP tools (get_screenshot, get_metadata, get_design_context, get_variable_defs, etc.) to fetch and parse that external, user-provided design content, which is untrusted third-party data the agent must read and interpret.