pixel-perfect-ui

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill automatically accepts and extracts arbitrary Figma URLs/node IDs (e.g., mcp0_get_design_context, mcp0_get_screenshot and scripts/extract-and-implement.py --figma-url) and then reads and implements that design data, so it ingests untrusted third‑party (user-provided) content from the public web as part of its workflow.