web-design-expert

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Design-to-Code workflow in references/tooling-integration.md explicitly requires using a Figma MCP on a shared Figma file URL to extract colors, typography, images and component structure (and the MCP/21st.dev "inspiration" and "logo_search" tools search external sources), which ingests untrusted third‑party content that the agent is expected to read and that can materially influence subsequent generation/actions.