figma-to-swiftui

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests user-provided Figma content (user-supplied Figma URLs/node IDs) via MCP calls like get_design_context, get_screenshot, and get_variable_defs (see SKILL.md Steps 1–5 and references/asset-handling.md), so arbitrary third-party/user-generated Figma files and asset URLs are read and used to drive implementation decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill requires a live Figma MCP workflow and fetches user-provided Figma file URLs (e.g., https://www.figma.com/design/:fileKey/:fileName?node-id=3166-70147&m=dev) at runtime to retrieve design context and asset URLs which are injected into the agent's generation context, making the external Figma/MCP content a required runtime dependency that directly influences the agent's outputs.