create-design-system-rules

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The required workflow explicitly calls the Figma MCP server tools (Step 1: create_design_system_rules and the Figma MCP Integration Rules requiring get_design_context, get_screenshot, asset downloads) to fetch user-provided Figma designs/assets which the agent must read and act on, so untrusted third-party content can directly influence tool use and decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill requires calling the Figma MCP server at runtime (e.g., the Figma MCP API described at https://developers.figma.com/docs/figma-mcp-server/) to fetch a "create_design_system_rules" prompt/template that directly controls agent instructions, and that external content is a required dependency.