canvas-design-decomposition

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Mandatory triggers and Inputs explicitly require using live references, existing websites, competitor or reference URLs and Figma links (and even instructs pairing with nebula-scrape-url) so the agent will fetch and interpret untrusted third‑party web content as part of its decomposition workflow, which can materially change subsequent decisions and actions.