design-an-interface

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md "Gather external context" step explicitly instructs the agent to fetch and ingest user-provided Figma URLs, Linear tickets/URLs, and Notion pages/documents and to use that content to refine requirements and drive design decisions, exposing it to untrusted third-party (user-generated) content that can influence actions.