frontend-design

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md Figma Integration section instructs the agent to "Extract design context using get_design_context" from Figma (MCP) and then map those variables to the token system and generate code, which clearly requires ingesting user-/third-party Figma files (untrusted content) that directly influence decisions and actions—creating a vector for indirect prompt injection.