figma-generate-design

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly reads and imports content from user-provided Figma files and linked libraries (e.g., "User should provide... a Figma file URL / file key" and the required Step 2 flows using search_design_system, importComponentSetByKeyAsync, importVariableByKeyAsync), so arbitrary third‑party Figma content can be ingested and directly influence component/variable selection and subsequent actions.