opendesign-components

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's "Pixso MCP 设计稿识别指南" explicitly instructs calling Pixso APIs (e.g., mcp__pixso__getImage and getNodeDSL) to fetch design images and node DSL from Pixso—user-generated, third‑party design content that the agent is expected to read and use to decide components/props—so untrusted content can influence actions.