ux-analyst

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs the agent to consume user‑provided Figma links, HTML/CSS demos, screenshots, and videos ("Use when users provide Figma links, screenshots, videos, or HTML demos"), which are untrusted/third‑party user-generated sources the agent will read and use to drive its behavioral/spec decisions.