detail

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's workflow explicitly instructs fetching design content from a third-party Figma URL (see "Figma Reference" and the mcp__figma__get_design_context call in Step 5), which would cause the agent to read user-generated/untrusted external content that can materially influence implementation decisions.