implement

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly ingests external Figma content when a Figma URL is provided (see "If Figma URL provided — spawn figma-builder" and the mcp__figma__get_design_context / mcp__figma__get_screenshot calls), which are user-provided, third-party design files that the agents read and use to drive implementation decisions, so untrusted content could indirectly inject instructions.