figma-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill calls the Figma API (e.g., cmd_get -> "/files/{file_key}", cmd_nodes, cmd_comments in figma_skill.py and SKILL.md) and ingests user-generated Figma file content and comments, which the agent would read and could contain arbitrary instructions that influence subsequent actions.