design-tokens

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly describes ingesting and validating arbitrary third‑party/user-provided token files (e.g., Figma exports like "figma-export.json", tokens/*.tokens.json and resolver files) and includes workflows/commands (jq checks, resolver builds, "Check this token file") that require the agent to read and interpret that untrusted JSON content.