generate-design-md

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's required workflow (Step 1 in SKILL.md) explicitly fetches and ingests open/public third-party content — e.g., "Fetch the homepage HTML using web_fetch" and fetching linked stylesheets, public Storybook, Figma community files, and brand guideline pages — which the agent must read and use to generate DESIGN.md, enabling untrusted content to materially influence its outputs.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill explicitly performs runtime fetches of the target website's HTML/CSS via web_fetch (e.g., a user-supplied site such as https://stripe.com) and injects that remote content into the agent's context to drive the generation of the DESIGN.md, so these external URLs directly control the agent's outputs at runtime.