qa-test-planner

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly integrates with Figma MCP and instructs the agent to fetch and interpret Figma design files via user-provided Figma URLs (e.g., "Get the button specifications from Figma file [URL]" / "Compare ... against Figma design [link]"), which are untrusted, user-generated third‑party content.