anima-install-auth

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md Step 3 shows the agent calling anima.generateCode with a Figma fileKey (via the Anima and Figma APIs), which fetches user-generated/untrusted Figma content that the agent reads/inspects as part of verification and could influence subsequent behavior.