claude-design

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly ingests external URLs and design files (e.g., design-critique: "If a Figma URL is provided, pull the design from Figma" and accessibility-review argument-hint "<Figma URL, URL, or description>"), so it reads untrusted third-party content that can influence analysis and downstream actions.