design-analyzer

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill instructs fetching and downloading Figma asset URLs (noting they are valid for 7 days) and shows curl examples that embed those asset URLs verbatim, which forces the agent to handle and output secret-like signed URLs/tokens.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill actively fetches and ingests third-party design content from Figma URLs via the Figma MCP endpoints (mcp__plugin_figma_figma__get_design_context / get_screenshot) and reads uploaded screenshots/images with the Read tool, so untrusted/user-provided web-hosted or user-generated content is parsed and interpreted as part of its workflow.