design-system

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Phase 0 "Reference Input" explicitly supports a "Website URL" that is fetched via WebFetch (SKILL.md Phase 0) and the fetched, user-provided public web content is analyzed and used to set smart defaults and as style anchors for later prompt construction and image generation, so untrusted third‑party content can materially influence subsequent tool use and prompts.