axure-prototype-workflow

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The workflow explicitly requires a user-provided Axure prototype URL and calls third‑party fetching tools (e.g., get_axure_sitemap, get_axure_screenshot, get_axure_text, get_page_theme) as shown in SKILL.md, asset-extraction.md, and page-restoration.md, meaning the agent ingests untrusted public prototype pages/images/text and uses that content to drive generation and actions, which could enable indirect prompt injection.