moai-domain-brand-design

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md's "Figma Integration" section states that when figma.enabled: true and a public Figma file URL is provided the skill will extract design tokens from that Figma file, which is an arbitrary public/third-party user-generated resource the agent must read and interpret to drive design decisions.