moai-workflow-design-import

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly ingests untrusted user-generated design content: Path A parses external Claude Design ZIP/HTML handoff bundles (including inline JSON/script blocks) and Path B1 invokes the meta-harness to generate a Figma extractor that fetches Figma files (third‑party user content), both of which are parsed and used to produce tokens/components that materially influence downstream actions.