design-implementation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches Figma designs via the Figma API as part of the required implement-feature and verification workflows (see workflows/implement-feature.md and documentation/examples.md), meaning it ingests external, user-provided design content that the agent uses to compare, decide iteration/fixes, and drive further actions—exposing it to untrusted third-party content capable of indirect prompt injection.