design-brief

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly instructs the agent to "analyze" a provided Figma link ("If a Figma link is provided and Figma MCP is set up, analyze it before writing"), which would cause the agent to fetch and interpret user-provided third-party content (Figma files) and thus could enable indirect prompt injection.