figma-developer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests arbitrary, user-created Figma content via the Figma REST API (see SKILL.md and references such as references/asset-export.md, references/design-tokens.md, and references/component-generation.md which call GET /v1/files/:key, GET /v1/images/:key, getFileComponents, getLocalVariables, etc.), and the agent parses that untrusted file/node/SVG data to generate code and CI actions — meaning third-party content can materially influence behavior and tooling decisions.