design-systems

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly invokes MCPs that query public third‑party sources — e.g., "Design Systems MCP (southleft/design-systems-mcp)" which searches 188+ public design systems (Material, Ant Design, Carbon, etc.) and "CSS MCP (stolinski/css-mcp)" which uses MDN documentation — so the agent ingests and acts on untrusted external web content that can influence component generation and subsequent actions.