qa-report

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Step 6 ("Validate Against Figma Designs") and references/figma_validation.md explicitly require extracting specifications from Figma via MCP queries (Figma URLs), which is user‑generated third‑party content that the agent ingests and uses to generate test cases and bug reports, so external content can materially influence its actions.