figma-design-generate

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow (SKILL.md "Process" and "Decision Rules") explicitly injests and interprets content from arbitrary web apps or production sites — e.g., "Capturing from a live web app or production site | Prompt the tool to use Playwright to inject the required script" and the tool opens a browser, injects a capture script, and converts page DOM/UI into editable Figma layers, which means untrusted third‑party page content is read and can influence subsequent actions.