pixel

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Step 1 (For Figma Designs) and the MCP tools section explicitly instruct the agent to fetch and ingest Figma design data via get_design_context/get_screenshot from Figma URLs (public, user-created files), which the agent is required to read and use to drive implementation decisions, exposing it to untrusted third‑party content.