firstrun

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill asks the user to paste a Figma template library URL (Step 4) and then calls MCP APIs (figma_navigate / figma_search_components / search_design_system / use_figma in Steps 5–7) to fetch and interpret component data from that external Figma file, which is untrusted user-provided third‑party content used to build config and drive subsequent actions.