figma-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md workflow and references explicitly instruct the agent to extract fileKey/nodeId from Figma URLs and use tools like get_design_context and generate_figma_design to ingest Figma files and capture arbitrary web pages into Figma (see SKILL.md steps 1 and 5 and references/figma-skill.md), meaning the agent will read untrusted, user-generated third‑party content that can influence subsequent actions.