visual-testing

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Visual Testing Workflow explicitly navigates to arbitrary URLs (browser-devtools-cli ... go-to --url) and uses commands that extract and analyze page DOM/text (content get-as-html / get-as-text) and compares live pages with Figma files (figma compare-page-with-design), so it ingests untrusted public web and user-provided Figma content that can materially influence subsequent actions.