design-system-builder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow explicitly directs the agent to research public design trends (Path A) and to programmatically extract tokens from user-provided Figma file URLs via Figma MCP tools (Path C), which ingests untrusted third‑party/user-generated content that directly informs the design tokens and downstream agent actions.