qa-test-planner

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill integrates with Figma MCP and explicitly accepts Figma URLs (user-provided public design files) to extract specifications and compare implementations, so the agent ingests untrusted third-party content from Figma as part of its workflow.