figma-implement-design

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow explicitly instructs the agent to fetch and interpret arbitrary user-supplied Figma content (Step 2: get_design_context, Step 3: get_screenshot, and Step 4: download assets from the Figma MCP server assets endpoint), which are untrusted third-party sources and can materially influence code-generation and next actions.