lf-design-system

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly fetches and interprets user-provided Figma files via the Figma MCP calls (mcp__plugin_figma_figma__get_metadata, mcp__plugin_figma_figma__get_variable_defs, mcp__plugin_figma_figma__get_design_context) as required by the SKILL.md workflow, so untrusted, user-generated Figma content can directly influence parsing, token decisions, and subsequent actions.