design-system

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly instructs the agent to access and ingest external Figma content (e.g., the Figma REST API endpoints like GET /v1/files/:key and the Figma MCP server mcpServers with capabilities such as get_design_context, get_variable_defs, and get_screenshot), which are user-generated/third‑party assets the agent is expected to read and interpret as part of its workflow.