design-import

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests a Claude Design handoff bundle from a provided URL in Phase 1 ("Fetch the bundle (WebFetch if URL, Read if file)") and then directly consumes bundle fields (components, tsx_scaffold, tokens) that are inserted into agent prompts and drive scaffolding/decision logic (Phases 3–4), so untrusted third‑party content can materially influence subsequent tool actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill fetches a Claude Design handoff bundle at runtime (e.g. https://claude.ai/design/abc123) and injects fetched bundle fields like tsx_scaffold into agent prompts (design-to-code/orchestrator), so the external URL's content directly controls agent instructions and is required for the skill.