claude-design-system-hooks

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly includes workflows that fetch and ingest third‑party user content—e.g., "claude-design marketplace browse/install @community/..." (community plugins) and the Figma sync examples and "generate from Figma export" (uses FIGMA_TOKEN and fileKey / ./figma-export.json), which cause the agent to read and act on untrusted, user-generated external content.