wireframe

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's Phase 0 pre-flight explicitly instructs scanning the brief for "github / Figma / image / .md attachments → dispatch ingestion skills", indicating it will fetch and ingest untrusted third‑party content (public GitHub/Figma/attachments) that the agent will read and use to drive design decisions and subsequent actions.