build

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly pulls Figma design context and screenshots from user-provided Figma Dev Mode URLs via "Figma MCP" (see "Phase 1: Load Design Context") and then reads and uses that untrusted, user-generated content to drive code generation and the Playwright visual verification loop, so third-party content can materially influence agent actions.