audit-design-system

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly accepts a Figma URL or fileKey and then uses Figma MCP read tools (get_design_context, get_screenshot, get_variable_defs, search_design_system, etc.) to fetch and interpret user-created Figma file content, so untrusted third-party content can directly influence audit findings and follow-up actions.