ui-convert-mcp-validator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's validation workflow explicitly calls remote MCP servers (e.g., "Attempt to call a lightweight MCP tool" and "List available tools" for Figma/Penpot/Pencil) and reads those servers' responses to decide whether to proceed with writes, meaning it ingests untrusted third-party server content that can materially influence agent actions.