code-mode

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's examples and workflow (SKILL.md "Multi-tool Figma workflow" and "Chaining results between calls") show calling tools like figma_get_file_data with external URLs (e.g., https://www.figma.com/...) and parsing the returned file content to choose node IDs and drive subsequent tool calls, meaning untrusted third-party/user-generated content is ingested and can directly influence further tool use and decisions.