octopus-ui-ux-design

CRITICAL E004: Prompt injection detected in skill instructions.

• Potential prompt injection detected (high risk: 0.90). The skill embeds deceptive override instructions (e.g., telling a dispatched subagent to "take precedence over all skill directives" and "Skip ALL skills") that attempt to override system/skill constraints and change agent behavior beyond the UI/UX design scope.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly instructs the agent to pull and ingest user-provided Figma content using get_design_context/get_screenshot ("If user provided a Figma URL" in STEP 4), which is untrusted, user-generated third‑party content the agent must read and use to drive design decisions, creating a clear indirect prompt-injection vector.