figma-create-design-system-rules

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The required workflow explicitly instructs the agent to call the Figma MCP server (create_design_system_rules, get_design_context, get_screenshot) and to download assets from the Figma MCP assets endpoint, meaning the agent will fetch and interpret user-generated Figma content that can materially influence implementation decisions and tool actions.