figma-generate-design

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's required workflow explicitly ingests and acts on content from user-supplied Figma files and linked/published libraries (e.g., "User should provide a Figma file URL / file key" and the Step 2 use of search_design_system / importComponentSetByKeyAsync /importVariableByKeyAsync to fetch components, variables, and styles), so untrusted, user-generated design data is read and directly drives tool actions and decisions.