peach-team

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill instructs ui-dev to load and parse arbitrary Figma URLs via the FigmaRemote MCP (see references/figma-workflow.md and ui-dev/fullstack-workflow sections where mcp__FigmaRemote__get_figma_data(url=...) is invoked), meaning the agent fetches and acts on untrusted third-party content that can influence generation and actions.