recipe-front-design

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's UI-analyzer step explicitly reads docs/project-context/external-resources.md and "fetches external UI sources via the inherited MCP/URL access methods," meaning it ingests arbitrary external URLs/public UI resources and uses those results in ui-spec-designer and technical-designer-frontend to drive design decisions and actions.