create-design-md

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow (see "Source Variants — Live URL" and Phase 1/Variant 1 in SKILL.md / references/source-variants.md) explicitly instructs invoking run-agent-browser to capture DOM, computed styles, linked CSS and assets from arbitrary live URLs, so the agent ingests and interprets untrusted public web content which can materially influence its extraction/decision steps and downstream tool actions.