figma-design-md-generator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The plugin and scripts explicitly extract styles from user-created Figma files (see "Usage Workflow → Extract Design Tokens" and the fetch example in scripts/fetch-figma-styles.ts), generate SKILL.md from that untrusted/user-generated content, and instruct AI agents to act on those generated SKILL.md files (see "Using SKILL.md with Claude Code"), so third-party file content can materially influence agent behavior.