figma-comments

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.85). The required runtime workflow calls Figma’s REST API to fetch comment threads (scripts/get-comments.sh → curl .../v1/files/{file_key}/comments?as_md=true), and those comment bodies are outsider-authored free text that the script passes into the agent context via the command output (optionally as markdown).