figma-generate-component-doc

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.75). The required runtime path is use_figma running scripts/collect-component-data.js, which reads Figma node fields like node.description / node.descriptionMarkdown and node.annotations (outsider-authored free text from the Figma file) and returns them to the Node converter as JSON, which then parses/embeds that text into the LLM-bound Markdown context.