The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill uses a Makefile to download capture.js from Figma's official community plugin repository. This script is a known utility for serializing DOM elements into Figma's internal format.
[PROMPT_INJECTION]: Analysis of the extension logic shows it processes external data from webpages, which is a potential surface for indirect prompt injection if interpreted by an LLM.
Ingestion points: Webpage text and DOM structure are read by content.js for transformation.
Boundary markers: Not applicable as the data is transformed for design software rather than fed back into a language model prompt.
Capability inventory: The extension requests activeTab and clipboardWrite permissions to perform its capture task.
Sanitization: The code includes a shouldProcessElement filter that skips script and style tags, and a customCleanup function to strip data attributes, minimizing the processing of non-visual elements.

figma-capture-extension