Skills
skills/aradotso/design-skills/figma-design-md-plugin/Gen Agent Trust Hub

figma-design-md-plugin

Pass

Audited by Gen Agent Trust Hub on May 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructions specify cloning the source code repository from GitHub (github.com/bergside/design-md-figma.git) for development purposes.\n- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it extracts text from Figma files (such as style names and variable labels) and places it into generated markdown files which are then used as instructions for AI agents.\n
  • Ingestion points: Extraction points include figma.root.name, style.name, and collection.name within the plugin's extractDesignTokens function.\n
  • Boundary markers: The generated templates for DESIGN.md and SKILL.md use markdown headers and tables but do not include explicit security delimiters or 'ignore' instructions for the extracted data content.\n
  • Capability inventory: The plugin generates documentation and code tokens; it is restricted from network activity by its configuration (networkAccess: { "allowedDomains": ["none"] }).\n
  • Sanitization: The code snippets provided in the documentation do not include sanitization or escaping of the extracted Figma strings before they are interpolated into the generated markdown files.
Audit Metadata
Risk Level
SAFE
Analyzed
May 17, 2026, 11:20 PM