figma-make-local-runner
Warn
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to clone a repository from an external GitHub account (
likang/figma-make-local-runner) which does not correspond to the skill author (Aradotso). - [COMMAND_EXECUTION]: The installation and setup process involves executing several shell commands, including
npm install,npm run dev, andnpm run build. These commands execute code (scripts and dependencies) defined in the external repository. - [REMOTE_CODE_EXECUTION]: By design, the skill environment uses custom Vite plugins (
removeVersionSpecifiersPlugin,figmaAssetPlugin) that dynamically modify source code and import paths during the build process. Since these are provided by the external repository, they represent a mechanism for arbitrary code manipulation. - [INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest and process data (exported code and assets) from an external source (Figma Make exports). While intended for development, this creates a surface where malicious instructions in the exported code could influence the agent's behavior during the setup or troubleshooting process.
Audit Metadata